On 30/04/18 05:41 PM, Matt Caswell wrote:
On 30/04/18 21:55, Dennis Clarke wrote:
On 30/04/18 03:48 PM, Salz, Rich via openssl-users wrote:
I think that makes a very strong argument that TLS 1.3 should be
enabled by default if it all possible.
Question would be "why would it not be?"
TLSv1.3 behaves differently to TLSv1.2. Applications written with
TLSv1.2 in mind might not work as expected when TLSv1.3 is negotiated.
Some of the issues that might be encountered are here:
https://wiki.openssl.org/index.php/TLS1.3
We have already seen a handful of issues. For example in this one an
application has implemented a PSK callback. Due to the way PSK works in
TLSv1.3 the callback can get called earlier in the process than in
TLSv1.2. Suddenly in the presence of TLSv1.3 this particular application
callback has started to crash (we don't know why yet):
https://github.com/openssl/openssl/issues/6110
I'm having no joy with apache 2.4.33 which just tossed a sigILL :
Reading mod_ssl.so
t@1 (l@1) program terminated by signal ILL (illegal opcode)
0xffffffff70d97320: TLSv1_2_enc_data : .word 0xffffffff
Current function is ssl_init_ctx_protocol
613 ctx = SSL_CTX_new(method);
(dbx) where
current thread: t@1
[1] 0xffffffff70d97320(0x1002dc9d0, 0x0, 0x0, 0xfffffffffffffff8,
0x0, 0x1002dccf8), at 0xffffffff70d97320
[2] SSL_CTX_new(0xffffffff70d942b8, 0x1002dc9d0, 0x3b40, 0x2,
0xffffffff742619fc, 0xffffffff74367460), at 0xffffffff7424bc00
=>[3] ssl_init_ctx_protocol(s = 0x10026ddc0, p = 0x1001f8a68, ptemp =
0x100228c68, mctx = 0x1002be698), line 613 in "ssl_engine_init.c"
[4] ssl_init_ctx(s = 0x10026ddc0, p = 0x1001f8a68, ptemp =
0x100228c68, mctx = 0x1002be698), line 1076 in "ssl_engine_init.c"
[5] ssl_init_server_ctx(s = 0x10026ddc0, p = 0x1001f8a68, ptemp =
0x100228c68, sc = 0x1002be658, pphrases = 0x1002b51a0), line 1740 in
"ssl_engine_init.c"
[6] ssl_init_ConfigureServer(s = 0x10026ddc0, p = 0x1001f8a68, ptemp
= 0x100228c68, sc = 0x1002be658, pphrases = 0x1002b51a0), line 1842 in
"ssl_engine_init.c"
[7] ssl_init_Module(p = 0x1001f8a68, plog = 0x100226c58, ptemp =
0x100228c68, base_server = 0x10022ac78), line 369 in "ssl_engine_init.c"
[8] ap_run_post_config(pconf = 0x1001f8a68, plog = 0x100226c58, ptemp
= 0x100228c68, s = 0x10022ac78), at 0x10007d094
[9] main(argc = 3, argv = 0xffffffff7ffff6d8), line 739 in "main.c"
(dbx) list
613 ctx = SSL_CTX_new(method);
614
615 mctx->ssl_ctx = ctx;
616
617 SSL_CTX_set_options(ctx, SSL_OP_ALL);
618
619 #if OPENSSL_VERSION_NUMBER < 0x10100000L
620 /* always disable SSLv2, as per RFC 6176 */
621 SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
622
(dbx)
I'm digging around in there now ...
(dbx) listi 612, 613
612 #endif
613 ctx = SSL_CTX_new(method);
0xffffffff6e689b60: ssl_init_ctx_protocol+0x0330: ldx [%fp +
1991], %o0
0xffffffff6e689b64: ssl_init_ctx_protocol+0x0334: call
_PROCEDURE_LINKAGE_TABLE_+0x1160 [PLT] ! 0xffffffff6e9afa60
0xffffffff6e689b68: ssl_init_ctx_protocol+0x0338: nop
0xffffffff6e689b6c: ssl_init_ctx_protocol+0x033c: mov %o0, %o1
0xffffffff6e689b70: ssl_init_ctx_protocol+0x0340: stx %o1,
[%fp + 1999]
(dbx) print method
method = 0xffffffff70d942b8
(dbx) x 0xffffffff70d942b8/8x
0xffffffff70d942b8: DTLSv1_2_enc_data+0x0400: 0x0001 0x0000 0x0000
0x0000 0x0000 0x0000 0x0000 0x0000
(dbx)
(dbx) x 0xffffffff6e9afa60/16x
0xffffffff6e9afa60: _PROCEDURE_LINKAGE_TABLE_+0x1160 [PLT]: 0x0100
0x0000 0x0b22 0xf6d1 0x8239 0x60bf 0x81c0 0x6000
0xffffffff6e9afa70: _PROCEDURE_LINKAGE_TABLE_+0x1170 [PLT]: 0x0100
0x0000 0x0100 0x0000 0x0100 0x0000 0x0100 0x0000
(dbx)
no idea why an illegal opcode slipped into the mix here but I may revert
back to 1.1.0h and do a sanity check, run httpd inside the debugger or
at least the foregorund and then try 1.1.1-pre5 again. I don't want to
have to unwind frames here and try to figure out why that call was sick.
oodles of fun.
dc
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
