Mail archive
alpine-devel

Re: [alpine-devel] Proposed change: openssl 1.1 as default system openssl implementation

From: William Pitcock <nenolod_at_dereferenced.org>
Date: Sat, 10 Feb 2018 08:31:26 -0600

Hello,

On Sat, Feb 10, 2018 at 8:11 AM, Kevin Chadwick <m8il1ists_at_gmail.com> wrote:
> On Sat, 10 Feb 2018 07:50:22 -0600
>
>
>> I did not discuss the OpenSSL 1.1 API in my proposal. I do not care
>> about it.
>>
>> I care about date comparisons that don't involve trusting anything
>> that overflows a time_t as being in the future and then naively trying
>> to prove it somehow.
>>
>
> Wow
>
> What are you telling Alpine for, you should be telling them
> conclusions and using evidence to back it up, not opinion. LibreSSL devs
> appear to disagree about much of your justification! Have you even
> asked them in the first place or yet? Perhaps you are doing it wrong?,
> perhaps they have missed a Linux development?

For the n-th time, there is nothing to discuss, LibreSSL removed SAFE
date calculation code and replaced it with code that is only SAFE
under a specific precondition: 64-bit time_t. Then they made it
blindly accept ANY certificate that overflows the time_t if it's
smaller than 64-bit, which is COMPLETELY UNSAFE AND ARGUABLY A
SECURITY PROBLEM BECAUSE IT MEANS A CERT THAT EXPIRES BEFORE 1970 IS
NOW POTENTIALLY VALID. Don't believe me? Generate a certificate that
computes as 0xfffffff time_t on 32-bit and you win. Really, you do!
If they care about portability, they should revert this change.

ps: I'm only replying to this because it arrived before I added you to
my killfile. Expect no further replies from me.

William


---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Sat Feb 10 2018 - 08:31:26 GMT