On Thu, May 19 2022, Ævar Arnfjörð Bjarmason wrote: > On Fri, Apr 22 2022, Junio C Hamano wrote: > >> Ævar Arnfjörð Bjarmason <avarab@xxxxxxxxx> writes: >> >>> I wasn't able to find any on-list references to it being intentional, >>> but it appears that while we made the sha1collisiondetection variant >>> of SHA-1 the default in early 2017 we've never updated the OSX builds >>> to do likewise. >>> >>> I don't know what various git packages for OSX to, but our vanilla OSX >>> distribution definitely uses Apple Common Crypto, and won't detect the >>> https://shattered.io attack. >>> >>> This series changes that, and while doing so in 2/5 updates our >>> documentation and Makefile interface for the SHA-1 selection. Our >>> INSTALL file was still claiming we used OpenSSL's SHA-1 by default. >>> >>> Then since we'd made sha1collisiondetection the default we hadn't >>> changed the code's default fallback to be that, it was still >>> block-sha1. Now our fallback behavior is "error" instead, which makes >>> it less likely that we'll get some foot-gun like the "OSX not using >>> sha1collisiondetection" again. >>> >>> The 4/5 and 5/5 then remove the PPC_SHA1 implementation. I submitted >>> this before as [1], and the range-diff is to that submission (it >>> wasn't picked up). I think it makes sense as part of this general >>> SHA-1 cleanup. >> >> Thanks for this effort. >> >> I'd like to see somebody with "building Git for distributing to >> macOS" background to comment (I am assuming that the mailing list >> git-packagers@xxxxxxxxxxxxxxxx is the way to reach them). > > *Bump* in case anyone there would like to chime on this bit of OSX > portability. > > I also sent an off-list E-Mail to Tim Harper today, and addresses which > I gather (from some old git-security@ traffic) are involved in packaging > the Apple Git shipped with OSX itself. > > In the meantime do you mind if this topic were queued up? If there are > any lingering portability concerns getting it into CI and exposed to > anyone else building on OSX would be a good thing. > > I don't see any reason for why we'd decide that OSX out of all our > supported platforms should be the only one where we're not mitigating > the SHAttered attack (and similar future attacks) by default. > > So aside from any finer details of OSX portability the direction here of > building with sha1collisiondetection by default on OSX by default seems > like a safe bet, just as we do on the rest of our (checks out > config.mak.uname) 20+ supported platforms (per `uname -s`). Update: I didn't get a reply from Tim or the people I E-Mailed @apple.com a week ago. Junio: I still think it makes sense to just queue this anyway & finally get the OSX build to use the SHAttered mitigation sha1collisiondetection gives us by default.
