Bug 1166614 - Enhance OpenSSL to discover alternative trust chains, ignoring unnecessary intermediates sent in TLS server handshakes
Summary: Enhance OpenSSL to discover alternative trust chains, ignoring unnecessary in...
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: openssl
Version: 22
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-11-21 11:15 UTC by Kai Engert (:kaie) (inactive account)
Modified: 2015-05-10 23:37 UTC (History)
6 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2015-05-10 23:37:34 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Bugzilla 1142137 None None None Never

Internal Trackers: 1142137

Description Kai Engert (:kaie) (inactive account) 2014-11-21 11:15:54 UTC
At the time of filing this bug report, when constructing a chain to a trusted root CA certificate, OpenSSL will strictly insist on using the full set of intermediate CA certificates sent by the TLS server during the TLS handshake.

This implementation fails to work with server configurations, where the topmost intermediate CA points to a legacy CA certificate, once it gets removed from the CA trust store.

OpenSSL should attempt to find an alternative trust chain, starting with one of the "middle" intermediate CA certificate.

This strategy is being used by CAs to allow a transition to newer root CA certificates.

This should be an upstream enhancement. This bug is intended to act for tracking such enhancements in the OpenSSL project. At the time this enhancement gets implemented by OpenSSL and provided in Fedora, it could become possible to remove legacy CA certificates from the ca-certificates package.

Comment 1 Tomas Mraz 2014-11-21 12:45:18 UTC
Kai, will you fill the upstream ticket through the rt@openssl.org issue tracker, or should I do that myself?

Comment 2 Kai Engert (:kaie) (inactive account) 2014-11-21 16:23:17 UTC
I will file the upstream ticket very soon (probably Monday).

Comment 3 Kai Engert (:kaie) (inactive account) 2014-12-05 15:49:32 UTC
openssl upstream ticket:
http://rt.openssl.org/Ticket/Display.html?id=3621

Comment 4 Kai Engert (:kaie) (inactive account) 2014-12-17 21:41:49 UTC
(In reply to Kai Engert (:kaie) from comment #3)
> openssl upstream ticket:
> http://rt.openssl.org/Ticket/Display.html?id=3621

The above link only works when logged in, so better use the following link for reading the ticket:

http://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3621

Comment 6 Jaroslav Reznik 2015-03-03 16:31:48 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle.
Changing version to '22'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22

Comment 7 Kai Engert (:kaie) (inactive account) 2015-03-17 10:01:53 UTC
Tomas:

Can we upgrade Fedora 22 to OpenSSL 1.0.2 ?

The upstream patches to the verification code apply without conflicts on the OpenSSL 1.0.2 stable branch, and the test stream still completes.

Could we add this enhancement to Fedora 22 ?

Comment 8 Kai Engert (:kaie) (inactive account) 2015-03-17 10:05:09 UTC
(In reply to Kai Engert (:kaie) from comment #7)
> the test stream still completes.

the test "SUITE"

Comment 9 Tomas Mraz 2015-03-17 10:39:18 UTC
I don't think we will update openssl to 1.0.2 on F22. We might backport the patches though.

Comment 10 Kai Engert (:kaie) (inactive account) 2015-03-17 10:51:02 UTC
It seems difficult to merge the patches to 1.0.1

I've tried, and while I initially succeeded, the test suite had failed. The parts of the test suite that returned certificate verification results returned different error reasons than expected.

I'm worried that merging to 1.0.1 would require to backport many additional patches to the 1.0.1 branch from the last 2-3 years.

Comment 11 Tomas Mraz 2015-03-17 11:03:00 UTC
I'll investigate first what the needed additional backported changes would be. Only if they would be too intrusive I would reconsider the update to 1.0.2.

Comment 12 Kai Engert (:kaie) (inactive account) 2015-04-16 15:08:35 UTC
(In reply to Tomas Mraz from comment #11)
> I'll investigate first what the needed additional backported changes would
> be. Only if they would be too intrusive I would reconsider the update to
> 1.0.2.

Have you been able to investigate yet?

Comment 13 Tomas Mraz 2015-04-16 15:53:26 UTC
I'm currently working on 1.0.2 rebase in rawhide. After that I want to look at this backport.

Comment 14 Kai Engert (:kaie) (inactive account) 2015-04-16 16:12:24 UTC
Great, thanks for the update!

Comment 15 Kai Engert (:kaie) (inactive account) 2015-04-21 10:38:35 UTC
I've been told that openssl merged the feature into the 1.0.2 branch.
See the commits from April 20:
https://github.com/openssl/openssl/commits/OpenSSL_1_0_2-stable

Comment 16 Fedora Update System 2015-04-30 15:09:07 UTC
openssl-1.0.1k-8.fc22 has been submitted as an update for Fedora 22.
https://admin.fedoraproject.org/updates/openssl-1.0.1k-8.fc22

Comment 17 Fedora Update System 2015-05-01 16:40:13 UTC
Package openssl-1.0.1k-8.fc22:
* should fix your issue,
* was pushed to the Fedora 22 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing openssl-1.0.1k-8.fc22'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2015-7304/openssl-1.0.1k-8.fc22
then log in and leave karma (feedback).

Comment 18 Fedora Update System 2015-05-10 23:37:34 UTC
openssl-1.0.1k-8.fc22 has been pushed to the Fedora 22 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.