From owner-freebsd-security@FreeBSD.ORG Wed Apr 9 20:39:02 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6EFE2378 for ; Wed, 9 Apr 2014 20:39:02 +0000 (UTC) Received: from mail-ob0-x22b.google.com (mail-ob0-x22b.google.com [IPv6:2607:f8b0:4003:c01::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 366151C0F for ; Wed, 9 Apr 2014 20:39:02 +0000 (UTC) Received: by mail-ob0-f171.google.com with SMTP id wn1so3354771obc.16 for ; Wed, 09 Apr 2014 13:39:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=TfSGzGdqdZg1lRpCBcZWS3lVyukdNVsI32SaKqMr2R0=; b=wy5EPFIxBWT3j/8LV6gUvWADRkbtuki+M89fAwmFSZiqp5PnTEbC3s9DQLrL0+tJxv CnoF9HC4XLpPg7dee8Vyf4nkUgKb7nPuIvv8NgWzwPWflKQeMygsHCu8EzA6N31ThxX1 3MXaQCKghjmd2OSM8HyOHlg/1tuYCz8bVqebvlyBL4eLEP4pR58CCDhZ67TsiIBMVUy6 zI1rkvyMm3IXiQSxVuMXEcBiEZG8OTgqbZkAT8ytn1KbuMRltz+zdXLO+F0XQT1OMqz+ AehVcoFqWaIIbqKYwPJaOI1vseDe6/V9wrkN+HaeZxLhEv7UcWrOWKh8Z4DfZHgwrO5i r0pA== MIME-Version: 1.0 X-Received: by 10.60.83.234 with SMTP id t10mr10427048oey.4.1397075941512; Wed, 09 Apr 2014 13:39:01 -0700 (PDT) Sender: ndorfman@gmail.com Received: by 10.60.158.106 with HTTP; Wed, 9 Apr 2014 13:39:01 -0700 (PDT) In-Reply-To: <86d2gqz2he.fsf@nine.des.no> References: <9eeba1ab-2ab0-4188-82aa-686c5573a5db@me.com> <8D81F198-36A7-47F4-B486-DA059910A6B4@spam.lifeforms.nl> <867g6y1kfe.fsf@nine.des.no> <86d2gqz2he.fsf@nine.des.no> Date: Wed, 9 Apr 2014 16:39:01 -0400 X-Google-Sender-Auth: 1PqtGOcw7v102Wk-MEOSD5k-q0c Message-ID: Subject: Re: Proposal From: Nathan Dorfman To: =?UTF-8?Q?Dag=2DErling_Sm=C3=B8rgrav?= Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-security@freebsd.org, Kimmo Paasiala , Walter Hop , Pawel Biernacki X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 20:39:02 -0000 On Wed, Apr 9, 2014 at 4:12 PM, Dag-Erling Sm=C3=B8rgrav wrote= : > Nathan Dorfman writes: >> Is it implausible to suggest that before embarking on the task of >> backporting, reviewing, testing and releasing the actual fix, an >> announcement could have been made immediately with the much simpler >> workaround of adding -DOPENSSL_NO_HEARTBEATS to the OpenSSL compiler >> flags? > > No, that's not implausible, although I don't know whether that > workaround was known at the time. It seems obvious in retrospect, but > may not have been that obvious under pressure. Was it mentioned in the > OpenSSL advisory? Yeah, I should have been clearer -- I personally learned about that from the OpenSSL advisory itself, which states: Affected users should upgrade to OpenSSL 1.0.1g. Users unable to immediatel= y upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS. https://www.openssl.org/news/secadv_20140407.txt Be that as it may, Xin's explanation that simply committing a change to the Makefile would be ineffective in the face of a -DNO_CLEAN build makes sense. I didn't think about that. Moving on, is it not worth talking about going in and defining every -DOPENSSL_NO_* flag that exists and doesn't break the base system? On the simple grounds that there appears to be little to be gained from this kind of feeping creaturism, and plenty, as it turns out, to be lost. Of course, maybe the resulting build won't even work, or at least not work without significant effort. So this is more of a question than an actual suggestion. -nd.