Mail archive
alpine-devel

Re: [alpine-devel] Proposed change: openssl 1.1 as default system openssl implementation

From: Kevin Chadwick <m8il1ists_at_gmail.com>
Date: Mon, 12 Feb 2018 10:36:20 +0000

On Sat, 10 Feb 2018 19:04:04 -0600

>
> Then they changed it later to use the clamp mechanism which makes it
> accept any time_t overflow as valid, which is a completely unsafe hack
> done for RFC 5280 conformance on 32-bit systems. As it stands, I am
> inclined to revert that hack in our libressl packages because it is
> worse than simply failing to validate: it means somebody can make a
> fake CA root certificate and gets some bytes to play with since your
> system won't correctly validate it when you install it by mistake.
>
> What you do instead is what OpenSSL did: you convert the system time
> into a format that is Y2038 safe and you do your validity checks in
> that format. TAI64N being a safe format for this, for example.[2]
>

Why would you revert it before raising it with them. I haven't the time
to write this mail or follow the code properly and didn't even find goto
out, but it appears it may still fail for completely broken systems. IF
there is a practical security issue then you have a DUTY to raise it no
matter how few systems it affects!

Perhaps it is only done for RFC compliance and this corner case is
deemed as too much work where Linux should be doing things right but
atleast you tried to upstream it. Perhaps these systems are seen as
being dangeorous to deploy in any case for any important task and so
supporting it is the wrong thing (aiding deployers) as their software
could do unpredictable things with a broken OS. It would be better to
know!
 
> >
> > Atleast you did enter some discussion and William might have learnt
> > that passing imsgs can be more secure and protect the keys!
>
> I have been isolating TLS code for over a decade. I did not learn
> anything from you, other than that you're an arrogant prat.
>

I guess you missed the point

>> Alpine has been using privilege separation for years where possible
>> regardless of using LibreSSL or not. Privilege separation would not
>> have prevented Heartbleed, as the unprivileged process would still
>> require a copy of the X509 objects in order to perform cryptographic
>> operations.

> Cool, glad to hear it. My faith in Alpine is restored somewhat :)

> That depends on the design which is also why I said compilation
> wouldn't cut it.

> http://insanecoding.blogspot.co.uk/2014/05/protecting-private-keys.html
> https://marc.info/?l=openbsd-cvs&m=139879883203226&w=2

The Imsgs used here are not passing keys or sensitive x509 objects!


---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Mon Feb 12 2018 - 10:36:20 GMT