-
Notifications
You must be signed in to change notification settings - Fork 29.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update openssl1.1.1d #29550
Update openssl1.1.1d #29550
Conversation
@mscdex @bnoordhuis Note last commit, all the checks for https://github.com/bernd-edlinger/openssl/blob/9087476b536dd13fe99fdd36773234923cea78bb/CHANGES#L12-L16 describes this a security improvement, to avoid leaking data, as well as
In Node.js, the tests have been refactored multiple times, but the original code was introduced by @mscdex in nodejs/node-v0.x-archive#7086 in response to a feature request, nodejs/node-v0.x-archive#2338 @bnoordhuis and others had concerns that simply allowing these params was risky, thus the exposure of the verification codes for (elective) sanity checks. Those checks don't appear possible anymore. I find literally zero use of this error code, or even the property, in the rest of the Node.js code base, so we have no internal dependency on it. I don't pretend to knowing enough group theory to understand what's at issue here. Should I simply remove the tests, as in the last WIP commit, or should I report this upstream to OpenSSL, or something else? /to @nodejs/crypto |
29792ed
to
01fd06d
Compare
01fd06d
to
9607205
Compare
My PR was a response to my own feature request here. My reference to that other issue was in discussion about handling of the 'error' or OpenSSL errors in general. |
I don't personally use |
I don't know enough about it to be sure, it could be that the generator values in the tests have to be updated in order to trigger |
I'm not sure I understand openssl/openssl#9363: bit 0 is always 1 because it's a prime > 2, isn't it? Apropos the
This PR is supposed to eventually end up in the LTS branch, right? That would make (3) the most attractive for BC reasons but I'm willing to be convinced I'm wrong. :-) cc @tniessen - perhaps you have an opinion? |
I polled OpenSSL for a comment: openssl/openssl#9363 (comment) I'm averse to indefinitely floating changes on OpenSSL that reverse their API decisions without a very, very compelling reason (which would beg the question of why the change isn't pushed back to OpenSSL). So, there is a 4th/5th option: 4.:
My impression from reading the code and discussion is that the feature allows uses of DH generators in a way that that the code isn't meaningful to, and that for the unsafe params the API isn't used, so doesn't help much. In other words -- anyone using custom DH params probably knows what they are doing already. |
I would argue that this is not an API change, but a bug fix in OpenSSL. It used to return that it's not a suitable generator while it was. As I understand this, the feature request was to make it possible to load keys that OpenSSL used to reject, but now accepts. |
9607205
to
7dc56e0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM but note that this breaks the ubuntu1604_sharedlibs_openssl111_x64
buildbot for obvious reasons.
I don't have good suggestions on what to do here. 16.04 ships openssl 1.02 so that means the shared library build is one we provide ourselves? Can we upgrade it when this PR is merged?
test/parallel/test-crypto-dh.js
Outdated
|
||
// Confirm DH_check() results are exposed for optional examination. | ||
const bad_dh = crypto.createDiffieHellman('02', 'hex'); | ||
assert.strictEqual(bad_dh.verifyError, DH_CHECK_P_NOT_PRIME | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Millions of mathematicians weep tonight....
The sharedlibs builds run in a docker container defined in https://github.com/nodejs/build/blob/master/ansible/roles/docker/templates/ubuntu1604_sharedlibs.Dockerfile.j2. Currently we're using 1.1.1b (for openssl 1.1.1). If we update it to 1.1.1d will things break before this PR lands on all release lines that currently run in that container? |
Yes, I noticed the breakage. I'm not exactly sure what to do, its kindof tough when openssl changes behaviour mid-release line. My temptation would be to rewrite the tests so they pass against openssl 1.1.1c and before, as well as openssl 1.1.1d and later. The docker sharedlib test failure is valid, IMO, we should either fix it, or remove that test from CI if we don't care. |
Version-sniffing (I'm not saying that's the best option, mind you, but it's an option.) |
This updates all sources in deps/openssl/openssl by: $ cd deps/openssl/ $ rm -rf openssl $ tar zxf ~/tmp/openssl-1.1.0h.tar.gz $ mv openssl-1.1.0h openssl $ git add --all openssl $ git commit openssl
After an OpenSSL source update, all the config files need to be regenerated and comitted by: $ cd deps/openssl/config $ make $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/crypto/include/internal/bn_conf.h $ git add deps/openssl/openssl/crypto/include/internal/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit
OpenSSL 1.1.1d no longer generates warnings for some DH groups that used to be considered unsafe. See below for discussion. This is considered a bug fix. See: - openssl/openssl#9363 - openssl/openssl#9363 (comment)
7dc56e0
to
e78c120
Compare
e78c120
to
94c599e
Compare
@nodejs/crypto needs another reviewer |
@nodejs/crypto -- needs one more review, please |
cc: @nodejs/tsc |
Thanks @addaleax Landed in 7ce316e...3473e58 |
This updates all sources in deps/openssl/openssl by: $ cd deps/openssl/ $ rm -rf openssl $ tar zxf ~/tmp/openssl-1.1.0h.tar.gz $ mv openssl-1.1.0h openssl $ git add --all openssl $ git commit openssl PR-URL: #29550 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
After an OpenSSL source update, all the config files need to be regenerated and comitted by: $ cd deps/openssl/config $ make $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/crypto/include/internal/bn_conf.h $ git add deps/openssl/openssl/crypto/include/internal/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit PR-URL: #29550 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
OpenSSL 1.1.1d no longer generates warnings for some DH groups that used to be considered unsafe. See below for discussion. This is considered a bug fix. See: - openssl/openssl#9363 - openssl/openssl#9363 (comment) PR-URL: #29550 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
This updates all sources in deps/openssl/openssl by: $ cd deps/openssl/ $ rm -rf openssl $ tar zxf ~/tmp/openssl-1.1.0h.tar.gz $ mv openssl-1.1.0h openssl $ git add --all openssl $ git commit openssl PR-URL: #29550 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
After an OpenSSL source update, all the config files need to be regenerated and comitted by: $ cd deps/openssl/config $ make $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/crypto/include/internal/bn_conf.h $ git add deps/openssl/openssl/crypto/include/internal/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit PR-URL: #29550 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
OpenSSL 1.1.1d no longer generates warnings for some DH groups that used to be considered unsafe. See below for discussion. This is considered a bug fix. See: - openssl/openssl#9363 - openssl/openssl#9363 (comment) PR-URL: #29550 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
OpenSSL 1.1.1d no longer generates warnings for some DH groups that used to be considered unsafe. See below for discussion. This is considered a bug fix. See: - openssl/openssl#9363 - openssl/openssl#9363 (comment) PR-URL: nodejs#29550 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
OpenSSL 1.1.1d no longer generates warnings for some DH groups that used to be considered unsafe. See below for discussion. This is considered a bug fix. See: - openssl/openssl#9363 - openssl/openssl#9363 (comment) PR-URL: #29550 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passes