From owner-freebsd-security@FreeBSD.ORG Sun Dec 6 17:56:24 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E5255106566B for ; Sun, 6 Dec 2009 17:56:24 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id A92C48FC16 for ; Sun, 6 Dec 2009 17:56:24 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id 6C2576D41B; Sun, 6 Dec 2009 17:56:23 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id 4384A844F3; Sun, 6 Dec 2009 18:56:23 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Michal References: <200912030930.nB39UdMK037494@freefall.freebsd.org> <4B1AD86F.8090907@infosec.pl> Date: Sun, 06 Dec 2009 18:56:23 +0100 In-Reply-To: <4B1AD86F.8090907@infosec.pl> (Michal's message of "Sat, 05 Dec 2009 22:02:23 +0000") Message-ID: <86r5r8q94o.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Dec 2009 17:56:25 -0000 Michal writes: > Is there a way to reinstall just these libraries or to get them from > the net in a secure manner i.e. signed? # freebsd-update fetch install DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Sun Dec 6 21:56:27 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BF8FE106566B for ; Sun, 6 Dec 2009 21:56:27 +0000 (UTC) (envelope-from ml@infosec.pl) Received: from v027580.home.net.pl (v027580.home.net.pl [89.161.156.148]) by mx1.freebsd.org (Postfix) with SMTP id 07D1E8FC0A for ; Sun, 6 Dec 2009 21:56:26 +0000 (UTC) Received: from localhost (HELO ?192.168.1.66?) (ml.freeside@home@127.0.0.1) by m094.home.net.pl with SMTP; Sun, 6 Dec 2009 21:56:32 -0000 Message-ID: <4B1C287F.5050600@infosec.pl> Date: Sun, 06 Dec 2009 21:56:15 +0000 From: Michal User-Agent: Thunderbird 2.0.0.23 (X11/20091128) MIME-Version: 1.0 CC: freebsd-security@freebsd.org References: <200912030930.nB39UdMK037494@freefall.freebsd.org> <4B1AD86F.8090907@infosec.pl> <86r5r8q94o.fsf@ds4.des.no> In-Reply-To: <86r5r8q94o.fsf@ds4.des.no> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Dec 2009 21:56:27 -0000 Dag-Erling Smørgrav wrote: > Michal writes: >> Is there a way to reinstall just these libraries or to get them from >> the net in a secure manner i.e. signed? > > # freebsd-update fetch install > It is what I was looking for, thank you very much. Michal -- "Power tends to corrupt, and absolute power corrupts absolutely." -John Dalberg-Acton From owner-freebsd-security@FreeBSD.ORG Mon Dec 7 19:37:37 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1CD681065676 for ; Mon, 7 Dec 2009 19:37:37 +0000 (UTC) (envelope-from bla@thera.be) Received: from af.gliwice.pl (afdns.sownet.pl [195.82.188.30]) by mx1.freebsd.org (Postfix) with ESMTP id B4C3E8FC12 for ; Mon, 7 Dec 2009 19:37:36 +0000 (UTC) Received: by af.gliwice.pl (Postfix, from userid 218) id E142A117440; Mon, 7 Dec 2009 20:32:21 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.2.1-gr1 (2007-05-02) on thera.be X-Spam-Level: X-Spam-Status: No, score=-4.3 required=8.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.2.1-gr1 Received: from af.gliwice.pl (localhost [127.0.0.1]) by af.gliwice.pl (Postfix) with ESMTP id 2981F11743C for ; Mon, 7 Dec 2009 20:32:21 +0100 (CET) Received: from localhost (Vorago [192.168.0.2]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by af.gliwice.pl (Postfix) with ESMTPSA id 0E3C5117431 for ; Mon, 7 Dec 2009 20:32:21 +0100 (CET) Date: Mon, 7 Dec 2009 20:19:24 +0100 From: Tomasz bla Fortuna To: freebsd-security@freebsd.org Message-ID: <20091207201924.5d6ef1bf@thera.be> X-Mailer: Claws Mail 3.7.3 (GTK+ 2.18.3; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP Subject: One-time password implementation. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Dec 2009 19:37:37 -0000 Hello, I've read thread that took place on this list in February (http://lists.freebsd.org/pipermail/freebsd-security/2009-February/005132.html) which tries to find a new solution for OTP authentication as current implementation of OPIE is kind of outdated. I'm currently implementing a PAM module using GRC Perfect Paper Passwords algorithm (with small optional changes). It's far from perfect/stable release, yet all its main features work (printing passcards, generating keys, switching flags, labelling passcards, PAM authentication and parts of out-of-bound passcode transmission). Project is hosted here: http://savannah.nongnu.org/projects/otpasswd/ It tries to fix all pitfalls of another existing implementation, namely ppp-pam (http://code.google.com/p/ppp-pam/) which at first I just wanted to fix and use. Things that requires fixing are testcases (there're too little), splitting into a library+utility+pam_module and most probably a little redesign to allow user keys to be stored in /etc instead of their homes which will require SUID utility. I'm curious of your thoughts, if there's any interest and if so - what should be done (and how can you help of course. :P). Licensing issue: It's currently developed under GPL3+, but as I'm currently the only code-author I wouldn't hesitate much to relicense it under BSD if it would make anyone happy (also note that it uses GMP[lgpl3+] as a bignum library, PAM and OpenSSL). System issue: I'm testing it currently using Linux so after program gets a bit stable I would have to finally try it on FreeBSD. Most probably some other interested person can review it and port. I'll be glad to have it working under fbsd so I'll most probably do it myself sometime. Cheers, -- Tomasz bla Fortuna jid: bla(at)af.gliwice.pl pgp: 0x90746E79 @ pgp.mit.edu a6c0*8884 www: http://bla.thera.be From owner-freebsd-security@FreeBSD.ORG Tue Dec 8 00:38:05 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 87BE71065676 for ; Tue, 8 Dec 2009 00:38:05 +0000 (UTC) (envelope-from maf@eng.oar.net) Received: from sv1.eng.oar.net (sv1.eng.oar.net [192.148.251.86]) by mx1.freebsd.org (Postfix) with SMTP id 34DD48FC18 for ; Tue, 8 Dec 2009 00:38:04 +0000 (UTC) Received: (qmail 86831 invoked from network); 8 Dec 2009 00:11:23 -0000 Received: from dev1.eng.oar.net (HELO ?127.0.0.1?) (192.148.251.71) by sv1.eng.oar.net with SMTP; 8 Dec 2009 00:11:23 -0000 Message-Id: <73FE9669-75FD-4E2B-A238-68EAC6AA941B@eng.oar.net> From: Mark Fullmer To: Tomasz bla Fortuna In-Reply-To: <20091207201924.5d6ef1bf@thera.be> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v936) Date: Mon, 7 Dec 2009 19:11:23 -0500 References: <20091207201924.5d6ef1bf@thera.be> X-Mailer: Apple Mail (2.936) Cc: freebsd-security@freebsd.org Subject: Re: One-time password implementation. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2009 00:38:05 -0000 I recently released a BSD licensed smart card based OTP system we've used over the past few years. It uses the OATH HOTP algorithm and includes an OTP library, PAM module, smart card firmware, pin pad reader firmware, associated management utilities and man page documentation. The smart card and reader(s) hardware can be purchased in single quantities and it all works natively with FreeBSD. The HOTP algorithm has gained some momentum with a few vendors now selling hardware tokens which should work with this software. http://www.splintered.net/sw/otp It might be easier to add GRC PPP to this than to start from scratch. -- mark On Dec 7, 2009, at 2:19 PM, Tomasz bla Fortuna wrote: > Hello, > I've read thread that took place on this list in February > (http://lists.freebsd.org/pipermail/freebsd-security/2009-February/005132.html > ) > which tries to find a new solution for OTP authentication as current > implementation of OPIE is kind of outdated. > > I'm currently implementing a PAM module using GRC Perfect Paper > Passwords algorithm (with small optional changes). It's far from > perfect/stable release, yet all its main features work (printing > passcards, generating keys, switching flags, labelling passcards, PAM > authentication and parts of out-of-bound passcode transmission). > > Project is hosted here: > http://savannah.nongnu.org/projects/otpasswd/ > > It tries to fix all pitfalls of another existing implementation, > namely > ppp-pam (http://code.google.com/p/ppp-pam/) which at first I just > wanted to fix and use. > > Things that requires fixing are testcases (there're too little), > splitting into a library+utility+pam_module and most probably a little > redesign to allow user keys to be stored in /etc instead of their > homes > which will require SUID utility. > > I'm curious of your thoughts, if there's any interest and if so - what > should be done (and how can you help of course. :P). > > Licensing issue: > It's currently developed under GPL3+, but as I'm currently the only > code-author I wouldn't hesitate much to relicense it under BSD if it > would make anyone happy (also note that it uses GMP[lgpl3+] as a > bignum > library, PAM and OpenSSL). > > System issue: > I'm testing it currently using Linux so after program gets a bit > stable I would have to finally try it on FreeBSD. Most probably some > other interested person can review it and port. I'll be glad to have > it > working under fbsd so I'll most probably do it myself sometime. > > Cheers, > -- > Tomasz bla Fortuna > jid: bla(at)af.gliwice.pl > pgp: 0x90746E79 @ pgp.mit.edu a6c0*8884 > www: http://bla.thera.be > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org > " > From owner-freebsd-security@FreeBSD.ORG Tue Dec 8 11:21:34 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F049B106568B for ; Tue, 8 Dec 2009 11:21:34 +0000 (UTC) (envelope-from freebsd-security@m.gmane.org) Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) by mx1.freebsd.org (Postfix) with ESMTP id A52188FC12 for ; Tue, 8 Dec 2009 11:21:34 +0000 (UTC) Received: from list by lo.gmane.org with local (Exim 4.50) id 1NHxds-0007S8-Ae for freebsd-security@freebsd.org; Tue, 08 Dec 2009 11:50:04 +0100 Received: from 200.41.broadband11.iol.cz ([90.178.41.200]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 08 Dec 2009 11:50:04 +0100 Received: from gamato by 200.41.broadband11.iol.cz with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 08 Dec 2009 11:50:04 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-security@freebsd.org From: martinko Date: Tue, 08 Dec 2009 01:09:03 +0100 Lines: 15 Message-ID: References: <200912010120.nB11Kjm9087476@freefall.freebsd.org> <200912010522.WAA03022@lariat.net> <200912011724.KAA10851@lariat.net> <200912011909.nB1J9JRM070879@lava.sentex.ca> <200912020145.SAA17523@lariat.net> <200912020150.nB21ossm072930@lava.sentex.ca> <4B1662BB.8000908@gmail.com> <200912021324.nB2DOc58001138@lava.sentex.ca> <20091202090707.f563976d.wmoran@collaborativefusion.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 200.41.broadband11.iol.cz User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.1.18) Gecko/20081125 SeaMonkey/1.1.13 In-Reply-To: <20091202090707.f563976d.wmoran@collaborativefusion.com> Sender: news Subject: Re: Increase in SSH attacks as of announcement of rtld bug X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2009 11:21:35 -0000 Bill Moran wrote: > In response to Mike Tancsa : >> Yes, thats the latest pattern I have been seeing-- distributed, slow >> and coordinated. Here is a sample from one of my honeypots. The >> only way to deal with them I found is to have multiple sensors >> throughout my network and aggregate the data. Otherwise, each IP >> only appears every few hrs in the logs. > > I deal with it by immediately blocking any host that generates an > "invalid user" error. > > Of course, that won't work for everyone :( > and if it's just a typo on user part ? From owner-freebsd-security@FreeBSD.ORG Tue Dec 8 09:12:17 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 941BE106566C for ; Tue, 8 Dec 2009 09:12:17 +0000 (UTC) (envelope-from alexander@leidinger.net) Received: from mail.ebusiness-leidinger.de (mail.ebusiness-leidinger.de [217.11.53.44]) by mx1.freebsd.org (Postfix) with ESMTP id 221128FC0A for ; Tue, 8 Dec 2009 09:12:17 +0000 (UTC) Received: from outgoing.leidinger.net (pD954FBFC.dip.t-dialin.net [217.84.251.252]) by mail.ebusiness-leidinger.de (Postfix) with ESMTPSA id 53BA9844DE0; Tue, 8 Dec 2009 09:54:15 +0100 (CET) Received: from webmail.leidinger.net (webmail.leidinger.net [192.168.1.102]) by outgoing.leidinger.net (Postfix) with ESMTP id AD169AC139; Tue, 8 Dec 2009 09:54:11 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=Leidinger.net; s=outgoing-alex; t=1260262451; bh=pzBFNeGXI9aAV8HN9ovzUHY+RoFi9IFZwxY2v6gmkgQ=; h=Message-ID:Date:From:To:Cc:Subject:References:In-Reply-To: MIME-Version:Content-Type:Content-Transfer-Encoding; b=aDlXzLPAjbIWVwCLz9Ixr2uGxyxOO9Ht7g72tc7I8MXmZpRH30zi6OPn4/Mm5/cd2 rhX+FTn4+v4PLLKc8IeiUbzwOFSDOdDY1hsxAAjMdkvAg+PmITs8Uez4gpMy+vBuXv 3F3zGzhANKCOI7AP05hrc9b3DGoiCEeqBUTSv+ftHPZKmQE5FfKbOueTktb5sD0flx nClTgULnt0zi4igDKwXNa7dDtO+mpN7WWIj60/I6HfNp+wwlZ4br6pnMNGUq2eQw2p eMTF3uPH/qEcjMlS+QuLoBNzOMFSDl9ELLfjdZoi8w2JyRxNSVlB5UoNCSYaIIHi9r VGatVtNxfn3GQ== Received: (from www@localhost) by webmail.leidinger.net (8.14.3/8.13.8/Submit) id nB88sAvN060049; Tue, 8 Dec 2009 09:54:10 +0100 (CET) (envelope-from Alexander@Leidinger.net) Received: from pslux.cec.eu.int (pslux.cec.eu.int [158.169.9.14]) by webmail.leidinger.net (Horde Framework) with HTTP; Tue, 08 Dec 2009 09:54:10 +0100 Message-ID: <20091208095410.68368l6s44h5u9f4@webmail.leidinger.net> X-Priority: 3 (Normal) Date: Tue, 08 Dec 2009 09:54:10 +0100 From: Alexander Leidinger To: Mark Fullmer References: <20091207201924.5d6ef1bf@thera.be> <73FE9669-75FD-4E2B-A238-68EAC6AA941B@eng.oar.net> In-Reply-To: <73FE9669-75FD-4E2B-A238-68EAC6AA941B@eng.oar.net> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.3.5) / FreeBSD-8.0 X-EBL-MailScanner-Information: Please contact the ISP for more information X-EBL-MailScanner-ID: 53BA9844DE0.A94EB X-EBL-MailScanner: Found to be clean X-EBL-MailScanner-SpamCheck: not spam, spamhaus-ZEN, SpamAssassin (not cached, score=-1.44, required 6, autolearn=disabled, ALL_TRUSTED -1.44, DKIM_SIGNED 0.00, DKIM_VERIFIED -0.00) X-EBL-MailScanner-From: alexander@leidinger.net X-EBL-MailScanner-Watermark: 1260867256.17389@ihSfNPR3882JtQ6DSv7xdg X-EBL-Spam-Status: No X-Mailman-Approved-At: Tue, 08 Dec 2009 12:23:28 +0000 Cc: freebsd-security@freebsd.org, Tomasz bla Fortuna Subject: Re: One-time password implementation. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2009 09:12:17 -0000 Quoting Mark Fullmer (from Mon, 7 Dec 2009 19:11:23 -0500): > I recently released a BSD licensed smart card based OTP system we've > used over the past few years. It uses the OATH HOTP algorithm and > includes an OTP library, PAM module, smart card firmware, pin pad > reader firmware, associated management utilities and man page > documentation. The smart card and reader(s) hardware can be > purchased in single quantities and it all works natively with > FreeBSD. The HOTP algorithm has gained some momentum with a few > vendors now selling hardware tokens which should work with this > software. > > http://www.splintered.net/sw/otp > > It might be easier to add GRC PPP to this than to start from scratch. After reading your presentation it seems that your algorithm does not limit the time the user is able to use a specific generated password. Are you interested in an algorithm which does this (requires a more or less synchronisated clock on client and destination sides, some seconds difference does not matter, but some minutes difference does). Yes, this would require a smart card which is able to produce the current time, and I do not know if there is such a card and how much it costs, but there are scenarios where you do not need the additional security of a tamper-resistant smart card and a mobile with a java app would be enough (and this would then allow to have a more or less unlimited amount of different destinations with different passwords on one device). Bye, Alexander. -- What makes us so bitter against people who outwit us is that they think themselves cleverer than we are. http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137 From owner-freebsd-security@FreeBSD.ORG Tue Dec 8 22:01:13 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D19041065672 for ; Tue, 8 Dec 2009 22:01:13 +0000 (UTC) (envelope-from maf@eng.oar.net) Received: from sv1.eng.oar.net (sv1.eng.oar.net [192.148.251.86]) by mx1.freebsd.org (Postfix) with SMTP id 7A6C18FC13 for ; Tue, 8 Dec 2009 22:01:13 +0000 (UTC) Received: (qmail 15647 invoked from network); 8 Dec 2009 22:01:12 -0000 Received: from dev1.eng.oar.net (HELO ?127.0.0.1?) (192.148.251.71) by sv1.eng.oar.net with SMTP; 8 Dec 2009 22:01:12 -0000 From: Mark Fullmer To: Alexander Leidinger In-Reply-To: <20091208095410.68368l6s44h5u9f4@webmail.leidinger.net> X-Priority: 3 (Normal) References: <20091207201924.5d6ef1bf@thera.be> <73FE9669-75FD-4E2B-A238-68EAC6AA941B@eng.oar.net> <20091208095410.68368l6s44h5u9f4@webmail.leidinger.net> Message-Id: Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v936) Date: Tue, 8 Dec 2009 17:01:11 -0500 X-Mailer: Apple Mail (2.936) Cc: freebsd-security@freebsd.org, Tomasz bla Fortuna Subject: Re: One-time password implementation. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2009 22:01:13 -0000 HOTP is defined in rfc4226, it's not my own. There is variant called TOTP which ties the count to a clock. The Spyrus reader has an RTCC which could be used to drive the count. What scenario do you see a time based token having advantage over a loosely synchronized count? otp-control can be used to generate soft tokens for testing, although in its current form this wouldn't work easily for an end user. Adding a HOTP soft token generator with the same functionality as the smart card wouldn't be much work. Keeping to this mailing list, is a HOTP implementation to replace/ augment the existing OPIE package something the FreeBSD security team is interested in? The problems with OPIE brought up in the Feb 2009 thread "OPIE considered insecure" are not present in HOTP. TOTP: http://tools.ietf.org/html/draft-mraihi-totp-timebased-03 HOTP: http://tools.ietf.org/html/rfc4226 -- mark On Dec 8, 2009, at 3:54 AM, Alexander Leidinger wrote: > Quoting Mark Fullmer (from Mon, 7 Dec 2009 > 19:11:23 -0500): > >> I recently released a BSD licensed smart card based OTP system >> we've used over the past few years. It uses the OATH HOTP >> algorithm and includes an OTP library, PAM module, smart card >> firmware, pin pad reader firmware, associated management utilities >> and man page documentation. The smart card and reader(s) hardware >> can be purchased in single quantities and it all works natively >> with FreeBSD. The HOTP algorithm has gained some momentum with a >> few vendors now selling hardware tokens which should work with this >> software. >> >> http://www.splintered.net/sw/otp >> >> It might be easier to add GRC PPP to this than to start from scratch. > > After reading your presentation it seems that your algorithm does > not limit the time the user is able to use a specific generated > password. Are you interested in an algorithm which does this > (requires a more or less synchronisated clock on client and > destination sides, some seconds difference does not matter, but some > minutes difference does). Yes, this would require a smart card which > is able to produce the current time, and I do not know if there is > such a card and how much it costs, but there are scenarios where you > do not need the additional security of a tamper-resistant smart card > and a mobile with a java app would be enough (and this would then > allow to have a more or less unlimited amount of different > destinations with different passwords on one device). > > Bye, > Alexander. > > -- > What makes us so bitter against people who outwit us > is that they think themselves cleverer than we are. > > http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = > B0063FE7 > http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = > 72077137 > From owner-freebsd-security@FreeBSD.ORG Wed Dec 9 11:01:04 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D0E47106566B for ; Wed, 9 Dec 2009 11:01:04 +0000 (UTC) (envelope-from alexander@leidinger.net) Received: from mail.ebusiness-leidinger.de (mail.ebusiness-leidinger.de [217.11.53.44]) by mx1.freebsd.org (Postfix) with ESMTP id 77A2C8FC08 for ; Wed, 9 Dec 2009 11:01:04 +0000 (UTC) Received: from outgoing.leidinger.net (pD9E2FFEE.dip.t-dialin.net [217.226.255.238]) by mail.ebusiness-leidinger.de (Postfix) with ESMTPSA id 4D6778447AB; Wed, 9 Dec 2009 12:00:58 +0100 (CET) Received: from webmail.leidinger.net (webmail.leidinger.net [192.168.1.102]) by outgoing.leidinger.net (Postfix) with ESMTP id CF0A48DD68; Wed, 9 Dec 2009 12:00:54 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=Leidinger.net; s=outgoing-alex; t=1260356455; bh=3c2bWLO0EKG3Y6buXHx+G8JgzXS7uWjSIDkhpbydslQ=; h=Message-ID:Date:From:To:Cc:Subject:References:In-Reply-To: MIME-Version:Content-Type:Content-Transfer-Encoding; b=x2V9++0v9Hq5zo8pLy46EPAdOx2X3b27AnVRVK9z3BnhfAQdLOcJ1fct8fu6JMbLH qd9BO5cmJBYGzArs60d78eR0FymHTiWiTc/MhoNVO2ns6ThnwsY0xX94vaQEgsP/eY pANdfF+t0TJgGhXClTSByEHJaStxY6DnxFzKt5cwpFqhvbbMY4CaX5vKntXCKJmA+e n6ajTIxGN1mjfuO/hA4ThYKeP1uxrFWxVkmnHWZ7X0+vthdIUSTJYPh6H/MObbvS3D bN7qyOj+08GjJl3GxDaKYqkgLm4eEp1kkF1pCcq5BjCYGbXMMHxxf3lzcvQ8b/AcJL r/TxCU7S8bsNQ== Received: (from www@localhost) by webmail.leidinger.net (8.14.3/8.13.8/Submit) id nB9B0rfb020570; Wed, 9 Dec 2009 12:00:53 +0100 (CET) (envelope-from Alexander@Leidinger.net) Received: from pslux.cec.eu.int (pslux.cec.eu.int [158.169.9.14]) by webmail.leidinger.net (Horde Framework) with HTTP; Wed, 09 Dec 2009 12:00:53 +0100 Message-ID: <20091209120053.17563x5e4o354bcw@webmail.leidinger.net> X-Priority: 3 (Normal) Date: Wed, 09 Dec 2009 12:00:53 +0100 From: Alexander Leidinger To: Mark Fullmer References: <20091207201924.5d6ef1bf@thera.be> <73FE9669-75FD-4E2B-A238-68EAC6AA941B@eng.oar.net> <20091208095410.68368l6s44h5u9f4@webmail.leidinger.net> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.3.5) / FreeBSD-8.0 X-EBL-MailScanner-Information: Please contact the ISP for more information X-EBL-MailScanner-ID: 4D6778447AB.959B9 X-EBL-MailScanner: Found to be clean X-EBL-MailScanner-SpamCheck: not spam, spamhaus-ZEN, SpamAssassin (not cached, score=-1.44, required 6, autolearn=disabled, ALL_TRUSTED -1.44, DKIM_SIGNED 0.00, DKIM_VERIFIED -0.00) X-EBL-MailScanner-From: alexander@leidinger.net X-EBL-MailScanner-Watermark: 1260961259.09638@34E2W6XeC/GcTGWhoLbiVA X-EBL-Spam-Status: No X-Mailman-Approved-At: Wed, 09 Dec 2009 12:53:23 +0000 Cc: freebsd-security@freebsd.org, Tomasz bla Fortuna Subject: Re: One-time password implementation. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Dec 2009 11:01:04 -0000 Quoting Mark Fullmer (from Tue, 8 Dec 2009 17:01:11 -0500): > HOTP is defined in rfc4226, it's not my own. There is variant > called TOTP which ties the count to a clock. > > The Spyrus reader has an RTCC which could be used to drive the > count. What scenario do you see a time based token having advantage > over a loosely synchronized count? Situations where the generated passwd is sniffed somehow (e.g. looking over the shoulder) and then the person is tricked in not logging in for a while. Currently he would notice the compromise, but it would be still possible to compromise until the owner of the account wants to login himself. With a time based limit, the attack has to be fast. Bye, Alexander. -- "I never got in on my looks, you know." "You were always better looking than you photographed." -- Johnny Fontane and Virginia, "Chapter 12", page 160 http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137 From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 11:42:54 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B97A106566B for ; Thu, 10 Dec 2009 11:42:54 +0000 (UTC) (envelope-from bc@default.rs) Received: from smtp1.default.rs (anarki.default.rs [87.237.201.134]) by mx1.freebsd.org (Postfix) with ESMTP id CD9808FC12 for ; Thu, 10 Dec 2009 11:42:53 +0000 (UTC) Received: (qmail 20373 invoked by uid 89); 10 Dec 2009 11:16:10 -0000 Received: from bc.sezamhosting.com (HELO ?77.105.36.251?) (bc@default.rs@77.105.36.251) by smtp1.default.rs with AES256-SHA encrypted SMTP; 10 Dec 2009 11:16:10 -0000 Message-ID: <4B20D86B.7080800@default.rs> Date: Thu, 10 Dec 2009 12:15:55 +0100 From: =?UTF-8?B?Qm9nZGFuIMSGdWxpYnJr?= User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: freebsd-security@freebsd.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: wollman@bimajority.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 11:42:54 -0000 > Actually, pretty much anyone who uses client certificates in an > enterprise environment is likely to have a problem with this, which is > why the IETF TLS working group is working on publishing a protocol > fix. It looks like that RFC should be published, at Proposed > Standard, in a few weeks, and most vendors look prepared to release > implementations of the fix immediately thereafter (as soon as the > relevant constants are assigned by IANA). > > -GAWollman This advisory kinda made big problem here in local (things stopped working). I had to do rollback this update because of "session renegotiation" breakage. Is there some workaround to make things work along with this advisory? Maybe switch to ports/security/openssl ? Can anyone comment on this one? Thanks in advance. =bc From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 11:51:09 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6BD591065692 for ; Thu, 10 Dec 2009 11:51:09 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 2E5288FC08 for ; Thu, 10 Dec 2009 11:51:08 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id F23686D41B; Thu, 10 Dec 2009 11:51:07 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id CE55E844F3; Thu, 10 Dec 2009 12:51:07 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Bogdan =?utf-8?Q?=C4=86ulibrk?= References: <4B20D86B.7080800@default.rs> Date: Thu, 10 Dec 2009 12:51:07 +0100 In-Reply-To: <4B20D86B.7080800@default.rs> ("Bogdan =?utf-8?Q?=C4=86ulibrk?= =?utf-8?Q?=22's?= message of "Thu, 10 Dec 2009 12:15:55 +0100") Message-ID: <86my1rm4ic.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-security@freebsd.org, wollman@bimajority.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 11:51:09 -0000 Bogdan =C4=86ulibrk writes: > This advisory kinda made big problem here in local (things stopped > working). I had to do rollback this update because of "session > renegotiation" breakage. That's the whole point, the patch disables session renegotiation because it's fundamentally broken. > Is there some workaround to make things work along with this advisory? You didn't mention *what* stopped working. > Maybe switch to ports/security/openssl ? Won't make any difference. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 12:23:04 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 62A54106566C for ; Thu, 10 Dec 2009 12:23:04 +0000 (UTC) (envelope-from bc@default.rs) Received: from smtp2.default.rs (anarki.default.rs [87.237.201.134]) by mx1.freebsd.org (Postfix) with ESMTP id 9A1618FC15 for ; Thu, 10 Dec 2009 12:23:02 +0000 (UTC) Received: (qmail 22614 invoked by uid 89); 10 Dec 2009 12:23:01 -0000 Received: from bc.sezamhosting.com (HELO ?77.105.36.251?) (bc@default.rs@77.105.36.251) by smtp2.default.rs with AES256-SHA encrypted SMTP; 10 Dec 2009 12:23:01 -0000 Message-ID: <4B20E812.508@default.rs> Date: Thu, 10 Dec 2009 13:22:42 +0100 From: =?UTF-8?B?Qm9nZGFuIMSGdWxpYnJr?= User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: =?UTF-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no> In-Reply-To: <86my1rm4ic.fsf@ds4.des.no> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: freebsd-security@freebsd.org, wollman@bimajority.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 12:23:04 -0000 Dag-Erling Smørgrav wrote: > Bogdan Ćulibrk writes: >> This advisory kinda made big problem here in local (things stopped >> working). I had to do rollback this update because of "session >> renegotiation" breakage. > > That's the whole point, the patch disables session renegotiation because > it's fundamentally broken. > >> Is there some workaround to make things work along with this advisory? > > You didn't mention *what* stopped working. > >> Maybe switch to ports/security/openssl ? > > Won't make any difference. > > DES Hello, basically whole communication between two application relied on using exactly this "funcionality" in openssl. From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 13:03:19 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6DB70106566B for ; Thu, 10 Dec 2009 13:03:19 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 301418FC15 for ; Thu, 10 Dec 2009 13:03:18 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id 2F5F36D41C; Thu, 10 Dec 2009 13:03:18 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id EF538844F3; Thu, 10 Dec 2009 14:03:17 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Bogdan =?utf-8?Q?=C4=86ulibrk?= References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no> <4B20E812.508@default.rs> Date: Thu, 10 Dec 2009 14:03:17 +0100 In-Reply-To: <4B20E812.508@default.rs> ("Bogdan =?utf-8?Q?=C4=86ulibrk=22'?= =?utf-8?Q?s?= message of "Thu, 10 Dec 2009 13:22:42 +0100") Message-ID: <86iqcfm162.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-security@freebsd.org, wollman@bimajority.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 13:03:19 -0000 Bogdan =C4=86ulibrk writes: > basically whole communication between two application relied on using > exactly this "funcionality" in openssl. In that case, the only choice you have is to revert to the previous version... DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 14:13:07 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A12471065672 for ; Thu, 10 Dec 2009 14:13:07 +0000 (UTC) (envelope-from dan@obluda.cz) Received: from smtp1.kolej.mff.cuni.cz (smtp1.kolej.mff.cuni.cz [IPv6:2001:718:1e03:a01::a]) by mx1.freebsd.org (Postfix) with ESMTP id 3A6658FC15 for ; Thu, 10 Dec 2009 14:12:51 +0000 (UTC) X-Envelope-From: dan@obluda.cz Received: from kgw.obluda.cz (openvpn.ms.mff.cuni.cz [195.113.20.87]) by smtp1.kolej.mff.cuni.cz (8.14.3/8.14.3) with ESMTP id nBAECeaT069199 for ; Thu, 10 Dec 2009 15:12:42 +0100 (CET) (envelope-from dan@obluda.cz) Message-ID: <4B2101D8.7010201@obluda.cz> Date: Thu, 10 Dec 2009 15:12:40 +0100 From: Dan Lukes User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.1.23) Gecko/20090908 SeaMonkey/1.1.18 MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no> <4B20E812.508@default.rs> In-Reply-To: <4B20E812.508@default.rs> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 14:13:07 -0000 Bogdan =C4=86ulibrk napsal/wrote, On 12/10/09 13:22: >> That's the whole point, the patch disables session renegotiation becau= se >> it's fundamentally broken. >>=20 >>> Is there some workaround to make things work along with this advisory= ? >>=20 >> You didn't mention *what* stopped working. > basically whole communication between two application relied on using > exactly this "funcionality" in openssl. AFAIK, no. Even after the patch has been installed, my browser is still able to=20 connect to SSL aware HTTP servers. My MUA is still sending/receiving=20 emails over SMTP/SSL and IMAP/SSL ... I'm not saying you have no problem, i'm saying the problem is not as=20 general as you claim. So we need exact description of your problem. Dan From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 14:55:36 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 72644106566B for ; Thu, 10 Dec 2009 14:55:36 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 358088FC1A for ; Thu, 10 Dec 2009 14:55:35 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id 3DC296D41B; Thu, 10 Dec 2009 14:55:35 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id 1CCDB84529; Thu, 10 Dec 2009 15:55:35 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Dan Lukes References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no> <4B20E812.508@default.rs> <4B2101D8.7010201@obluda.cz> Date: Thu, 10 Dec 2009 15:55:35 +0100 In-Reply-To: <4B2101D8.7010201@obluda.cz> (Dan Lukes's message of "Thu, 10 Dec 2009 15:12:40 +0100") Message-ID: <86hbrylvyw.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 14:55:36 -0000 Dan Lukes writes: > Even after the patch has been installed, my browser is still able to > connect to SSL aware HTTP servers. My MUA is still sending/receiving > emails over SMTP/SSL and IMAP/SSL ... Do you use client-side certificates? > I'm not saying you have no problem, i'm saying the problem is not as > general as you claim. So we need exact description of your problem. Language barrier. What he actually meant was "all communication between these two applications that we use relies on session renegotiation" without specifying exactly *which* applications, probably because they're in-house and / or confidential. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 15:07:55 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 02E1D1065694 for ; Thu, 10 Dec 2009 15:07:55 +0000 (UTC) (envelope-from bgreene@senki.org) Received: from squid19.laughingsquid.net (squid19.laughingsquid.net [72.32.209.135]) by mx1.freebsd.org (Postfix) with ESMTP id B848B8FC2C for ; Thu, 10 Dec 2009 15:07:54 +0000 (UTC) Received: (qmail 7546 invoked from network); 10 Dec 2009 06:41:13 -0800 Received: from natint3.juniper.net (HELO bgreeneT61) (66.129.224.36) by squid19.laughingsquid.net with SMTP; 10 Dec 2009 06:41:13 -0800 From: "Barry Raveendran Greene" To: =?UTF-8?Q?'Bogdan_=C4=86ulibrk'?= , References: <4B20D86B.7080800@default.rs> In-Reply-To: <4B20D86B.7080800@default.rs> Date: Thu, 10 Dec 2009 06:41:00 -0800 Message-ID: <000301ca79a6$d24cc8e0$76e65aa0$@org> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: Acp5jf1FQuOsnm9IRZuNv1DAaIlQ4wAGHGmQ Content-Language: en-us x-cr-hashedpuzzle: BIGc HsIC KSzE Lkpg L6P7 MqWU PEGq P9ak QfuT RtBQ S8D9 TiBg VraA d9uw eKm5 fagn; 3; YgBjAEAAZABlAGYAYQB1AGwAdAAuAHIAcwA7AGYAcgBlAGUAYgBzAGQALQBzAGUAYwB1AHIAaQB0AHkAQABmAHIAZQBlAGIAcwBkAC4AbwByAGcAOwB3AG8AbABsAG0AYQBuAEAAYgBpAG0AYQBqAG8AcgBpAHQAeQAuAG8AcgBnAA==; Sosha1_v1; 7; {8EA564D4-0F3F-4647-BC7E-D007477D1790}; YgBnAHIAZQBlAG4AZQBAAHMAZQBuAGsAaQAuAG8AcgBnAA==; Thu, 10 Dec 2009 14:40:51 GMT; UgBFADoAIABGAHIAZQBlAEIAUwBEACAAUwBlAGMAdQByAGkAdAB5ACAAQQBkAHYAaQBzAG8AcgB5ACAARgByAGUAZQBCAFMARAAtAFMAQQAtADAAOQA6ADEANQAuAHMAcwBsAA== x-cr-puzzleid: {8EA564D4-0F3F-4647-BC7E-D007477D1790} Cc: wollman@bimajority.org Subject: RE: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 15:07:55 -0000 > > Actually, pretty much anyone who uses client certificates in an > > enterprise environment is likely to have a problem with this, which > is > > why the IETF TLS working group is working on publishing a protocol > > fix. It looks like that RFC should be published, at Proposed > > Standard, in a few weeks, and most vendors look prepared to release > > implementations of the fix immediately thereafter (as soon as the > > relevant constants are assigned by IANA). > > > > -GAWollman >=20 > This advisory kinda made big problem here in local (things stopped > working). I had to do rollback this update because of "session > renegotiation" breakage. >=20 > Is there some workaround to make things work along with this advisory? > Maybe switch to ports/security/openssl ? >=20 > Can anyone comment on this one? > Thanks in advance. You will have to wait on the TLS Working Group in the IETF to finish if = your application needs renegotiation. The "HOT PAGE" on this topic for = the industry is here: http://www.icasi.org/tls-ssl.html From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 15:29:26 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 953DC106566B for ; Thu, 10 Dec 2009 15:29:26 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 57B258FC08 for ; Thu, 10 Dec 2009 15:29:26 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id 39D526D41C; Thu, 10 Dec 2009 15:29:25 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id 0B0C5844F3; Thu, 10 Dec 2009 16:29:25 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: "Barry Raveendran Greene" References: <4B20D86B.7080800@default.rs> <000301ca79a6$d24cc8e0$76e65aa0$@org> Date: Thu, 10 Dec 2009 16:29:24 +0100 In-Reply-To: <000301ca79a6$d24cc8e0$76e65aa0$@org> (Barry Raveendran Greene's message of "Thu, 10 Dec 2009 06:41:00 -0800") Message-ID: <864onyluej.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: 'Bogdan =?utf-8?Q?=C4=86ulibrk'?= , freebsd-security@freebsd.org, wollman@bimajority.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 15:29:26 -0000 "Barry Raveendran Greene" writes: > You will have to wait on the TLS Working Group in the IETF to finish > if your application needs renegotiation. The correct anser is: You will have to perform a threat assessment to determine how likely a MITM attack is, how serious the consequences would be, whether the product of these two factors is sufficiently low to justify continued operation with a flawed protocol, and, should you decide to go on, what measures can be put in place to mitigate the consequences of an attack. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 15:31:34 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1E6F210656C1 for ; Thu, 10 Dec 2009 15:31:34 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id D42358FC0A for ; Thu, 10 Dec 2009 15:31:33 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id 0A6966D41C; Thu, 10 Dec 2009 15:31:33 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id E0C90844F3; Thu, 10 Dec 2009 16:31:32 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: "Barry Raveendran Greene" References: <4B20D86B.7080800@default.rs> <000301ca79a6$d24cc8e0$76e65aa0$@org> <864onyluej.fsf@ds4.des.no> Date: Thu, 10 Dec 2009 16:31:32 +0100 In-Reply-To: <864onyluej.fsf@ds4.des.no> ("Dag-Erling =?utf-8?Q?Sm=C3=B8rg?= =?utf-8?Q?rav=22's?= message of "Thu, 10 Dec 2009 16:29:24 +0100") Message-ID: <86zl5qkfqj.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: 'Bogdan =?utf-8?Q?=C4=86ulibrk'?= , freebsd-security@freebsd.org, wollman@bimajority.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 15:31:34 -0000 Dag-Erling Sm=C3=B8rgrav writes: > The correct anser is: answer, even DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 18:36:25 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 249DA1065676 for ; Thu, 10 Dec 2009 18:36:25 +0000 (UTC) (envelope-from chris@noncombatant.org) Received: from strawberry.noncombatant.org (strawberry.noncombatant.org [64.142.6.126]) by mx1.freebsd.org (Postfix) with ESMTP id 04A4A8FC18 for ; Thu, 10 Dec 2009 18:36:24 +0000 (UTC) Received: by strawberry.noncombatant.org (Postfix, from userid 1001) id 29F127751DE; Thu, 10 Dec 2009 10:37:19 -0800 (PST) Date: Thu, 10 Dec 2009 10:37:18 -0800 From: Chris Palmer To: freebsd-security@freebsd.org Message-ID: <20091210183718.GA37642@noncombatant.org> References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no> <4B20E812.508@default.rs> <4B2101D8.7010201@obluda.cz> <86hbrylvyw.fsf@ds4.des.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <86hbrylvyw.fsf@ds4.des.no> User-Agent: Mutt/1.4.2.3i Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 18:36:25 -0000 Dag-Erling Sm??rgrav writes: > Do you use client-side certificates? This is probably the original poster's problem. FreeBSD Security Advisory FreeBSD-SA-09:15.ssl made clear that the patch fixes the protocol bug by removing the broken feature (session renegotiation), but stated incorrectly that session renegotiation is rarely used. In fact, client certificates work using renegotiation as the underlying mechanism, and client cert auth is pretty common. The advisory stated: """NOTE WELL: This update causes OpenSSL to reject any attempt to renegotiate SSL / TLS session parameters. As a result, connections in which the other party attempts to renegotiate session parameters will break. In practice, however, session renegotiation is a rarely-used feature, so disabling this functionality is unlikely to cause problems for most systems.""" So, yeah, everybody: This patch breaks all your client cert-powered apps. Probably the advisory should have mentioned that. :) That's why we'll all be really happy when the new, fixed version of TLS comes out and our TLS libraries all support the new version. Until then, we'll have to either stop using client cert auth, or continue to use it with some risk, or continue to use it while also employing flimsy mitigiation methods like allowing only whitelisted client IPs to connect (increasing the attacker's hassle somewhat, but not making attacks impossible). It might also, or might not, help to require another form of auth from the client, such as passwords or magic strings in the SOAP header or whatever. Finally, the exploit scenarios I've heard of so far resemble cross-site request forgery, in that the attacker can insert bad messages into an otherwise good session. If you're protecting a web app with TLS client cert auth, you'll need to audit that app for bugs like XSS and CSRF regardless of this TLS problem. Depending on my mood, and please note I haven't had any coffee yet, I might even say that this TLS problem is the least of the average web application's woes (even though this TLS problem is not insignificant). Ok, coffee time. From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 19:18:23 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BAE00106566B for ; Thu, 10 Dec 2009 19:18:23 +0000 (UTC) (envelope-from mdounin@mdounin.ru) Received: from mdounin.cust.ramtel.ru (mdounin.cust.ramtel.ru [81.19.69.81]) by mx1.freebsd.org (Postfix) with ESMTP id 78B8D8FC15 for ; Thu, 10 Dec 2009 19:18:23 +0000 (UTC) Received: from mdounin.ru (mdounin.cust.ramtel.ru [81.19.69.81]) by mdounin.cust.ramtel.ru (Postfix) with ESMTP id 1D77C17051; Thu, 10 Dec 2009 22:00:25 +0300 (MSK) Date: Thu, 10 Dec 2009 22:00:25 +0300 From: Maxim Dounin To: Chris Palmer Message-ID: <20091210190024.GC33752@mdounin.ru> References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no> <4B20E812.508@default.rs> <4B2101D8.7010201@obluda.cz> <86hbrylvyw.fsf@ds4.des.no> <20091210183718.GA37642@noncombatant.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20091210183718.GA37642@noncombatant.org> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 19:18:23 -0000 Hello! On Thu, Dec 10, 2009 at 10:37:18AM -0800, Chris Palmer wrote: > Dag-Erling Sm??rgrav writes: > > > Do you use client-side certificates? > > This is probably the original poster's problem. FreeBSD Security Advisory > FreeBSD-SA-09:15.ssl made clear that the patch fixes the protocol bug by > removing the broken feature (session renegotiation), but stated incorrectly > that session renegotiation is rarely used. In fact, client certificates work > using renegotiation as the underlying mechanism, and client cert auth is > pretty common. The advisory stated: > > """NOTE WELL: This update causes OpenSSL to reject any attempt to > renegotiate SSL / TLS session parameters. As a result, connections in which > the other party attempts to renegotiate session parameters will break. In > practice, however, session renegotiation is a rarely-used feature, so > disabling this functionality is unlikely to cause problems for most > systems.""" > > So, yeah, everybody: This patch breaks all your client cert-powered apps. > Probably the advisory should have mentioned that. :) It's not true. Patch (as well as OpenSSL 0.9.8l) breaks only apps that do not request client certs in initial handshake, but instead do it via renegotiation. It's not really commonly used feature. Maxim Dounin From owner-freebsd-security@FreeBSD.ORG Thu Dec 10 19:45:38 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 997CA106566C for ; Thu, 10 Dec 2009 19:45:38 +0000 (UTC) (envelope-from chris@noncombatant.org) Received: from strawberry.noncombatant.org (strawberry.noncombatant.org [64.142.6.126]) by mx1.freebsd.org (Postfix) with ESMTP id 7ED1D8FC16 for ; Thu, 10 Dec 2009 19:45:38 +0000 (UTC) Received: by strawberry.noncombatant.org (Postfix, from userid 1001) id 00DDA7751E1; Thu, 10 Dec 2009 11:46:32 -0800 (PST) Date: Thu, 10 Dec 2009 11:46:32 -0800 From: Chris Palmer To: Maxim Dounin , freebsd-security@freebsd.org Message-ID: <20091210194632.GA38011@noncombatant.org> References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no> <4B20E812.508@default.rs> <4B2101D8.7010201@obluda.cz> <86hbrylvyw.fsf@ds4.des.no> <20091210183718.GA37642@noncombatant.org> <20091210190024.GC33752@mdounin.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20091210190024.GC33752@mdounin.ru> User-Agent: Mutt/1.4.2.3i Cc: Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 19:45:38 -0000 Maxim Dounin writes: > It's not true. Patch (as well as OpenSSL 0.9.8l) breaks only apps that do > not request client certs in initial handshake, but instead do it via > renegotiation. It's not really commonly used feature. The ideal case is not the typical case: http://extendedsubset.com/Renegotiating_TLS_pd.pdf The plain fact is that client cert auth often needs reneg in apps as deployed in the world. Often, web servers need to check (for example) a virtual-host-specific configuration before realizing they need to request client cert auth. From owner-freebsd-security@FreeBSD.ORG Fri Dec 11 09:19:34 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B50AB106566C for ; Fri, 11 Dec 2009 09:19:34 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: from mail-bw0-f213.google.com (mail-bw0-f213.google.com [209.85.218.213]) by mx1.freebsd.org (Postfix) with ESMTP id 16B428FC08 for ; Fri, 11 Dec 2009 09:19:33 +0000 (UTC) Received: by bwz5 with SMTP id 5so462290bwz.3 for ; Fri, 11 Dec 2009 01:19:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type; bh=l1bn5YXD8TGJCtq4KdUf6K80Qz1MVRie0jwVxm6kcmY=; b=fxEoOHc6fE45pXfig3/4/NTcefTrnp5W6lat1uryMuHMVtC3900315KQvw7xmY9jqo 9EFr9Wapd/tPddEX5VXtAp/WMpo3Zj1TmrTCjoV2o3YUbx9eMBGPRdUjawDUT95LMN1u mkb2Iq3NIsZLIROKpzJ5VairML2MMOH1ZJXG4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=Pgb1m8qUYqXGc08VAqP0qqUN20per2uyAj+x8bX3btl9P+Ou4KwcdCbvRwVVErAgtl Bs4pkMHM9zWo8Y9L1X92xVzGAkwiBYD2pHPL3GMSeLUahBI2QicLDn76Nz2B6ZjQquXI LZ2neDD9GLossLLeHaiMrYxTAzjksIhmMRl9M= MIME-Version: 1.0 Received: by 10.204.5.198 with SMTP id 6mr599866bkw.72.1260523173004; Fri, 11 Dec 2009 01:19:33 -0800 (PST) Date: Fri, 11 Dec 2009 12:19:32 +0300 Message-ID: From: pluknet To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: ntpd 4.2.4p8 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2009 09:19:34 -0000 Hi. Are there plans on updating contrib/ntp to the latest version? There was at least one security fix (and others at earlier versions): +(4.2.4p8) 2009/12/08 Released by Harlan Stenn + +* [Sec 1331] DoS with mode 7 packets - CVE-2009-3563. + NetBSD already done that on Dec/9 (w/ MFC to 4.0.x). -- wbr, pluknet From owner-freebsd-security@FreeBSD.ORG Fri Dec 11 09:36:13 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6C1511065670 for ; Fri, 11 Dec 2009 09:36:13 +0000 (UTC) (envelope-from roberto@keltia.freenix.fr) Received: from keltia.freenix.fr (cl-180.mrs-01.fr.sixxs.net [IPv6:2a01:240:fe00:b3::2]) by mx1.freebsd.org (Postfix) with ESMTP id 1CD1D8FC14 for ; Fri, 11 Dec 2009 09:36:13 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by keltia.freenix.fr (Postfix/TLS) with ESMTP id 04A3C1B75 for ; Fri, 11 Dec 2009 10:36:12 +0100 (CET) X-Virus-Scanned: amavisd-new at keltia.freenix.fr Received: from keltia.freenix.fr ([127.0.0.1]) by localhost (keltia.freenix.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1KerHHZ+fdm8 for ; Fri, 11 Dec 2009 10:36:11 +0100 (CET) Received: from roberto-al.eurocontrol.fr (aran.keltia.net [88.191.250.24]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: roberto) by keltia.freenix.fr (Postfix/TLS) with ESMTPSA id 8A4C61B72 for ; Fri, 11 Dec 2009 10:36:11 +0100 (CET) Date: Fri, 11 Dec 2009 10:35:50 +0100 From: Ollivier Robert To: freebsd-security@freebsd.org Message-ID: <20091211093550.GA22688@roberto-al.eurocontrol.fr> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: X-Operating-System: MacOS X / Macbook Pro - FreeBSD 7.2 / Dell D820 SMP User-Agent: Mutt/1.5.20 (2009-06-14) Subject: Re: ntpd 4.2.4p8 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2009 09:36:13 -0000 According to pluknet: >Are there plans on updating contrib/ntp to the latest version? Yes. It is in the works. -- Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- roberto@keltia.freenix.fr In memoriam to Ondine : http://ondine.keltia.net/ From owner-freebsd-security@FreeBSD.ORG Fri Dec 11 11:14:06 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D62D2106566B for ; Fri, 11 Dec 2009 11:14:06 +0000 (UTC) (envelope-from mdounin@mdounin.ru) Received: from mdounin.cust.ramtel.ru (mdounin.cust.ramtel.ru [81.19.69.81]) by mx1.freebsd.org (Postfix) with ESMTP id 90C938FC12 for ; Fri, 11 Dec 2009 11:14:06 +0000 (UTC) Received: from mdounin.ru (mdounin.cust.ramtel.ru [81.19.69.81]) by mdounin.cust.ramtel.ru (Postfix) with ESMTP id 2C0CE1702B; Fri, 11 Dec 2009 14:14:05 +0300 (MSK) Date: Fri, 11 Dec 2009 14:14:05 +0300 From: Maxim Dounin To: Chris Palmer Message-ID: <20091211111404.GD33752@mdounin.ru> References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no> <4B20E812.508@default.rs> <4B2101D8.7010201@obluda.cz> <86hbrylvyw.fsf@ds4.des.no> <20091210183718.GA37642@noncombatant.org> <20091210190024.GC33752@mdounin.ru> <20091210194632.GA38011@noncombatant.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20091210194632.GA38011@noncombatant.org> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2009 11:14:06 -0000 Hello! On Thu, Dec 10, 2009 at 11:46:32AM -0800, Chris Palmer wrote: > Maxim Dounin writes: > > > It's not true. Patch (as well as OpenSSL 0.9.8l) breaks only apps that do > > not request client certs in initial handshake, but instead do it via > > renegotiation. It's not really commonly used feature. > > The ideal case is not the typical case: > > http://extendedsubset.com/Renegotiating_TLS_pd.pdf > > The plain fact is that client cert auth often needs reneg in apps as > deployed in the world. Often, web servers need to check (for example) a > virtual-host-specific configuration before realizing they need to request > client cert auth. While talking about "often" - do you have any stats? Anyway, this is quite a differenet from "all client cert-powered apps" you stated in your previous message. I'm not trying to say this patch doesn't break anything. It does, and most common case is probably Apache with per-location client cert configs. But: - it's not all apps with client certs which are broken, just a [relatively small as far as I know] share of them; - not patching is not an option as it leaves unsecure much more installations. Maxim Dounin From owner-freebsd-security@FreeBSD.ORG Fri Dec 11 18:44:52 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 06BB41065670 for ; Fri, 11 Dec 2009 18:44:52 +0000 (UTC) (envelope-from chris@noncombatant.org) Received: from strawberry.noncombatant.org (strawberry.noncombatant.org [64.142.6.126]) by mx1.freebsd.org (Postfix) with ESMTP id DC96F8FC23 for ; Fri, 11 Dec 2009 18:44:51 +0000 (UTC) Received: by strawberry.noncombatant.org (Postfix, from userid 1001) id 666E27751E0; Fri, 11 Dec 2009 10:45:48 -0800 (PST) Date: Fri, 11 Dec 2009 10:45:48 -0800 From: Chris Palmer To: freebsd-security@freebsd.org Message-ID: <20091211184548.GA46543@noncombatant.org> References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no> <4B20E812.508@default.rs> <4B2101D8.7010201@obluda.cz> <86hbrylvyw.fsf@ds4.des.no> <20091210183718.GA37642@noncombatant.org> <20091210190024.GC33752@mdounin.ru> <20091210194632.GA38011@noncombatant.org> <20091211111404.GD33752@mdounin.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20091211111404.GD33752@mdounin.ru> User-Agent: Mutt/1.4.2.3i Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2009 18:44:52 -0000 Maxim Dounin writes: > While talking about "often" - do you have any stats? Anyway, this is > quite a differenet from "all client cert-powered apps" you stated in your > previous message. IIS defaults to renegotiation when doing client cert auth, and Apache certainly can (possibly must? I don't know) work this way as well. See Ray and Dispensa's original paper. http://extendedsubset.com/Renegotiating_TLS.pdf """In particular, practical attacks against HTTPS client certificate authentication have been demonstrated against recent versions of both Microsoft IIS and Apache httpd on a variety of platforms and in conjunction with a variety of client applications.""" So, sure; "all" is an exaggeration, but it's much less wrong than "rarely used". > - not patching is not an option as it leaves unsecure much more > installations. Patching/not patching is not always a black and white question whose answer is always "yes". The question is far more gray when the patch breaks protocol compat with a major protocol feature.