Mailing List Archive: exim: dev

[Bug 674] exim can't verify sha256WithRSAEncryption signature in X.509 certificates when linked against OpenSSL

Index | Next | Previous | View Threaded

tom at duncanthrax

Oct 16, 2009, 1:35 AM

Post #1 of 8 (1062 views)
Permalink

[Bug 674] exim can't verify sha256WithRSAEncryption signature in X.509 certificates when linked against OpenSSL

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=674

Tom Kistner <tom [at] duncanthrax> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |tom [at] duncanthrax
Status|NEW |RESOLVED
Resolution| |FIXED

--- Comment #17 from Tom Kistner <tom [at] duncanthrax> 2009-10-16 09:35:39 ---
(In reply to comment #7)

> If we think that SHA256 is something explicitly worth supporting for real world
> production, as opposed to something someone is using in a private test-case,
> then we can do:
> EVP_add_digest(EVP_sha256())

Been there, done that.

--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

exim-dev at spodhuis

Oct 16, 2009, 4:23 AM

Post #2 of 8 (1029 views)
Permalink

[Bug 674] exim can't verify sha256WithRSAEncryption signature in X.509 certificates when linked against OpenSSL [In reply to]

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=674

--- Comment #18 from Phil Pennock <exim-dev [at] spodhuis> 2009-10-16 12:23:40 ---
Created an attachment (id=330)
--> (http://bugs.exim.org/attachment.cgi?id=330)
Make SHA256 loading conditional upon OpenSSL >= 0.9.8

Reports of link failure on exim-users because EVP_sha256() wasn't available.

OpenSSL "CHANGES" file:
Changes between 0.9.7h and 0.9.8 [05 Jul 2005]
[...]
*) New FIPS 180-2 algorithms, SHA-224/-256/-384/-512 are implemented.
[Andy Polyakov and a number of other people]

So #ifdef guard that 0.9.8 or more recent.

--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

tom at duncanthrax

Oct 16, 2009, 6:11 AM

Post #3 of 8 (1015 views)
Permalink

[Bug 674] exim can't verify sha256WithRSAEncryption signature in X.509 certificates when linked against OpenSSL [In reply to]

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=674

--- Comment #19 from Tom Kistner <tom [at] duncanthrax> 2009-10-16 14:11:06 ---
Done, thanks Phil!

--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

exim-dev at spodhuis

Oct 16, 2009, 6:28 PM

Post #4 of 8 (1034 views)
Permalink

[Bug 674] exim can't verify sha256WithRSAEncryption signature in X.509 certificates when linked against OpenSSL [In reply to]

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=674

--- Comment #20 from Phil Pennock <exim-dev [at] spodhuis> 2009-10-17 02:28:46 ---
I suck.

The description I wrote was >= 0.9.8 but the ifdef I wrote was > 0.9.8.

In practice, doesn't matter much since anyone running early 0.9.8 has security
issues to worry about. But ideally it should be >=.

Sorry to create more work. I should go to bed *before* 4am.

--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

jh.exim-bugzilla at plonk

Oct 18, 2009, 3:54 AM

Post #5 of 8 (985 views)
Permalink

[Bug 674] exim can't verify sha256WithRSAEncryption signature in X.509 certificates when linked against OpenSSL [In reply to]

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=674

Jakob Hirsch <jh.exim-bugzilla [at] plonk> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |jh.exim-bugzilla [at] plonk
Status|RESOLVED |REOPENED
Resolution|FIXED |

--- Comment #21 from Jakob Hirsch <jh.exim-bugzilla [at] plonk> 2009-10-18 11:54:53 ---
(In reply to comment #20)

> The description I wrote was >= 0.9.8 but the ifdef I wrote was > 0.9.8.

Isn't it a bit clumsy to care about version of external libs? We can simply
depend on OPENSSL_NO_SHA256, like the openssl people itself, e.g. in their
evp.h:

#ifndef OPENSSL_NO_SHA256
...

Don't know why they use reversed logic (I'd say, usually you have something
#define'd if the feature is available), but it should work nonetheless.

OTOH, the same applies to SHA512, so I wonder if there is no easier way to
simply include everything better. Reading the previous bug comments, openssl
should do that by default, but does not, so manually including SHA256 is a
pragmatic workaround, right?

And shouldn't we also add SHA224 for completeness? Hardly anybody will use it,
though...

--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

exim-dev at spodhuis

Oct 18, 2009, 5:30 PM

Post #6 of 8 (992 views)
Permalink

[Bug 674] exim can't verify sha256WithRSAEncryption signature in X.509 certificates when linked against OpenSSL [In reply to]

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=674

--- Comment #22 from Phil Pennock <exim-dev [at] spodhuis> 2009-10-19 01:30:13 ---
Re OPENSSL_NO_SHA256 -- current code within OpenSSL can use it, because current
code can assume that it's defined if SHA256 is not loaded. But it won't be
defined before the potential support was written, so if we need to work with
OpenSSL 0.9.7, which we apparently do, then we can't rely on it being present.

Yes, version numbers are clumsy, but as you note, this is a pragmatic fix, not
an ideal one. Ideally, OpenSSL would define macros asserting the availability
of functions; unavailability assertions are useless for any project depending
on their code (unless they're using 0.9.8 or later), only useful within their
own codebase.

So perhaps it needs to be:
#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && !defined(OPENSSL_NO_SHA256)
EVP_add_digest(EVP_sha256());
#endif

How ugly.

Re SHA224 -- I think we should either be doing the minimal possible beyond
default load, explicitly for interoperability (so SHA256) or we should be
looking at my original patch, providing the openssl_load_all functionality.
That patch let you load all ciphers, if and only if you also set
tls_require_ciphers. If we're going to go beyond "just the hash algorithm
currently becoming popular", I do think that patch is the better approach.

Pragmatically, we should have openssl_load_all available and irregardless of
that, load SHA256 by default; it's not ideal, but it will reduce mailing-list
burden by making the most common desired setup the default.

--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

nigel at exim

Oct 19, 2009, 4:25 AM

Post #7 of 8 (992 views)
Permalink

[Bug 674] exim can't verify sha256WithRSAEncryption signature in X.509 certificates when linked against OpenSSL [In reply to]

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=674

Nigel Metheringham <nigel [at] exim> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|REOPENED |RESOLVED
Resolution| |FIXED

--- Comment #23 from Nigel Metheringham <nigel [at] exim> 2009-10-19 12:25:32 ---
CVS commit by nm4:

Further minor tweak to sha256 inclusion. Fixes: bug#674 yet again

--- CVS commit summary ---
1.19 1.20 +1 -1 - exim/exim-src/src/tls-openssl.c

--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

jh.exim-bugzilla at plonk

Oct 19, 2009, 5:17 AM

Post #8 of 8 (974 views)
Permalink

[Bug 674] exim can't verify sha256WithRSAEncryption signature in X.509 certificates when linked against OpenSSL [In reply to]

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=674

--- Comment #24 from Jakob Hirsch <jh.exim-bugzilla [at] plonk> 2009-10-19 13:17:36 ---
(In reply to comment #22)
> Re OPENSSL_NO_SHA256 -- current code within OpenSSL can use it, because current
> code can assume that it's defined if SHA256 is not loaded. But it won't be
> defined before the potential support was written, so if we need to work with
> OpenSSL 0.9.7, which we apparently do, then we can't rely on it being present.

Um, yeah, sorry, my logic was flawed, of course (occured to me this morning
during brushing teeth).

> Yes, version numbers are clumsy, but as you note, this is a pragmatic fix, not
> an ideal one. Ideally, OpenSSL would define macros asserting the availability
> of functions; unavailability assertions are useless for any project depending
> on their code (unless they're using 0.9.8 or later), only useful within their
> own codebase.

I guess the openssl people just think that everybody is using autoconf. And the
give a hard time to everybody else. All the SHA256 #defines are there even if
OPENSSL_NO_SHA256 is #defined....
EVP_get_digestbyname("sha256") should return the same as EVP_sha256(), but: You
need to run OpenSSL_add_all_digests() before it... this is all very strange.

> So perhaps it needs to be:
> #if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && !defined(OPENSSL_NO_SHA256)
> EVP_add_digest(EVP_sha256());
> #endif

Yes, that would probably be more correct.

> How ugly.

And to make it more ugly, 0.9.7m (and maybe some earlier version) also has
SHA256... don't know how many still use that.

Maybe we should ask the openssl people about this?

Personally, I'd tend to use OpenSSL_add_all_digests() und let the user restrict
the ciphers by an option (and provide a sane default in the sample config).

oh, and btw:

-/* SHA256 is becoming ever moar popular. This makes sure it gets added to the
+/* SHA256 is becoming ever more popular. This makes sure it gets added to the

--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

--
## List details at http://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads