Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
Control: -1 severity important Quack, This problem is solved in unstable and should not prevent this package from entering testing. \_o< -- Marc Dequènes
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
I literally poked that patch into debian/patches{/series}, quilt applied it and rebuilt, and it started working for me. Maybe there's something different about our configs? Strange, that patch seems to slightly change how the hardcoded dh params are loaded, but it doesn't seem to change the size of them or anything. It seems that more recently commit 6b3844987509517dad6e41391d9142b867266b8b ripped out the hardcoded dh parameters and replaced them with a system for loading them from files, but that seems too intrusive for a stable update. I am just taking a flyby look at rc bugs, but if this was my package I would propose a patch replacing the hardcoded 1024 bit parameters with hardcoded 4096 bit parameters as a minimally intrusive fix for stable.
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
Control: unblock 907015 by -1 On Sat, Sep 29, 2018 at 06:53:27PM +0200, Sebastian Andrzej Siewior wrote: > On 2018-08-29 11:38:54 [-0600], dann frazier wrote: > > > > error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small > > > > > > > > I found that backporting bip 0.9.0~rc3-1 to jessie worked. I further > > > > found > > > > that just cherry-picking the following commit back to bip 0.8.9 seems > > > > to be > > > > sufficient: > > > > > > > > 39414f8 Handle OpenSSL version 1.1 > > > > > > I just tried backporting commit 39414f8 to the bip version in stretch, > > > and it doesn't really fix the issue. There is probably some other commit > > > that is needed. > > > > I literally poked that patch into debian/patches{/series}, quilt > > applied it and rebuilt, and it started working for me. Maybe there's > > something different about our configs? I'm not sure. I just tried it again with the same results. My config file is attached, with just the sensitive parts obscured. It doesn't seem to have anything related to this. In the end, I solved my personal problem by building a backport of the version in testing, and that just works. > May I ask what is the problem here is? It looks like DH key is less than > 1024bits in size. This is not per-se an openssl problem but "policy" > (which could be changed but I suggest to update the key instead). The problem is between clients with libssl 1.1.1 and bip from stable. bip uses keys that are too small, which are rejected by default by those clients due to the new default policy. > If there is anything that needs to be fixed in bip in order to work > (like missing SNI) then I would add a versioned BREAK to #907015 (after > an upload so please let me know). Since this is a problem between openssl on the client and bip on the server, adding a Breaks: does not really help with anything. > Otherwise I would unbreak this bug with #907015. Yes, I don't think it makes sense to clock openssl on this; the version of bip in testing/unstable is OK. ip = "0.0.0.0"; port = 1; client_side_ssl = true; client_side_ssl_pem = "/var/lib/bip/bip.pem"; log_level = 3; pid_file="/var/run/bip/bip.pid"; log_root = "/var/log/bip/"; backlog_lines = 0;# number of lines in backlog, 0 means no limit backlog_msg_only = true; # only include useful content in backlog network { name = "oftc"; ssl = true; server { host = "irc.oftc.net"; port = 6697; }; }; network { name = "freenode"; ssl = true; server { host = "irc.freenode.net"; port = 6697; }; }; network { name = "gimpnet"; ssl = true; server { host = "irc.gimp.org"; port = 6697; }; }; user { name = "terceiro"; password = ""; ssl_check_mode = "ca"; ssl_check_store = "/etc/ssl/certs"; default_nick = "terceiro"; default_user = "terceiro"; default_realname = "Antonio Terceiro"; connection { name = "oftc";# used by bip only network = "oftc"; # which ircnet to connect to follow_nick = true; ignore_first_nick = true; no_client_away_msg = "currently disconnected"; on_connect_send = "PRIVMSG NickServ :IDENTIFY "; }; connection { name = "freenode";# used by bip only network = "freenode"; # which ircnet to connect to follow_nick = true; ignore_first_nick = true; no_client_away_msg = "currently disconnected"; on_connect_send = "PRIVMSG NickServ :IDENTIFY "; }; connection { name = "gimpnet"; # used by bip only network = "gimpnet"; # which ircnet to connect to follow_nick = true; ignore_first_nick = true; no_client_away_msg = "currently disconnected"; on_connect_send = "PRIVMSG NickServ :IDENTIFY "; }; }; # vim: ft=conf signature.asc Description: PGP signature
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
On 2018-08-29 11:38:54 [-0600], dann frazier wrote: > > > error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small > > > > > > I found that backporting bip 0.9.0~rc3-1 to jessie worked. I further found > > > that just cherry-picking the following commit back to bip 0.8.9 seems to > > > be > > > sufficient: > > > > > > 39414f8 Handle OpenSSL version 1.1 > > > > I just tried backporting commit 39414f8 to the bip version in stretch, > > and it doesn't really fix the issue. There is probably some other commit > > that is needed. > > I literally poked that patch into debian/patches{/series}, quilt > applied it and rebuilt, and it started working for me. Maybe there's > something different about our configs? May I ask what is the problem here is? It looks like DH key is less than 1024bits in size. This is not per-se an openssl problem but "policy" (which could be changed but I suggest to update the key instead). If there is anything that needs to be fixed in bip in order to work (like missing SNI) then I would add a versioned BREAK to #907015 (after an upload so please let me know). Otherwise I would unbreak this bug with #907015. Sebastian
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
On Tue, Aug 28, 2018 at 09:53:58AM -0300, Antonio Terceiro wrote: > On Thu, Aug 23, 2018 at 03:24:52PM -0600, dann frazier wrote: > > Package: bip > > Version: 0.8.9-1.1 > > Severity: normal > > Tags: patch > > > > I run bip on a stretch system, and connect to it from a hexchat client on > > sid. After a recent upgrade of the client, which pulled in openssl 1.1, > > hexchat began failing to connect to my server with the message: > > > > error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small > > > > I found that backporting bip 0.9.0~rc3-1 to jessie worked. I further found > > that just cherry-picking the following commit back to bip 0.8.9 seems to be > > sufficient: > > > > 39414f8 Handle OpenSSL version 1.1 > > I just tried backporting commit 39414f8 to the bip version in stretch, > and it doesn't really fix the issue. There is probably some other commit > that is needed. I literally poked that patch into debian/patches{/series}, quilt applied it and rebuilt, and it started working for me. Maybe there's something different about our configs?
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
On Thu, Aug 23, 2018 at 03:24:52PM -0600, dann frazier wrote: > Package: bip > Version: 0.8.9-1.1 > Severity: normal > Tags: patch > > I run bip on a stretch system, and connect to it from a hexchat client on > sid. After a recent upgrade of the client, which pulled in openssl 1.1, > hexchat began failing to connect to my server with the message: > > error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small > > I found that backporting bip 0.9.0~rc3-1 to jessie worked. I further found > that just cherry-picking the following commit back to bip 0.8.9 seems to be > sufficient: > > 39414f8 Handle OpenSSL version 1.1 I just tried backporting commit 39414f8 to the bip version in stretch, and it doesn't really fix the issue. There is probably some other commit that is needed. signature.asc Description: PGP signature
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
Control: severity -1 important Hi, I would like to reinforce the request for a stable update: - according to the openssl maintainer, this is a security issue and should be fixed in stable - without such fix, bip on stable will soon be unusable to any client using a recent enough openssl signature.asc Description: PGP signature
Bug#907118: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small
Package: bip Version: 0.8.9-1.1 Severity: normal Tags: patch I run bip on a stretch system, and connect to it from a hexchat client on sid. After a recent upgrade of the client, which pulled in openssl 1.1, hexchat began failing to connect to my server with the message: error:141a318a:ssl routines:tls_process_ske_dhe:dh key too small I found that backporting bip 0.9.0~rc3-1 to jessie worked. I further found that just cherry-picking the following commit back to bip 0.8.9 seems to be sufficient: 39414f8 Handle OpenSSL version 1.1 Assuming this is the correct fix, could we get that incorporated in a jessie update? -dann -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages bip depends on: ii adduser3.117 ii libc6 2.27-5 ii libssl1.1 1.1.1~~pre9-1 ii lsb-base 9.20170808 bip recommends no packages. bip suggests no packages.