Bugzilla – Attachment 3462 Details for
Bug 3238
Fix openssl-3.0 regression: fix dhgex for non-GCM ciphers
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
v2
0001-compat-fix-dhgex-for-non-GCM-ciphers-for-OpenSSL-3.0.patch (text/plain), 5.77 KB, created by
Marc Kleine-Budde
on 2020-12-10 00:48:00 AEDT
(
hide
)
Description:
v2
Filename:
MIME Type:
Creator:
Marc Kleine-Budde
Created:
2020-12-10 00:48:00 AEDT
Size:
5.77 KB
patch
obsolete
>From: Marc Kleine-Budde <mkl@pengutronix.de> >Date: Tue, 8 Dec 2020 12:19:43 +0100 >Subject: [PATCH] compat: fix dhgex for non-GCM ciphers for OpenSSL 3.0 alpha > >During OpenSSL 3.0 development since OpenSSL commits: > >| 718b133a5328 Implement AES CBC ciphers in the default provider >| 819a7ae9fc77 Implement AES CTR ciphers in the default provider > >the dhgex tests ("make t-exec LTESTS=dhgex") are failing. > >OpenSSH needs the "current" IV state, which is aquired with the accessor >function EVP_CIPHER_CTX_get_iv(). The libressl compat layer uses >EVP_CIPHER_CTX_iv() to implement EVP_CIPHER_CTX_get_iv(), see: > >| 482d23bcacdd upstream: hold our collective noses and use the openssl-1.1.x API in >| 48f54b9d12c1 adapt -portable to OpenSSL 1.1x API > >Duing OpenSSL 3.0 development EVP_CIPHER_CTX_iv() was deprecated, and later >OpenSSL re-added the functionality: EVP_CIPHER_CTX_get_iv() and >EVP_CIPHER_CTX_get_iv_state() were introduced. However, >EVP_CIPHER_CTX_get_iv() returns the original IV, while >EVP_CIPHER_CTX_get_iv_state() returns the current IV. See openssl PR #12233 for >additional discussion. > >This is a API clash, since OpenSSH expects EVP_CIPHER_CTX_get_iv() to return >the running IV. See OpenSSL issue #13411 for an ongoing discussion on how to >fix the problem, by renaming the functions. > >This patch works around the problem in the libressl compat layer, by providing >a EVP_CIPHER_CTX_get_iv() function, that calls EVP_CIPHER_CTX_get_iv_state(), >only if EVP_CIPHER_CTX_get_iv_state() is available. This internal >EVP_CIPHER_CTX_get_iv() will be used by OpenSSH instead of the >EVP_CIPHER_CTX_get_iv() provided by OpenSSL-3.0. > >The latest changes in OpenSSL 3.0 in combination with this patch fixes the >non-GCM ciphers. All but the chacha20-poly1305 test are working again: > >| dhgex bits 3072 diffie-hellman-group-exchange-sha1 3des-cbc >| dhgex bits 3072 diffie-hellman-group-exchange-sha256 3des-cbc >| dhgex bits 3072 diffie-hellman-group-exchange-sha1 aes128-cbc >| dhgex bits 3072 diffie-hellman-group-exchange-sha256 aes128-cbc >| dhgex bits 3072 diffie-hellman-group-exchange-sha1 aes128-ctr >| dhgex bits 3072 diffie-hellman-group-exchange-sha256 aes128-ctr >| dhgex bits 3072 diffie-hellman-group-exchange-sha1 aes128-gcm@openssh.com >| dhgex bits 3072 diffie-hellman-group-exchange-sha256 aes128-gcm@openssh.com >| dhgex bits 7680 diffie-hellman-group-exchange-sha1 aes192-cbc >| dhgex bits 7680 diffie-hellman-group-exchange-sha256 aes192-cbc >| dhgex bits 7680 diffie-hellman-group-exchange-sha1 aes192-ctr >| dhgex bits 7680 diffie-hellman-group-exchange-sha256 aes192-ctr >| dhgex bits 8192 diffie-hellman-group-exchange-sha1 aes256-cbc >| dhgex bits 8192 diffie-hellman-group-exchange-sha256 aes256-cbc >| dhgex bits 8192 diffie-hellman-group-exchange-sha1 aes256-ctr >| dhgex bits 8192 diffie-hellman-group-exchange-sha256 aes256-ctr >| dhgex bits 8192 diffie-hellman-group-exchange-sha1 aes256-gcm@openssh.com >| dhgex bits 8192 diffie-hellman-group-exchange-sha256 aes256-gcm@openssh.com >| dhgex bits 8192 diffie-hellman-group-exchange-sha1 rijndael-cbc@lysator.liu.se >| dhgex bits 8192 diffie-hellman-group-exchange-sha256 rijndael-cbc@lysator.liu.se >| dhgex bits 8192 diffie-hellman-group-exchange-sha1 chacha20-poly1305@openssh.com >| ssh failed () >| dhgex bits 8192 diffie-hellman-group-exchange-sha256 chacha20-poly1305@openssh.com >| ssh failed () > >Cc: Thomas Dwyer III <tomiii@tomiii.com> >Link: https://www.spinics.net/lists/openssh-unix-dev/msg06860.html >Link: https://github.com/openssl/openssl/pull/12233 >Link: https://github.com/openssl/openssl/issues/13411 >Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de> >--- > configure.ac | 5 +++++ > openbsd-compat/libressl-api-compat.c | 12 ++++++++++-- > openbsd-compat/openssl-compat.h | 2 +- > 3 files changed, 16 insertions(+), 3 deletions(-) > >diff --git a/configure.ac b/configure.ac >index 7005a503e022..87ada5679f19 100644 >--- a/configure.ac >+++ b/configure.ac >@@ -2898,6 +2898,11 @@ if test "x$openssl" = "xyes" ; then > EVP_chacha20 \ > ]) > >+ # OpenSSL 3.x API >+ AC_CHECK_FUNCS([ \ >+ EVP_CIPHER_CTX_get_iv_state \ >+ ]) >+ > if test "x$openssl_engine" = "xyes" ; then > AC_MSG_CHECKING([for OpenSSL ENGINE support]) > AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ >diff --git a/openbsd-compat/libressl-api-compat.c b/openbsd-compat/libressl-api-compat.c >index ae00ff593b7e..c4405a903299 100644 >--- a/openbsd-compat/libressl-api-compat.c >+++ b/openbsd-compat/libressl-api-compat.c >@@ -334,7 +334,7 @@ RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) > } > #endif /* HAVE_RSA_SET0_FACTORS */ > >-#ifndef HAVE_EVP_CIPHER_CTX_GET_IV >+#if !defined(HAVE_EVP_CIPHER_CTX_GET_IV) && !defined(HAVE_EVP_CIPHER_CTX_GET_IV_STATE) > int > EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, unsigned char *iv, size_t len) > { >@@ -361,7 +361,15 @@ EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, unsigned char *iv, size_t len) > } > return 1; > } >-#endif /* HAVE_EVP_CIPHER_CTX_GET_IV */ >+#endif /* !HAVE_EVP_CIPHER_CTX_GET_IV && !HAVE_EVP_CIPHER_CTX_GET_IV_STATE */ >+ >+#ifdef HAVE_EVP_CIPHER_CTX_GET_IV_STATE >+int >+EVP_CIPHER_CTX_get_iv(EVP_CIPHER_CTX *ctx, void *iv, size_t len) >+{ >+ return EVP_CIPHER_CTX_get_iv_state(ctx, iv, len); >+} >+#endif /* HAVE_EVP_CIPHER_CTX_GET_IV_STATE*/ > > #ifndef HAVE_EVP_CIPHER_CTX_SET_IV > int >diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h >index 388ae8aa0077..df10d56b00e0 100644 >--- a/openbsd-compat/openssl-compat.h >+++ b/openbsd-compat/openssl-compat.h >@@ -112,7 +112,7 @@ void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, > int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key); > #endif /* HAVE_DSA_SET0_KEY */ > >-#ifndef HAVE_EVP_CIPHER_CTX_GET_IV >+#if !defined(HAVE_EVP_CIPHER_CTX_GET_IV) && !defined(HAVE_EVP_CIPHER_CTX_GET_IV_STATE) > int EVP_CIPHER_CTX_get_iv(const EVP_CIPHER_CTX *ctx, > unsigned char *iv, size_t len); > #endif /* HAVE_EVP_CIPHER_CTX_GET_IV */
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3462">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 3238
:
3461
|
3462
|
3473