Re: [openssl-users] What does this error mean?

2018-04-16 Thread Rob Marshall 
Hi,

The command I'm running is:

wget --no-check-certificate https://bootstrap.pypa.io/get-pip.py

So in this particular case the host is: bootstrap.pypa.io. I was
trying to install the Python pip command.

Rob

On Mon, Apr 16, 2018 at 5:53 PM, Salz, Rich via openssl-users
 wrote:
> You didn't answer the question that was asked.
>
> Which host?
>
> On 4/16/18, 4:23 PM, "Rob Marshall"  wrote:
>
> Hi,
>
> I built and installed OpenSSL 1.0.2n and I'm still seeing the problem.
> I originally tried to build/install 1.1.0h but my goal was to
> build/install an updated OpenSSH (7.7.p1) and it wouldn't build with
> that version and a straight 1.1.0 build failed. So I went with the
> most recent 1.0.2 (in this case n) that I could find.
>
> Rob
>
> On Mon, Apr 16, 2018 at 2:33 PM, Marcus Meissner  wrote:
> > On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote:
> >> Hi,
> >>
> >> It may not be relevant, but I'm running SLES 10 SP3 which is a very
> >> old version of the OS and I can't upgrade it due to some installed
> >> products. When I try to do a wget I'm seeing the error:
> >>
> >> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
> >> alert protocol version
> >>
> >> What does the error mean and how do I fix it?
> >
> > From which host? The host probably only speaks TLS 1.2.
> >
> > Ciao, Marcus
> > --
> > openssl-users mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Salz, Rich via openssl-users 
You didn't answer the question that was asked.

Which host?

On 4/16/18, 4:23 PM, "Rob Marshall"  wrote:

Hi,

I built and installed OpenSSL 1.0.2n and I'm still seeing the problem.
I originally tried to build/install 1.1.0h but my goal was to
build/install an updated OpenSSH (7.7.p1) and it wouldn't build with
that version and a straight 1.1.0 build failed. So I went with the
most recent 1.0.2 (in this case n) that I could find.

Rob

On Mon, Apr 16, 2018 at 2:33 PM, Marcus Meissner  wrote:
> On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote:
>> Hi,
>>
>> It may not be relevant, but I'm running SLES 10 SP3 which is a very
>> old version of the OS and I can't upgrade it due to some installed
>> products. When I try to do a wget I'm seeing the error:
>>
>> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
>> alert protocol version
>>
>> What does the error mean and how do I fix it?
>
> From which host? The host probably only speaks TLS 1.2.
>
> Ciao, Marcus
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Rob Marshall 
Hi,

When I do that I see, among other things:

...
SSL-Session:
Protocol  : TLSv1.2
Cipher: ECDHE-RSA-AES128-GCM-SHA256
Session-ID: 9B63040F2D2F498F610A84E4A9D9017AF375772DFDDA760378666391A17C2C75
...

When I tried to force TLSv1.2 I got:

hostname:~ # wget --no-check-certificate --secure-protocol=TLSv1_2
https://bootstrap.pypa.io/get-pip.py
wget: --secure-protocol: Invalid value `TLSv1_2'.

My guess is that it's just too old of a version of wget. I was going
to try to build/install a newer version, but it seems to have
prerequisites I can't meet on SLES 10 SP3.

Thanks,

Rob

On Mon, Apr 16, 2018 at 5:17 PM, Michael Wojcik
 wrote:
> It may be how the (probably somewhat outdated) version of wget is using the
> openssl API. Try "openssl s_client -connect server:port", using the server
> and port you're trying to get wget to connect to.
>
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Michael Wojcik 
It may be how the (probably somewhat outdated) version of wget is using the 
openssl API. Try "openssl s_client -connect server:port", using the server and 
port you're trying to get wget to connect to.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Rob Marshall 
Hi,

I built and installed OpenSSL 1.0.2n and I'm still seeing the problem.
I originally tried to build/install 1.1.0h but my goal was to
build/install an updated OpenSSH (7.7.p1) and it wouldn't build with
that version and a straight 1.1.0 build failed. So I went with the
most recent 1.0.2 (in this case n) that I could find.

Rob

On Mon, Apr 16, 2018 at 2:33 PM, Marcus Meissner  wrote:
> On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote:
>> Hi,
>>
>> It may not be relevant, but I'm running SLES 10 SP3 which is a very
>> old version of the OS and I can't upgrade it due to some installed
>> products. When I try to do a wget I'm seeing the error:
>>
>> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
>> alert protocol version
>>
>> What does the error mean and how do I fix it?
>
> From which host? The host probably only speaks TLS 1.2.
>
> Ciao, Marcus
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Marcus Meissner 
On Mon, Apr 16, 2018 at 02:27:17PM -0400, Rob Marshall wrote:
> Hi,
> 
> It may not be relevant, but I'm running SLES 10 SP3 which is a very
> old version of the OS and I can't upgrade it due to some installed
> products. When I try to do a wget I'm seeing the error:
> 
> OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
> alert protocol version
> 
> What does the error mean and how do I fix it?

>From which host? The host probably only speaks TLS 1.2.

Ciao, Marcus
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

2018-04-16 Thread Michael Wojcik 
The server is rejecting the connection because it doesn't like the SSL/TLS 
version range that wget is offering. Anything prior to TLSv1.1 suffers from 
vulnerabilities that can be exploited under practical conditions, so many 
servers reject older protocol versions.


You don't have to upgrade the OS to put a newer version of OpenSSL on, though 
you may have to build OpenSSL yourself.


From: openssl-users  on behalf of Rob 
Marshall 
Sent: Monday, April 16, 2018 2:27:17 PM
To: openssl-users@openssl.org
Subject: [openssl-users] What does this error mean?

Hi,

It may not be relevant, but I'm running SLES 10 SP3 which is a very
old version of the OS and I can't upgrade it due to some installed
products. When I try to do a wget I'm seeing the error:

OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
alert protocol version

What does the error mean and how do I fix it?

Thanks,

Rob
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] What does this error mean?

2018-04-16 Thread Rob Marshall 
Hi,

It may not be relevant, but I'm running SLES 10 SP3 which is a very
old version of the OS and I can't upgrade it due to some installed
products. When I try to do a wget I'm seeing the error:

OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
alert protocol version

What does the error mean and how do I fix it?

Thanks,

Rob
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] CVE-201-0737

2018-04-16 Thread Scott Neugroschl 

On 16/04/18 0935PDT, Matt Caswell wrote:
>On 16/04/18 16:59, Scott Neugroschl wrote:
>> Hi,
>> 
>> I'm trying to make sure I have grokked this advisory properly.
>> 
>> The advisory says this is a cache timing side channel attack on key 
>> generation.   So am I correct in assuming that a potential attacker must
>> 
>> 1) Already have access to the system
>> 2) Have sufficient privilege to be able to access cache info
>
>Correct.

Thanks, Matt!


---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 
583-2874|Fax 805 583-0124 |



-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] CVE-201-0737

2018-04-16 Thread Matt Caswell 


On 16/04/18 16:59, Scott Neugroschl wrote:
> Hi,
> 
> I'm trying to make sure I have grokked this advisory properly.
> 
> The advisory says this is a cache timing side channel attack on key 
> generation.   So am I correct in assuming that a potential attacker must
> 
> 1) Already have access to the system
> 2) Have sufficient privilege to be able to access cache info

Correct.

Matt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] CVE-201-0737

2018-04-16 Thread Scott Neugroschl 
Hi,

I'm trying to make sure I have grokked this advisory properly.

The advisory says this is a cache timing side channel attack on key generation. 
  So am I correct in assuming that a potential attacker must

1) Already have access to the system
2) Have sufficient privilege to be able to access cache info

Or am I completely mistaken here?

Thanks,

ScottN

---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 
583-2874|Fax 805 583-0124 |



-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] OpenSSL Security Advisory

2018-04-16 Thread OpenSSL 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256


OpenSSL Security Advisory [16 Apr 2018]


Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)


Severity: Low

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a
cache timing side channel attack. An attacker with sufficient access to mount
cache timing attacks during the RSA key generation process could recover the
private key.

Due to the low severity of this issue we are not issuing a new release of
OpenSSL 1.1.0 or 1.0.2 at this time. The fix will be included in OpenSSL 1.1.0i
and OpenSSL 1.0.2p when they become available. The fix is also available in
commit 6939eab03 (for 1.1.0) and commit 349a41da1 (for 1.0.2) in the OpenSSL git
repository.

This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera
Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia.
The fix was developed by Billy Brumley.

References
==

URL for this Security Advisory:
https://www.openssl.org/news/secadv/20180416.txt

Note: the online version of the advisory may be updated with additional details
over time.

For details of OpenSSL severity classifications please see:
https://www.openssl.org/policies/secpolicy.html
-BEGIN PGP SIGNATURE-

iQEcBAEBCAAGBQJa1MKgAAoJENnE0m0OYESRKOoIAKmRnj0YtE1y89WnRiCjMk8l
Z7XAsPk6nkEa8dlrEvEsUhS90CFSf9OcYliAlfjD/+RVZXXeK4AHn8/g7HxAdDcK
62biQiHbxICBqnrE6DCe6GrMXEy3MWuefSWnoTyd/x8W1grjdhkrlmIqe68DP0iv
WItmStRVOpx4mQDcrYqw6ZKhhu1Lv007khyAornJP+S6NSlK6brdNQyRNmp3+HO4
irqPi6xQWGcaAtrdpWi8mDnomld75j5m+G98N/gCqaCAIn7Zau+kAAW1+1dO5S4L
tsQ0CifVnRfUTz0cCL51L8G3a3RWYs34AXRZvSRi3q88AiZ1L6FCF2cHZJu1KuE=
=+TYO
-END PGP SIGNATURE-
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] OpenSSL 1.1.0 assertion failure: ssl_free_wbio_buffer()

2018-04-16 Thread Matt Caswell 


On 16/04/18 11:38, Matt Caswell wrote:
> 
> 
> On 16/04/18 09:19, marcus.schafheu...@gmx.de wrote:
>> SSL_set_bio(ssl, NULL, NULL); // free BIOs when finished
> 
> There should be no reason to do this. The BIO's will get freed
> automatically by the SSL_free() call.
> 
> 
>> Is this a faulty behavior of OpenSSL 1.1.0 or is the fault on my side? 
> 
> 
> This looks like a bug in OpenSSL. It should be able to tolerate passing
> NULL for wbio in the SSL_set_bio call, but apparently it can't in the
> case of a failed handshake. Please could you open an issue on github for
> this?
> 
> The workaround is to remove the SSL_set_bio(SSL, NULL, NULL) call. It
> should not be necessary.

I created a fix and some tests here:

https://github.com/openssl/openssl/pull/5966

It turns out the assertion is completely bogus and can simply be removed.

Matt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] OpenSSL 1.1.0 assertion failure: ssl_free_wbio_buffer()

2018-04-16 Thread Matt Caswell 


On 16/04/18 09:19, marcus.schafheu...@gmx.de wrote:
> SSL_set_bio(ssl, NULL, NULL); // free BIOs when finished

There should be no reason to do this. The BIO's will get freed
automatically by the SSL_free() call.


> Is this a faulty behavior of OpenSSL 1.1.0 or is the fault on my side? 


This looks like a bug in OpenSSL. It should be able to tolerate passing
NULL for wbio in the SSL_set_bio call, but apparently it can't in the
case of a failed handshake. Please could you open an issue on github for
this?

The workaround is to remove the SSL_set_bio(SSL, NULL, NULL) call. It
should not be necessary.

Matt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] OpenSSL 1.1.0 assertion failure: ssl_free_wbio_buffer()

2018-04-16 Thread Marcus . Schafheutle 
Hello,
 
we encountered a strange behaviour of OpenSSL 1.1.0 when our test with "sslscan" provokes an unfinished 
handshake. The problem exists since OpenSSL 1.1.0 - there were no problems with OpenSSL 1.0.2x.
 
Our asynchronous communication approach uses memory BIOs in order to read/write data from other 
communication layers into the SSL object. After the read/write operations are done, the BIOs are freed.
 
Our example code is basically as follows:
---
err = SSL_accept (ssl); 
 
BIO *rBIO = BIO_new(BIO_s_mem());
BIO *wBIO = BIO_new(BIO_s_mem());
    
SSL_set_bio(ssl, rBIO, wBIO); 
 
// ... operate with read / write BIOs and SSL_read/SSL_write
 
SSL_set_bio(ssl, NULL, NULL); // free BIOs when finished
 
SSL_free(ssl);
---
 
When calling SSL_free() after a complete handshake, everything is fine, but when calling SSL_free() after an 
unfinished handshake, the assertion "assert(s->wbio != NULL);" in ssl_free_wbio_buffer() fails:
---
void ssl_free_wbio_buffer(SSL *s)
{
    /* callers ensure s is never null */
    if (s->bbio == NULL)
        return;
    s->wbio = BIO_pop(s->wbio);
    assert(s->wbio != NULL);            /* <- this assertion fails! */
    BIO_free(s->bbio);
    s->bbio = NULL;
}
---
 
With a complete handshake the new attribute “bbio” is freed by calling the method tls_finish_handshake(), 
which itself calls ssl_free_wbio_buffer(). When the handshake is not finished successfully, the “bbio” is not freed, and 
therefore when calling SSL_free() the assert in ssl_free_wbio_buffer() fails.
  
Is this a faulty behavior of OpenSSL 1.1.0 or is the fault on my side? 
 
Thank you for your help!
 
Best regards,
Marcus
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users