Bug 1614884 - Tests fail with OpenSSL 1.1.1
Summary: Tests fail with OpenSSL 1.1.1
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: perl-Net-SSLeay
Version: 29
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Petr Pisar
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On: 1615098
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-08-10 15:34 UTC by Petr Pisar
Modified: 2018-08-17 11:38 UTC (History)
6 users (show)

Fixed In Version: perl-Net-SSLeay-1.85-7.fc29
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-08-13 13:49:06 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)
Fix for t/local/09_ctx_new.t (2.40 KB, patch)
2018-08-13 10:41 UTC, Petr Pisar
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
CPAN 125218 0 None None None 2018-08-10 15:34:26 UTC
Red Hat Bugzilla 1615285 0 unspecified CLOSED openssl-1.1.1-0.pre8.2.fc29 breaks two-way shutdown in TLSv1.3 2021-02-22 00:41:40 UTC

Internal Links: 1615285

Description Petr Pisar 2018-08-10 15:34:27 UTC
perl-Net-SSLeay-1.85-3.fc29 does not pass tests in Fedora 29 because of:

(1) Changes in OpenSSL 1.1.1. See <https://rt.cpan.org/Ticket/Display.html?id=125218>. I've just finished a fix the passes with openssl-1.1.1-0.pre8.fc29.
 
(2) Fedora changes added to openssl-1:1.1.1-0.pre8.2.fc29:

#   Failed test 'TLS_method CTX has automatic minimum version'
#   at t/local/09_ctx_new.t line 114.
#          got: '769'
#     expected: '0'

#   Failed test 'SSL from TLS_method CTX has automatic minimum version'
#   at t/local/09_ctx_new.t line 119.
#          got: '769'
#     expected: '0'
# Looks like you failed 2 tests of 40.
t/local/09_ctx_new.t ................... Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/40 subtests

These can be adjusted or disabled because Fedora system-wide crypto policy sets minimum version to 769 aka 0x0301 aka TLS1_VERSION. Thus SSL_CTX_get_min_proto_version() from the library reports a non-default minimum version (!= 0) is set.

t/local/64_ticket_sharing.t ............ failed to use cert file t/data/cert.pem,t/data/key.pem at t/local/64_ticket_sharing.t line 184.
# Looks like your test exited with 255 before it could output anything.
t/local/64_ticket_sharing.t ............ Dubious, test returned 255 (wstat 65280, 0xff00)
Failed 15/15 subtests

The t/data/cert.pem certificate is 1024b RSA key with SHA1 hash. The test uses the certificate together with SSL_CTX_set_cipher_list('AES128-SHA'). I don't understand if it passes F29's crypto policy in /etc/crypto-policies/back-ends/openssl*:

CipherString = @SECLEVEL=1:kEECDH:kRSA:kEDH:-aDSS:!EXP:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:!SSLv2:!ADH
Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256
MinProtocol = TLSv1
@SECLEVEL=1:kEECDH:kRSA:kEDH:-aDSS:!EXP:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:!SSLv2:!ADH

tmraz, could not enlighten us about the SSL_CTX_set_cipher_list('AES128-SHA') and F29 DEFAULT policy?

Comment 1 Petr Pisar 2018-08-13 10:41:07 UTC
Created attachment 1475544 [details]
Fix for t/local/09_ctx_new.t

Comment 2 Nikos Mavrogiannopoulos 2018-08-13 11:21:32 UTC
The cipher AES128-SHA should be allowed by the policy. Could the failure be related to something else e.g., due to @SECLEVEL=1 (RSA or DH parameters < 2048 bits?)

Comment 3 Tomas Mraz 2018-08-13 12:07:42 UTC
@SECLEVEL=1 should allow 1024 bit RSA keys and it is also the default seclevel anyway. So this should not be the cause.

Does the test pass if you override the policy with setting these environment variables
OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file
- this will override the PROFILE=SYSTEM cipherstring policy

and
OPENSSL_CONF=''

- this will override loading the default OpenSSL config file which is
now also used to set the ciphers and minimum TLS version.

In general overriding the default policy for the build tests makes sense as the tests do not care about the system policy.

Comment 4 Petr Pisar 2018-08-13 12:22:37 UTC
Setting OPENSSL_CONF='' helps. OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file does not help.

It's triggered by "MinProtocol = TLSv1" line when calling SSL_CTX_use_PrivateKey_file() on a SSL_CTX created with SSL_CTX_new_with_method(TLSv1_method()). If I use SSLv23_method() or remove the "MinProtocol = TLSv1" line, it will pass.

But that's strange because similar code is used in different tests that work. I will have to isolate the code to see what happens exactly.

Comment 5 Petr Pisar 2018-08-13 13:01:35 UTC
The t/local/64_ticket_sharing.t Perl test checks SSL_CTX_use_PrivateKey_file() failure by traversing error queue with ERR_get_error() instead of checking SSL_CTX_use_PrivateKey_file() return value first. It reports "error:14187180:SSL routines:ssl_do_config:bad value". This seems to be openssl bug #1615098.

Comment 6 Petr Pisar 2018-08-13 13:05:51 UTC
(In reply to Petr Pisar from comment #5)
> The t/local/64_ticket_sharing.t Perl test checks
> SSL_CTX_use_PrivateKey_file() failure by traversing error queue with
> ERR_get_error() instead of checking SSL_CTX_use_PrivateKey_file() return
> value first. It reports "error:14187180:SSL routines:ssl_do_config:bad
> value". This seems to be openssl bug #1615098.

Upgrade to openssl-1.1.1-0.pre8.3.fc29 fixed it.

Comment 7 Petr Pisar 2018-08-13 13:11:02 UTC
Paul, I will push the patches to Fedora 29 if you don't mind.

Later we (or upstream) should come with a proper OpenSSL 1.1.1 support like adding TLSv1.3 constants or using TLS_method() instead of deprecated SSv23_method() in Net::SSLeay::CTX_new().

Comment 8 Paul Howarth 2018-08-13 13:13:14 UTC
Petr, please go ahead; I'm just back from vacation and catching up with things.


Note You need to log in before you can comment on or make changes to this bug.