Re: Support for OpenSSL 1.1.0
The list is getting shorter. The test suite currently only shows a few
failures due to the missing "talking http on https" support.
Am 09.02.2016 um 11:20 schrieb Rainer Jung:
Open problems:
1) HTTP on HTTPS
OpenSSL 1.1.0 currently doesn't support the "HTTP spoken on HTTPS port"
error. The code to detect HTTP was removed due to a major rewrite of the
state engine. The OpenSSL project is willing to review patches for
reintroducing the feature there but currently doesn't plan to work on it
themselves.
I'll try tackling this next. Nut sure how well it will go.
2) Renegotiation
It needs to be implemented differently. The OpenSSL project suggest to
try reading application data until the renegotiation has finished. I
committed some rather ugly code that does loop waiting for reneg, but it
has a couple of problems:
Still using poll, but better state tracking now.
a) it will not work for EC or DH ciphers. Some opaque structure element
in the ssl struct is already set and confuses the state machine. I hope
to get some helpful feedback from the OpenSSL project for this.
Still open.
5) ssl_engine_kernel.c
In ssl_callback_Info() the explicit state constants
SSL3_ST_SR_CLNT_HELLO_A and SSL23_ST_SR_CLNT_HELLO_A are used which no
longer exist. I can't find obvious replacements in the list of new state
constants:
2100 int state = SSL_get_state((SSL *)ssl);
2101
2102 if (state == SSL3_ST_SR_CLNT_HELLO_A
2103 || state == SSL23_ST_SR_CLNT_HELLO_A) {
2104 scr->reneg_state = RENEG_ABORT;
2105 ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02042)
2106 "rejecting client initiated renegotiation");
2107 }
That shouldn't be too hard. Will look into it.
Regards,
Rainer
Re: Support for OpenSSL 1.1.0
On 09/02/2016 14:36, Rainer Jung wrote:
> Hi Steve,
>
> thanks a lot for your review and comments. More inline.
>
> Am 09.02.2016 um 13:34 schrieb Dr Stephen Henson:
>> On 09/02/2016 10:20, Rainer Jung wrote:
>>>
>>> 3) ssl_engine_ocsp.c
>>>
>>> In modssl_verify_ocsp() the following code accesses the struct member
>>> "valid",
>>> for which currently no accessor function exists in 1.1.0:
>>>
>>> 268 else if (cert->valid && X509_check_issued(cert,cert) == X509_V_OK) {
>>> 269 /* don't do OCSP checking for valid self-issued certs */
>>> 270 ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c,
>>> 271 "Skipping OCSP check for valid self-issued cert");
>>> 272 X509_STORE_CTX_set_error(ctx, X509_V_OK);
>>> 273 return 1;
>>> 274 }
>>>
>>>
>>
>> It's not clear what that code is supposed to do. The check isn't for
>> "self-issued" because that would just require comparing the subject and
>> issuer
>> names it is actually checking for a self signed certificate.
>
>> Is it supposed to be skipping OCSP checking for a trusted root?
>
> The svn log message says "Don't do OCSP checks for valid self-issued certs".
> The
> change was discussed here
>
> http://marc.info/?t=12921462952=1=2
>
> with some older discussion here
>
> http://marc.info/?t=11963686385=1=2
>
> As far as I get it, it is meant as an optimization to skip OCSP in cases where
> it isn't needed or useful. But I'm far from being an expert here. Kaspar, who
> introduced it originally formulated "prevents mod_ssl from doing unnecessary
> OCSP checks (valid self-issued certs, i.e. trust anchors configured through
> SSLCACertificate{File,Path})".
>
> I'll CC Kaspar directly.
>
OK it looks like at that point the certificate has been verified anyway so you
don't gain anything by checking cert->valid.
Steve.
--
Dr Stephen Henson. OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
+1 877-673-6775
shen...@opensslfoundation.com
Re: Support for OpenSSL 1.1.0
Hi Steve,
thanks a lot for your review and comments. More inline.
Am 09.02.2016 um 13:34 schrieb Dr Stephen Henson:
On 09/02/2016 10:20, Rainer Jung wrote:
3) ssl_engine_ocsp.c
In modssl_verify_ocsp() the following code accesses the struct member "valid",
for which currently no accessor function exists in 1.1.0:
268 else if (cert->valid && X509_check_issued(cert,cert) == X509_V_OK) {
269 /* don't do OCSP checking for valid self-issued certs */
270 ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c,
271 "Skipping OCSP check for valid self-issued cert");
272 X509_STORE_CTX_set_error(ctx, X509_V_OK);
273 return 1;
274 }
It's not clear what that code is supposed to do. The check isn't for
"self-issued" because that would just require comparing the subject and issuer
names it is actually checking for a self signed certificate.
Is it supposed to be skipping OCSP checking for a trusted root?
The svn log message says "Don't do OCSP checks for valid self-issued
certs". The change was discussed here
http://marc.info/?t=12921462952=1=2
with some older discussion here
http://marc.info/?t=11963686385=1=2
As far as I get it, it is meant as an optimization to skip OCSP in cases
where it isn't needed or useful. But I'm far from being an expert here.
Kaspar, who introduced it originally formulated "prevents mod_ssl from
doing unnecessary OCSP checks (valid self-issued certs, i.e. trust
anchors configured through SSLCACertificate{File,Path})".
I'll CC Kaspar directly.
4) ssl_util_stapling.c
In ssl_stapling_init_cert() there's a compiler warning:
"passing argument 1 of 'sk_value' from incompatible pointer type
expected 'const struct _STACK *' but argument is of type
'struct stack_st_OPENSSL_STRING *'":
179cinf->uri = apr_pstrdup(p, sk_OPENSSL_STRING_value(aia, 0));
In ssl_private.h the checks like this:
#ifndef sk_OPENSSL_STRING_value
#define sk_OPENSSL_STRING_value sk_value
#endif
no longer work because stacks are now inline functions. If you put that block
round an appropriate #ifdef it should be fine.
I had a quick look at the changes and did notice that some of the direct
structure access (extensions, X509_NAME) is unnecessary in existing versions of
OpenSSL. So in some cases you don't need to only use them for 1.1: they'll work
in all versions of OpenSSL but it's only in 1.1 they are enforced.
I'll get this tested/included. I kept the direct structure accesses for
pre-1.1.0 just for the moment to stay on the safe side. Once this works
reasonably well, I'll clean up the code to reduce the version dependent
ifdefs.
Getting closer :)
Regards,
Rainer
Re: Support for OpenSSL 1.1.0
On 09/02/2016 10:20, Rainer Jung wrote:
>
> 3) ssl_engine_ocsp.c
>
> In modssl_verify_ocsp() the following code accesses the struct member "valid",
> for which currently no accessor function exists in 1.1.0:
>
> 268 else if (cert->valid && X509_check_issued(cert,cert) == X509_V_OK) {
> 269 /* don't do OCSP checking for valid self-issued certs */
> 270 ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, c,
> 271 "Skipping OCSP check for valid self-issued cert");
> 272 X509_STORE_CTX_set_error(ctx, X509_V_OK);
> 273 return 1;
> 274 }
>
>
It's not clear what that code is supposed to do. The check isn't for
"self-issued" because that would just require comparing the subject and issuer
names it is actually checking for a self signed certificate.
Is it supposed to be skipping OCSP checking for a trusted root?
> 4) ssl_util_stapling.c
>
> In ssl_stapling_init_cert() there's a compiler warning:
> "passing argument 1 of 'sk_value' from incompatible pointer type
>expected 'const struct _STACK *' but argument is of type
>'struct stack_st_OPENSSL_STRING *'":
>
> 179cinf->uri = apr_pstrdup(p, sk_OPENSSL_STRING_value(aia, 0));
>
In ssl_private.h the checks like this:
#ifndef sk_OPENSSL_STRING_value
#define sk_OPENSSL_STRING_value sk_value
#endif
no longer work because stacks are now inline functions. If you put that block
round an appropriate #ifdef it should be fine.
I had a quick look at the changes and did notice that some of the direct
structure access (extensions, X509_NAME) is unnecessary in existing versions of
OpenSSL. So in some cases you don't need to only use them for 1.1: they'll work
in all versions of OpenSSL but it's only in 1.1 they are enforced.
Steve.
--
Dr Stephen Henson. OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
+1 877-673-6775
shen...@opensslfoundation.com
