[PATCH] ssl: SSL_get0_verified_chain is available for LibreSSL >= 3.3.6
Maxim Dounin
mdounin at mdounin.ru
Tue Dec 19 08:58:02 UTC 2023
Hello!
On Tue, Dec 19, 2023 at 02:09:10AM +0400, Sergey Kandaurov wrote:
> > On 24 Nov 2023, at 00:29, Ilya Shipitsin <chipitsine at gmail.com> wrote:
> >
> > # HG changeset patch
> > # User Ilya Shipitsin <chipitsine at gmail.com>
> > # Date 1700769135 -3600
> > # Thu Nov 23 20:52:15 2023 +0100
> > # Node ID 2001e73ce136d5bfc9bde27d338865b14b8ad436
> > # Parent 7ec761f0365f418511e30b82e9adf80bc56681df
> > ssl: SSL_get0_verified_chain is available for LibreSSL >= 3.3.6
>
> style: SSL prefix should be uppercase.
>
> >
> > diff -r 7ec761f0365f -r 2001e73ce136 src/event/ngx_event_openssl_stapling.c
> > --- a/src/event/ngx_event_openssl_stapling.c Thu Oct 26 23:35:09 2023 +0300
> > +++ b/src/event/ngx_event_openssl_stapling.c Thu Nov 23 20:52:15 2023 +0100
> > @@ -893,7 +893,8 @@
> > ocsp->cert_status = V_OCSP_CERTSTATUS_GOOD;
> > ocsp->conf = ocf;
> >
> > -#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER)
> > +/* minimum OpenSSL 1.1.1 & LibreSSL 3.3.6 */
> > +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER) || (defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER >= 0x3030600L))
> >
> > ocsp->certs = SSL_get0_verified_chain(c->ssl->connection);
> >
>
> Testing "defined(LIBRESSL_VERSION_NUMBER)" is superfluous.
> The macro test suffers from a very long line.
>
> The correct version test seems to be against LibreSSL 3.5.0, see
> https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.0-relnotes.txt
>
> So, the resulting change would be as follows:
>
> diff --git a/src/event/ngx_event_openssl_stapling.c b/src/event/ngx_event_openssl_stapling.c
> --- a/src/event/ngx_event_openssl_stapling.c
> +++ b/src/event/ngx_event_openssl_stapling.c
> @@ -893,7 +893,9 @@ ngx_ssl_ocsp_validate(ngx_connection_t *
> ocsp->cert_status = V_OCSP_CERTSTATUS_GOOD;
> ocsp->conf = ocf;
>
> -#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER)
> +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L \
> + && !defined LIBRESSL_VERSION_NUMBER) \
> + || LIBRESSL_VERSION_NUMBER >= 0x3050000fL
Rather,
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L \
+ && (!defined LIBRESSL_VERSION_NUMBER \
+ || LIBRESSL_VERSION_NUMBER >= 0x3050000fL))
>
> ocsp->certs = SSL_get0_verified_chain(c->ssl->connection);
>
>
> On the other hand, I don't like the resulting style mudness.
> It may have sense just to drop old LibreSSL versions support:
> maintaining one or two most recent stable branches should be enough.
+1 on this.
We certainly don't want to maintain support for ancient LibreSSL
versions. IMO, just two branches is more than enough (and this is
what I use in my testing, which usually means latest development
release and latest stable release).
At most, this probably can be three branches - which seems to
match LibreSSL support policy,
https://www.libressl.org/releases.html:
: LibreSSL transitions to a new stable release branch every 6 months
: in coordination with the OpenBSD development schedule. LibreSSL
: stable branches are updated for 1 year after their corresponding
: OpenBSD branch is tagged for release. See below for the current
: stable release branches.
In either case, LibreSSL versions below 3.5.0 are already not
supported. If I understand correctly, right now the oldest
supported branch is 3.7.x.
> But anyway, I don't see an obvious win over the existing code:
> the certificate chain is reconstructed if SSL_get0_verified_chain()
> is (detected to be) not present, which should be fine in most cases.
>
> That said, it doesn't seem to deserve introducing 3-line macro test,
> or (see OTOH note) breaking old LibreSSL support for no apparent reason.
Reconstruction of the chain implies verification of signatures
along the chain and can be costly. As such, it certainly would be
better to use SSL_get0_verified_chain() as long as it is
available.
Also, removing the "!defined LIBRESSL_VERSION_NUMBER" check might
be seen as positive even without any additional benefits.
Along with that, however, we might want to adjust the
LIBRESSL_VERSION_NUMBER check in the ngx_event_openssl.h file, so
OPENSSL_VERSION_NUMBER is set to a better value for old LibreSSL
versions - for example, to only set OPENSSL_VERSION_NUMBER to
0x1010000fL for LibreSSL 3.5.0 or above. This might allow to
preserve limited compatibility with ancient LibreSSL versions
without additional efforts (not tested though).
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx-devel
mailing list