Re: [openssl.org #3516] OCSP Certificate Chain Response Handling

[Rob Stradling]

Duplicate of #2206 ?

On 05/09/14 08:35, Mehner, Carl via RT wrote:

OCSP response handling in /apps/ocsp.c
--
2014-06-25

The OCSP Documentation States
https://www.openssl.org/docs/apps/ocsp.html
Otherwise the OCSP responder certificate's CA is checked against the issuing CA 
certificate in the request. If there is a match and the OCSPSigning extended key usage is 
present in the OCSP responder certificate then the OCSP verify succeeds.

--Assumptions--
The flag '-issuer' in openSSL's ocsp application is what the responder's 
certificate's CA is checking against.
The 'responder's certificate's CA' means the certificate authority that is 
issuer of the ocsp signing certificate.


--What Happens--
When running the command:
openssl ocsp -no_nonce -issuer intermediary.cer -cert leaf.cer -CA root.cer 
-url http://ocsp.url

Validation of the OCSP responder certificate fails unless the issuer's cert is 
also in the file containing the root CA cert. The error messages are:
Response Verify Failure
8604:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify 
error:.\crypto\ocsp\ocsp_vfy.c:126:Verify error:unable to get local issuer 
certificate

However, if you specify a -CAfile that includes the same cert from the 
'-issuer' flag and the root CA cert that is the root of trust for the ocsp 
responder cert, you will get back a 'Response verify OK'

--What Should Happen--
If the certificate provided in the '-issuer' flag matches the CA certificate 
referenced in the OCSP responder's issuer field, the OCSP verify should succeed.

There should be no need to chain up to the root in this case as it would be a 
waste of time since that evaluation is already done on the issuer certificate 
provided with the '-issuer' flag when evaluating the chain of the certificate 
provided by the '-cert' flag outside of the OCSP validation process. If the 
leaf validation fails, there is no need to validate the OCSP chain, the 
connection will fail regardless.

However, if the anyone feels that the full chain needs to be validated, the 
validation procedure should be able to bridge the cert included on the 
'-issuer' flag with a single root specified on the '-CA' flag. (It currently 
does not.)

-cem


--
Rob Stradling
Senior Research  Development Scientist
COMODO - Creating Trust Online
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2354] [PATCH] Increase Default RSA Key Size to 2048-bits

[Rob Stradling]

This can presumably be resolved as fixed, given the commit on #2626 just 
now.


On 29/09/10 20:54, Rob Stradling via RT wrote:

NIST (SP800-57 Part 1) recommends a minimum RSA key size of 2048-bits beyond
2010.  From January 1st 2011, in order to comply with the current Microsoft[1]
and Mozilla[2] CA Policies, Commercial CAs will no longer be permitted to
issue certificates with RSA key sizes of 2048-bit.

Please accept the attached patch, which increases the default RSA key size to
2048-bits for the req, genrsa and genpkey apps.

Thanks.

[1] http://technet.microsoft.com/en-us/library/cc751157.aspx says:
we have advised Certificate Authorities...to transition their subordinate and
end-certificates to 2048-bit RSA certificates, and to complete this transition
for any root certificate distributed by the Program no later than December 31,
2010.

[2] https://wiki.mozilla.org/CA:MD5and1024 says:
December 31, 2010 – CAs should stop issuing intermediate and end-entity
certificates from roots with RSA key sizes smaller than 2048 bits. All CAs
should stop issuing intermediate and end-entity certificates with RSA key size
smaller than 2048 bits under any root.

Rob Stradling
Senior Research  Development Scientist
COMODO - Creating Trust Online
Office Tel: +44.(0)1274.730505
Office Fax: +44.(0)1274.730909
www.comodo.com

COMODO CA Limited, Registered in England No. 04058690
Registered Office:
   3rd Floor, 26 Office Village, Exchange Quay,
   Trafford Road, Salford, Manchester M5 3EQ

This e-mail and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the sender by replying
to the e-mail containing this attachment. Replies to this email may be
monitored by Comodo for operational or business reasons. Whilst every
endeavour is taken to ensure that e-mails are free from viruses, no liability
can be accepted and the recipient is requested to use their own virus checking
software.



--
Rob Stradling
Senior Research  Development Scientist
COMODO - Creating Trust Online
Office Tel: +44.(0)1274.730505
Office Fax: +44.(0)1274.730909
www.comodo.com

COMODO CA Limited, Registered in England No. 04058690
Registered Office:
  3rd Floor, 26 Office Village, Exchange Quay,
  Trafford Road, Salford, Manchester M5 3EQ

This e-mail and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they are 
addressed.  If you have received this email in error please notify the 
sender by replying to the e-mail containing this attachment. Replies to 
this email may be monitored by COMODO for operational or business 
reasons. Whilst every endeavour is taken to ensure that e-mails are free 
from viruses, no liability can be accepted and the recipient is 
requested to use their own virus checking software.

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #3519] BUG: incorrect handling of 'CAfile' and 'CApath' defaults

[Mihaly Barasz via RT]

Please, see my pull request on GitHub:
https://github.com/openssl/openssl/pull/170
Description from the pull request:

This commit has security implications for simple clients that use
openssl s_client. To demostrate the issue described in the commit
message do:

openssl s_client -connect github.com:443 -verify_return_error -quiet
-verify 100 -CAfile my_ca.pem

Where my_ca.pem is any certificate file other than the one that
actually signed github's cert. This should fail, but it currently
succeeds.

This pull request fixes that. Together with the annoyance that if you
don't specify a CAfile in the above command it fails, though it should
have succeeded. :)

Discovered and debugged together with @errge.

The intention was obviously to use the user-specified CAfile and
CApath and if that fails (eg. user didn't specify anything) to use the
defaults. Having || instead of  has two implications:

1. If the user doesn't specify anything, we don't use the defaults, so
verification will always fail. This is mostly a nuisance.

2. If the user does specify something for CAfile or CApath, we will
load the defaults too. Which have security implications: A simple
client implementation with openssl s_client that wants to check that
it's talking to the right server by specifying a private CAfile fails
to achieve the promised security (as the server's certificate will
also be checked against the default CA list).

Best,
Mihaly Barasz

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #3520] [PATCH] 1.0.1e: Configure: Correctly Handle GCC/clang/LLVM -arch and -isysroot Options

[Grant Erickson via RT]

Correctly handle '-arch' and '-isysroot' GCC/clang/LLVM
options when compiling for Mac OS X or iOS using targets such as
BSD-generic32 in which the external environment passes in the processor
architecture and toolchain root.

---
 openssl/Configure | 12 +++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/openssl/Configure b/openssl/Configure
index 9c803dc..524201d 100755
--- a/openssl/Configure
+++ b/openssl/Configure
@@ -742,6 +742,7 @@ my $no_sse2=0;
 
 usage if ($#ARGV  0);
 
+my $expect_option=0;
 my $flags;
 my $depflags;
 my $openssl_experimental_defines;
@@ -790,7 +791,12 @@ PROCESS_ARGS:
s /^zlib$/enable-zlib/;
s /^zlib-dynamic$/enable-zlib-dynamic/;
 
-   if (/^no-(.+)$/ || /^disable-(.+)$/)
+   if ($expect_option == 1)
+  {
+  $flags .= $_ .  ;
+  $expect_option = 0;
+  }
+   elsif (/^no-(.+)$/ || /^disable-(.+)$/)
{
if (!($disabled{$1} eq experimental))
{
@@ -873,6 +879,10 @@ PROCESS_ARGS:
}
elsif (/^-[^-]/ or /^\+/)
{
+   if (/^-arch$/ or /^-isysroot$/)
+{
+$expect_option=1;
+}
$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
$flags.=$_. ;
}
-- 
2.1.0

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #3521] [PATCH] 1.0.1e: Configure: Correctly Handle GCC --sysroot Option

[Grant Erickson via RT]

Correctly handle '--sysroot' GCC toolchain option when compiling for the 
Android NDK using targets such as linux-generic32 in which the external
environment passes in the toolchain root.

---
 openssl/Configure | 4 
 1 file changed, 4 insertions(+)

diff --git a/openssl/Configure b/openssl/Configure
index 524201d..29c8ec6 100755
--- a/openssl/Configure
+++ b/openssl/Configure
@@ -930,6 +930,10 @@ PROCESS_ARGS:
{
$cross_compile_prefix=$1;
}
+   elsif (/^--sysroot=(.*)$/)
+   {
+   $flags.=$_. ;
+   }
else
{
print STDERR $usage;
-- 
2.1.0

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #3522] [PATCH] 1.0.1e: Configure: Allow the apps, test and tools directories to be configured out of DIRS.

[Grant Erickson via RT]

In exceedingly minimal libcrypto-only configurations of OpenSSL such as:

no-lock no-threads no-shared no-zlib no-idea no-camellia no-seed no-bf 
no-cast no-des no-rc2 no-rc4 no-rc5 no-md2 no-md4 no-ripemd no-mdc2 
no-rsa no-dsa no-dh no-whirlpool no-cms no-dgram no-sock no-ssl2 no-ssl3 
no-err no-krb5 no-apps no-engine no-test no-tools no-hw no-dso 
no-devrandom no-sha512 no-dir no-egd no-tty no-srtp no-speed 
no-tlsext

none of the 'apps', 'test', nor 'tools' subdirectories can be successfully
built. Where the package configurator so chooses, allow these directories
to be configured out of DIRS as 'engine' may be.
---
 openssl/Configure | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/openssl/Configure b/openssl/Configure
index 29c8ec6..8cfc697 100755
--- a/openssl/Configure
+++ b/openssl/Configure
@@ -1607,7 +1607,10 @@ while (IN)
}
}
$sdirs = 0 unless /\\$/;
+s/apps // if (/^DIRS=/  $disabled{apps});
 s/engines // if (/^DIRS=/  $disabled{engine});
+s/test // if (/^DIRS=/  $disabled{test});
+s/tools// if (/^DIRS=/  $disabled{tools});
s/ccgost// if (/^ENGDIRS=/  $disabled{gost});
s/^VERSION=.*/VERSION=$version/;
s/^MAJOR=.*/MAJOR=$major/;
-- 
2.1.0

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: OPenssl 20140909 issues

[Mike Bland]

Is the top-level rehash target not getting executed? It should be a
dependency of test (via the tests target).

Mike

On Tue, Sep 9, 2014 at 1:41 AM, The Doctor doc...@doctor.nl2k.ab.ca wrote:
 Just found this in the latest openssl 1.0.2 snapshot


 Script started on Mon Sep  8 23:19:16 2014
 doctor.nl2k.ab.ca//usr/source/openssl-1.0.2-stable-SNAP-20140909$ make test
 testing...
 (cd ..; make DIRS=crypto all)
 making all in crypto...
 ar  r ../libcrypto.a cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o 
 cpt_err.o ebcdic.o  uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o 
 fips_ers.o mem_clr.o
 test -z  || ar  r ../libcrypto.a fipscanister.o
 /usr/bin/ranlib ../libcrypto.a || echo Never mind.
 making all in crypto/objects...
 making all in crypto/md2...
 making all in crypto/md4...
 making all in crypto/md5...
 making all in crypto/sha...
 making all in crypto/mdc2...
 making all in crypto/hmac...
 making all in crypto/ripemd...
 making all in crypto/whrlpool...
 making all in crypto/des...
 making all in crypto/aes...
 making all in crypto/rc2...
 making all in crypto/rc4...
 making all in crypto/rc5...
 making all in crypto/idea...
 making all in crypto/bf...
 making all in crypto/cast...
 making all in crypto/camellia...
 making all in crypto/seed...
 making all in crypto/modes...
 making all in crypto/bn...
 making all in crypto/ec...
 making all in crypto/rsa...
 making all in crypto/dsa...
 making all in crypto/ecdsa...
 making all in crypto/dh...
 making all in crypto/ecdh...
 making all in crypto/dso...
 making all in crypto/engine...
 making all in crypto/buffer...
 making all in crypto/bio...
 making all in crypto/stack...
 making all in crypto/lhash...
 making all in crypto/rand...
 making all in crypto/err...
 making all in crypto/evp...
 making all in crypto/asn1...
 making all in crypto/pem...
 making all in crypto/x509...
 making all in crypto/x509v3...
 making all in crypto/conf...
 making all in crypto/txt_db...
 making all in crypto/pkcs7...
 making all in crypto/pkcs12...
 making all in crypto/comp...
 making all in crypto/ocsp...
 making all in crypto/ui...
 making all in crypto/krb5...
 making all in crypto/cms...
 making all in crypto/pqueue...
 making all in crypto/ts...
 making all in crypto/jpake...
 making all in crypto/srp...
 making all in crypto/store...
 making all in crypto/cmac...
 if [ -n libcrypto.so.1.0.0 libssl.so.1.0.0 ]; then  (cd ..; make 
 libcrypto.so.1.0.0);  fi
 [ -z  ] || gcc3 -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS 
 -pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DPERL5 
 -DL_ENDIAN -DTERMIOS -fomit-frame-pointer -O2 -Wall -g 
 -DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_EXPERIMENTAL_LIBUNBOUND 
 -DOPENSSL_EXPERIMENTAL_STORE -DOPENSSL_BN_ASM_PART_WORDS 
 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
 -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DGHASH_ASM -Iinclude  
 -DFINGERPRINT_PREMAIN_DSO_LOAD -o fips_premain_dso   fips_premain.c 
 fipscanister.o  libcrypto.a -lgmp -ldl -lm -lc
 (cd ..; make DIRS=ssl all)
 making all in ssl...
 if [ -n libcrypto.so.1.0.0 libssl.so.1.0.0 ]; then  (cd ..; make 
 libssl.so.1.0.0);  fi
 [ -z  ] || gcc3 -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS 
 -pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DPERL5 
 -DL_ENDIAN -DTERMIOS -fomit-frame-pointer -O2 -Wall -g 
 -DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_EXPERIMENTAL_LIBUNBOUND 
 -DOPENSSL_EXPERIMENTAL_STORE -DOPENSSL_BN_ASM_PART_WORDS 
 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
 -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DGHASH_ASM -Iinclude  
 -DFINGERPRINT_PREMAIN_DSO_LOAD -o fips_premain_dso   fips_premain.c 
 fipscanister.o  libcrypto.a -lgmp -ldl -lm -lc
 ( :;LIBDEPS=${LIBDEPS:-../libssl.a ../libcrypto.a  -lgmp -ldl -lm -lc}; 
  LDCMD=${LDCMD:-gcc3}; LDFLAGS=${LDFLAGS:--fPIC -DOPENSSL_PIC 
 -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -pthread -D_THREAD_SAFE -D_REENTRANT 
 -DDSO_DLFCN -DHAVE_DLFCN_H -DPERL5 -DL_ENDIAN -DTERMIOS -fomit-frame-pointer 
 -O2 -Wall -g -DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_EXPERIMENTAL_LIBUNBOUND 
 -DOPENSSL_EXPERIMENTAL_STORE -DOPENSSL_BN_ASM_PART_WORDS 
 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM 
 -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DGHASH_ASM};  LIBPATH=`for x 
 in $LIBDEPS; do echo $x; done | sed -e 's/^ *-L//;t' -e d | uniq`;  
 LIBPATH=`echo $LIBPATH | sed -e 's/ /:/g'`;  
 LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH  ${LDCMD} ${LDFLAGS} -o 
 ${APPNAME:=heartbeat_test} heartbeat_test.o ${LIBDEPS} )
 making all in apps...
 (cd ..; make DIRS=crypto all)
 making all in crypto...
 ar  r ../libcrypto.a cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o 
 cpt_err.o ebcdic.o  uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o 
 fips_ers.o mem_clr.o
 test -z  || ar  r ../libcrypto.a fipscanister.o
 /usr/bin/ranlib ../libcrypto.a || echo Never mind.
 making all in crypto/objects...
 making all in crypto

Re: OPenssl 20140909 issues

[Viktor Dukhovni]

On Mon, Sep 08, 2014 at 11:41:42PM -0600, The Doctor wrote:

 ls: error initializing month strings

The literal string month does not appear in OpenSSL 1.0.2 source
code.  You're probably compiling in a locale not supported by your
system.  ls -l is unable to format the date.

-- 
Viktor.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2642] Bug Report: s_client uses forged/blacklisted EHLO hostname in smtp

[Rich Salz via RT]

Fixed in https://github.com/akamai/openssl/tree/rsalz-monolith/apps to be part
of post-1.0.2

commit 90899ae82e14ecbfbeac6fc47757470f9a0a9b80
Author: Rich Salz rs...@akamai.com
Date: Tue Sep 9 10:22:01 2014 -0400

RT2642: Allow EHLO hostname to be specified.

Add -smtphost flag, to specify the host used in the
SMTP EHLO message.

--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #3519] BUG: incorrect handling of 'CAfile' and 'CApath' defaults

[Rich Salz via RT]

This is a duplicate of RT2936, fixed in
https://github.com/akamai/openssl/tree/rsalz-monolith which will be part of
post-1.0.2
commit 3938694b2a770efad980c947b68981b110e784d6
Author: Rich Salz rs...@akamai.com
Date: Fri Aug 15 14:27:04 2014 -0400

PR 2936, etc: Consistently use default cert dir

All apps that have -CApath and -CAfile now are consistent and
call common code to use the specified parameters, or use
the default file/dir if none are specified.

--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2932] smime cmdline utility ignores errors

[Rich Salz via RT]

Fixed in https://github.com/akamai/openssl/tree/rsalz-monolith/apps for
inclusion after 1.0.2
(The RAND_xxx issue was already fixed)

commit 16365c8dc390e1cb29a4f64c9b3450d89532a960
Author: Dmitry Belyavsky beld...@gmail.com
Date: Tue Sep 9 12:09:32 2014 -0400

RT2932: Catch write errors

Don't ignore the return value when writing PKCS7.

--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2956] incomplete archive

[Rich Salz via RT]

the link's good now.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2991] Certifacte verification with a RSA-SHA512 hash algorithm fails

[Rich Salz via RT]

SLS_library_init only loads the algorithms needed by SSL/TLS ciphersuites.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2966] OpenSsl Library crashed,

[Rich Salz via RT]

Not enough information to reproduce the problem.
Most likely application bug that is romping on memory.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2982] Security Advisory as of 2013-02-05

[Rich Salz via RT]

Right, 1.0.1d had an error in the fix. Update the advisory to point to 1.0.1e
or later.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2938] [PATCH] Severe resource leak in tls_P_hash() (v1.0.1 and up)

[Rich Salz via RT]

From an internal review of the patch:
Contexts are meant to be reused and (for example) reusing the same context and
digest avoids having to reallocate a buffer for the internal context structure.

I think this might actually be a problem in the ENGINE not handling reuse
properly, or the EVP API not having a way to signal reuse properly.

Either way I don't think this is the correct fix.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #3263] BUG: loading a config file from a drive with no media results in exit(1)

[Rich Salz via RT]

OPENSSL_config is a very simple-minded API.
If the config file is on a drive that isn't available, and since the API exits
on error, it's working as designed. Closing ticket.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #3506] [PATCH] Fix typos in ssltest.c.

[Rich Salz via RT]

Fixed in master and 1.0.2
OpenSSL_1_0_2-stable 283a8fd RT3506: typo's in ssltest
HEAD 4eadd11 RT3506: typo's in ssltest

Author: Kurt Cancemi k...@x64architecture.com
Date: Tue Sep 9 13:48:00 2014 -0400

RT3506: typo's in ssltest

Reviewed-by: Dr. Stephen Henson st...@openssl.org
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #1766] [PATCH] s_client -reconnect and -starttls don't work together

[Rich Salz via RT]

Fixed in https://github.com/akamai/openssl/tree/rsalz-monolith/apps to be
intergrated after 1.0.2

commit 07cae301ea569173e18ae585caa1457660baf024
Author: John Gardiner Myers jgmy...@proofpoint.com
Date: Tue Sep 9 14:12:42 2014 -0400

RT1766: s_client -reconnect and -starttls broke

Using both -starttls and -reconnect don't work
because the flag to specify starttls is cleared
before the reconnect happens. Only do that if
we're no reconnecting.

--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2100] RAND_poll can be incredibly slow on Windows7 due to Heap32Next

[Rich Salz via RT]

timer-limiting for windows heap-walking, etc., seems to have been implemented
some time ago.
Closing ticket.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2176] OPENSSL_ia32cap_loc() inconsistent

[Rich Salz via RT]

This incompatible change was made five years ago; nothing to do now.
Closing ticket.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2938] [PATCH] Severe resource leak in tls_P_hash() (v1.0.1 and up)

[Andrey Kulikov via RT]

Indeed,

Improved version of the patch are in:
[openssl.org #2937] Handshake performance degradation in 1.0.1 and up.

On 9 September 2014 21:16, Rich Salz via RT r...@openssl.org wrote:

 From an internal review of the patch:
 Contexts are meant to be reused and (for example) reusing the same context
 and
 digest avoids having to reallocate a buffer for the internal context
 structure.

 I think this might actually be a problem in the ENGINE not handling reuse
 properly, or the EVP API not having a way to signal reuse properly.

 Either way I don't think this is the correct fix.
 --
 Rich Salz, OpenSSL dev team; rs...@openssl.org



__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2938] [PATCH] Severe resource leak in tls_P_hash() (v1.0.1 and up)

[Andrey Kulikov]

Indeed,

Improved version of the patch are in:
[openssl.org #2937] Handshake performance degradation in 1.0.1 and up.

On 9 September 2014 21:16, Rich Salz via RT r...@openssl.org wrote:

 From an internal review of the patch:
 Contexts are meant to be reused and (for example) reusing the same context
 and
 digest avoids having to reallocate a buffer for the internal context
 structure.

 I think this might actually be a problem in the ENGINE not handling reuse
 properly, or the EVP API not having a way to signal reuse properly.

 Either way I don't think this is the correct fix.
 --
 Rich Salz, OpenSSL dev team; rs...@openssl.org

Re: [openssl.org #3502] nameConstraints bypass bug: a fix, or some approximation thereto

[John Denker via RT]

On 08/22/2014 12:26 PM, Salz, Rich wrote:
 It'd be good to fix this.

Behold a patch that seems to fix it:
  https://www.av8n.com/openssl/bypass-bugfix.diff

The code seems pretty straightforward to me, but on the
other hand, I have very little experience coding in the
openssl environment, so I might be overlooking something.
Somebody should check this pretty closely.

A simple way to exhibit the bug (and the fix) as follows:

Desired behavior:
  openssl verify -CAfile av8n-root-ca-cert.pem bypass.jdenker.com-cert.pem
  bypass.jdenker.com-cert.pem: C = US, CN = bypass.jdenker.com
  error 47 at 0 depth lookup:permitted subtree violation

Observed (unfixed) behavior:
  openssl verify -CAfile av8n-root-ca-cert.pem bypass.jdenker.com-cert.pem
  bypass.jdenker.com-cert.pem: OK
which is a security lapse.

The demonstration certs can be found at:
  https://www.av8n.com/openssl/av8n-root-ca-cert.pem
  https://www.av8n.com/openssl/bypass.jdenker.com-cert.pem


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #1909] bug report: OpenSSL can generate invalid version 1 certificates

[Rich Salz via RT]

OpenSSL_1_0_2-stable 8c0d19d RT1909: Omit version for v1 certificates
HEAD 1f18f50 RT1909: Omit version for v1 certificates

Author: Geoff Keating geo...@apple.com
Date: Tue Sep 9 14:28:54 2014 -0400

RT1909: Omit version for v1 certificates

When calling X509_set_version to set v1 certificate, that
should mean that the version number field is omitted.

Reviewed-by: Dr. Stephen Henson st...@openssl.org
;
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2938] [PATCH] Severe resource leak in tls_P_hash() (v1.0.1 and up)

[Rich Salz via RT]

Closing this in favor of 2937
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #1165] Bug Report

[Rich Salz via RT]

Not enough information to reproduce the defect, closing the ticket.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2560] missing NULL pointer check in ocsp_req_find_signer

[Rich Salz via RT]

This can't happen. It's an internal function and never gets NULL
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2519] crash when using newly-defined ASN1_SEQUENCE macros in Windows with elements that are also newly-defined SEQUENCEs...

[Rich Salz via RT]

Local config error.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2537] potential use of uninitialized variable in x509_lu.c

[Rich Salz via RT]

The analysis seems wrong, getting confused by the union.
closing ticket.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2570] Timing related bug in openssl pkcs

[Rich Salz via RT]

sorry, you can't use stdin twice. we have no control over system buffering,
among other things.
closing file.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2503] openssl-1.0.0d build bug ? i686 build does not define AES_unwrap_key and other symbols on x86_64

[Rich Salz via RT]

Local error.
Other tickets are tracking makefile changes, so closing this one.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2629] finalize MD2 removal

[Rich Salz via RT]

fixed earlier on https://github.com/akamai/openssl/tree/rsalz-monolith
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #3512] SSL_MODE_ENABLE_PARTIAL_WRITE does not work in DTLS

[Rich Salz via RT]

Partial writes don't work for UDP.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #3271] OpenSSL 1.0.2 Beta 1 Solaris 10 Sparc Shell error during make install

[Rich Salz via RT]

OpenSSL_1_0_2-stable e61c648 RT3271: Don't use if ! in shell lines
HEAD b999f66 RT3271: Don't use if ! in shell lines

Merge: 843921f b999f66
Author: Rich Salz rs...@openssl.org
Date: Tue Sep 9 17:06:40 2014 -0400

Merge branch 'master' of git.openssl.org:openssl

Previous commit was reviewed by Geoff, not Stephen:
Reviewed-by: Geoff Thorpe ge...@openssl.org

--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #3192] [PATCH] Fix spurious error in DSA verification failure

[Rich Salz via RT]

OpenSSL_1_0_2-stable f33ce36 RT3192: spurious error in DSA verify
HEAD eb63bce RT3192: spurious error in DSA verify

Author: Matt Caswell m...@openssl.org
Date: Tue Sep 9 16:50:06 2014 -0400

RT3192: spurious error in DSA verify

This is funny; Ben commented in the source, Matt opend a ticket,
and Rich is doing the submit. Need more code-review? :)

Reviewed-by: Dr. Stephen Henson st...@openssl.org
;
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2196] openssl1.0.0beta5 problems on FreeBSD

[Rich Salz via RT]

The perl issues aren't reproducible; maybe fixed now if there was a problem.
Make issues are being tracked in (several) other tickets.
The README/rt issue is fixed:
OpenSSL_1_0_2-stable 3aa2d2d RT2196: Clear up some README wording
HEAD 468ab1c RT2196: Clear up some README wording

Author: Rich Salz rs...@openssl.org
Date: Tue Sep 9 17:41:46 2014 -0400

RT2196: Clear up some README wording

Say where to email bug reports.
Mention general RT tracker info in a separate paragraph.

Reviewed-by: Tim Hudson t...@openssl.org
;
--
Rich Salz, OpenSSL dev team; rs...@openssl.org

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2962] [patch] openssl s_{client,server} improvements for Kerberos

[Richard Silverman via RT]

On Tue, 9 Sep 2014, Rich Salz via RT wrote:

 Fixed in https://github.com/akamai/openssl/tree/rsalz-monolith/apps for
 integration after 1.0.2

 commit f4f79df1a2e1d295e93afe68691499ec034b76ad
 Author: Richard Silverman r...@qoxp.net
 Date: Tue Sep 9 12:37:27 2014 -0400

 RT2962: add -keytab and -krb5svc flags.

 Add -keytab and -krb5svcd flags to s_client and s_server.

 I (rsalz) also udpated the documentation.

Thanks!

 (And I like your GIT pocket guide :)

Glad to hear it. :)

-- 
   Richard


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org