Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 12 Dec 2020 11:40:13 -0800
From:      John Baldwin <jhb@FreeBSD.org>
To:        John-Mark Gurney <jmg@funkthat.com>
Cc:        freebsd-security@freebsd.org
Subject:   Re: FreeBSD Security Advisory FreeBSD-SA-20:33.openssl
Message-ID:  <813a04a4-e07a-9608-40a5-cc8e339351eb@FreeBSD.org>
In-Reply-To: <20201211064628.GM31099@funkthat.com>
References:  <20201209230300.03251CA1@freefall.freebsd.org> <20201211064628.GM31099@funkthat.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On 12/10/20 10:46 PM, John-Mark Gurney wrote:
> FreeBSD Security Advisories wrote this message on Wed, Dec 09, 2020 at 23:03 +0000:
>> versions included in FreeBSD 12.x.  This vulnerability is also known to
>> affect OpenSSL versions included in FreeBSD 11.4.  However, the OpenSSL
>> project is only giving patches for that version to premium support contract
>> holders.  The FreeBSD project does not have access to these patches and
>> recommends FreeBSD 11.4 users to either upgrade to FreeBSD 12.x or leverage
>> up to date versions of OpenSSL in the ports/pkg system. The FreeBSD Project
>> may update this advisory to include FreeBSD 11.4 should patches become
>> publicly available.
> 
> FreeBSD needs to reevaluate the continued reliance on OpenSSL for our
> crypto/TLS library.  1.0.2 which is in 11-stable has not had support
> for almost a year, and 11 is going to have almost another year of
> support during which time if there's another vuln, we'll again be
> leaving the users in a bad place.
> 
> I have not heard if OpenSSL has bother to address the breakage of
> /dev/crypto that also recently came up, but it does appear that they
> are no longer a good fit for FreeBSD.

I think I can't disagree more.  In terms of /dev/crypto, see here:

https://github.com/openssl/openssl/pull/13468

Also, OpenSSL has been perfectly fine to work with in terms of
upstreaming KTLS.  kaduk@ is an OpenSSL committer and has been
helpful with helping me find reviewers for patches when needed
as well.

In terms of OpenSSL vs other SSL libraries, I'll defer to this:

https://latacora.micro.blog/2018/04/03/cryptographic-right-answers.html

> Even as it stands, FreeBSD has committed to supporting 12 for close
> to a year longer than OpenSSL has for 1.1.1 meaning we will be in the
> same situation we are w/ 11 in a few years.
> 
> Assuming 13 releases w/ OpenSSL, we'll be even in a worse situation
> than we are now.  OpenSSL 3.0.0 has no support commitment announced
> yet, and sticking with 1.1.1 for 13 will put us even in a worse
> situation than we are today.
> 
> What are peoples thoughts on how to address the support mismatch between
> FreeBSD and OpenSSL?  And how to address it?

I do think the support mismatch questions are still real, and I'm not
sure what the best answer is.  My guess is that the the delay of
3.0.0 (which I had hoped would ship in 13.0) will mean that 1.1.1's
lifetime will get extended, but probably not enough to cover 13.x
for 5 years.  One option may be that we provide a compat openssl for
13.x that is 1.1.1 for things built on the head of the branch but
actually import OpenSSL 3.0.0 into stable/13 at some point.  You could
do this with a shlib major version bump.  It won't solve all problems
if some shared library linked against 1.1.1 returns some object
allocated by libssl that the application tries to use directly (and
the application is linked against 3.0.0), but I'm not sure how common
that situation will be in practice.  OpenSSL isn't libc where you have
issues with malloc/free crossing this sort of boundary.

-- 
John Baldwin



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?813a04a4-e07a-9608-40a5-cc8e339351eb>