Re: Support for OpenSSL 1.1.0
The list is getting shorter. The test suite currently only shows a few failures due to the missing "talking http on https" support. Am 09.02.2016 um 11:20 schrieb Rainer Jung: Open problems: 1) HTTP on HTTPS OpenSSL 1.1.0 currently doesn't support the "HTTP spoken on HTTPS port" error. The code to detect HTTP was removed due to a major rewrite of the state engine. The OpenSSL project is willing to review patches for reintroducing the feature there but currently doesn't plan to work on it themselves. I'll try tackling this next. Nut sure how well it will go. 2) Renegotiation It needs to be implemented differently. The OpenSSL project suggest to try reading application data until the renegotiation has finished. I committed some rather ugly code that does loop waiting for reneg, but it has a couple of problems: Still using poll, but better state tracking now. a) it will not work for EC or DH ciphers. Some opaque structure element in the ssl struct is already set and confuses the state machine. I hope to get some helpful feedback from the OpenSSL project for this. Still open. 5) ssl_engine_kernel.c In ssl_callback_Info() the explicit state constants SSL3_ST_SR_CLNT_HELLO_A and SSL23_ST_SR_CLNT_HELLO_A are used which no longer exist. I can't find obvious replacements in the list of new state constants: 2100 int state = SSL_get_state((SSL *)ssl); 2101 2102 if (state == SSL3_ST_SR_CLNT_HELLO_A 2103 || state == SSL23_ST_SR_CLNT_HELLO_A) { 2104 scr->reneg_state = RENEG_ABORT; 2105 ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02042) 2106 "rejecting client initiated renegotiation"); 2107 } That shouldn't be too hard. Will look into it. Regards, Rainer
Re: Support for OpenSSL 1.1.0
On 09/02/2016 14:36, Rainer Jung wrote: > Hi Steve, > > thanks a lot for your review and comments. More inline. > > Am 09.02.2016 um 13:34 schrieb Dr Stephen Henson: >> On 09/02/2016 10:20, Rainer Jung wrote: >>> >>> 3) ssl_engine_ocsp.c >>> >>> In modssl_verify_ocsp() the following code accesses the struct member >>> "valid", >>> for which currently no accessor function exists in 1.1.0: >>> >>> 268 else if (cert->valid && X509_check_issued(cert,cert) == X509_V_OK) { >>> 269 /* don't do OCSP checking for valid self-issued certs */ >>> 270 ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, >>> 271 "Skipping OCSP check for valid self-issued cert"); >>> 272 X509_STORE_CTX_set_error(ctx, X509_V_OK); >>> 273 return 1; >>> 274 } >>> >>> >> >> It's not clear what that code is supposed to do. The check isn't for >> "self-issued" because that would just require comparing the subject and >> issuer >> names it is actually checking for a self signed certificate. > >> Is it supposed to be skipping OCSP checking for a trusted root? > > The svn log message says "Don't do OCSP checks for valid self-issued certs". > The > change was discussed here > > http://marc.info/?t=12921462952=1=2 > > with some older discussion here > > http://marc.info/?t=11963686385=1=2 > > As far as I get it, it is meant as an optimization to skip OCSP in cases where > it isn't needed or useful. But I'm far from being an expert here. Kaspar, who > introduced it originally formulated "prevents mod_ssl from doing unnecessary > OCSP checks (valid self-issued certs, i.e. trust anchors configured through > SSLCACertificate{File,Path})". > > I'll CC Kaspar directly. > OK it looks like at that point the certificate has been verified anyway so you don't gain anything by checking cert->valid. Steve. -- Dr Stephen Henson. OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 +1 877-673-6775 shen...@opensslfoundation.com
Re: Support for OpenSSL 1.1.0
Hi Steve, thanks a lot for your review and comments. More inline. Am 09.02.2016 um 13:34 schrieb Dr Stephen Henson: On 09/02/2016 10:20, Rainer Jung wrote: 3) ssl_engine_ocsp.c In modssl_verify_ocsp() the following code accesses the struct member "valid", for which currently no accessor function exists in 1.1.0: 268 else if (cert->valid && X509_check_issued(cert,cert) == X509_V_OK) { 269 /* don't do OCSP checking for valid self-issued certs */ 270 ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, 271 "Skipping OCSP check for valid self-issued cert"); 272 X509_STORE_CTX_set_error(ctx, X509_V_OK); 273 return 1; 274 } It's not clear what that code is supposed to do. The check isn't for "self-issued" because that would just require comparing the subject and issuer names it is actually checking for a self signed certificate. Is it supposed to be skipping OCSP checking for a trusted root? The svn log message says "Don't do OCSP checks for valid self-issued certs". The change was discussed here http://marc.info/?t=12921462952=1=2 with some older discussion here http://marc.info/?t=11963686385=1=2 As far as I get it, it is meant as an optimization to skip OCSP in cases where it isn't needed or useful. But I'm far from being an expert here. Kaspar, who introduced it originally formulated "prevents mod_ssl from doing unnecessary OCSP checks (valid self-issued certs, i.e. trust anchors configured through SSLCACertificate{File,Path})". I'll CC Kaspar directly. 4) ssl_util_stapling.c In ssl_stapling_init_cert() there's a compiler warning: "passing argument 1 of 'sk_value' from incompatible pointer type expected 'const struct _STACK *' but argument is of type 'struct stack_st_OPENSSL_STRING *'": 179cinf->uri = apr_pstrdup(p, sk_OPENSSL_STRING_value(aia, 0)); In ssl_private.h the checks like this: #ifndef sk_OPENSSL_STRING_value #define sk_OPENSSL_STRING_value sk_value #endif no longer work because stacks are now inline functions. If you put that block round an appropriate #ifdef it should be fine. I had a quick look at the changes and did notice that some of the direct structure access (extensions, X509_NAME) is unnecessary in existing versions of OpenSSL. So in some cases you don't need to only use them for 1.1: they'll work in all versions of OpenSSL but it's only in 1.1 they are enforced. I'll get this tested/included. I kept the direct structure accesses for pre-1.1.0 just for the moment to stay on the safe side. Once this works reasonably well, I'll clean up the code to reduce the version dependent ifdefs. Getting closer :) Regards, Rainer
Re: Support for OpenSSL 1.1.0
On 09/02/2016 10:20, Rainer Jung wrote: > > 3) ssl_engine_ocsp.c > > In modssl_verify_ocsp() the following code accesses the struct member "valid", > for which currently no accessor function exists in 1.1.0: > > 268 else if (cert->valid && X509_check_issued(cert,cert) == X509_V_OK) { > 269 /* don't do OCSP checking for valid self-issued certs */ > 270 ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c, > 271 "Skipping OCSP check for valid self-issued cert"); > 272 X509_STORE_CTX_set_error(ctx, X509_V_OK); > 273 return 1; > 274 } > > It's not clear what that code is supposed to do. The check isn't for "self-issued" because that would just require comparing the subject and issuer names it is actually checking for a self signed certificate. Is it supposed to be skipping OCSP checking for a trusted root? > 4) ssl_util_stapling.c > > In ssl_stapling_init_cert() there's a compiler warning: > "passing argument 1 of 'sk_value' from incompatible pointer type >expected 'const struct _STACK *' but argument is of type >'struct stack_st_OPENSSL_STRING *'": > > 179cinf->uri = apr_pstrdup(p, sk_OPENSSL_STRING_value(aia, 0)); > In ssl_private.h the checks like this: #ifndef sk_OPENSSL_STRING_value #define sk_OPENSSL_STRING_value sk_value #endif no longer work because stacks are now inline functions. If you put that block round an appropriate #ifdef it should be fine. I had a quick look at the changes and did notice that some of the direct structure access (extensions, X509_NAME) is unnecessary in existing versions of OpenSSL. So in some cases you don't need to only use them for 1.1: they'll work in all versions of OpenSSL but it's only in 1.1 they are enforced. Steve. -- Dr Stephen Henson. OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 +1 877-673-6775 shen...@opensslfoundation.com