[openssl-dev] Fwd: OpenSSL fails to connect to Google on OS X 10.10.3 (Bug Report)

[Matt Caswell]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On 18/04/15 14:30, Dominyk Tiller wrote:
> Apologies. Either I'm an idiot or autocorrect is feeling amusing
> today. I meant https://gist.github.com/DomT4/f86618bdfe2f27c8d66a
> rather than https://gist.github.cok/DomT4/f86618bdfe2f27c8d66a.
> 
> Sent from OS X. If you wish to communicate more securely my PGP
> Public Key is 0x872524db9d74326c.
> 
> 
> -------- Forwarded Message -------- Subject: OpenSSL fails to
> connect to Google on OS X 10.10.3 (Bug Report) Date: Sat, 18 Apr
> 2015 14:16:14 +0100 From: Dominyk Tiller <dominyktiller at gmail.com> 
> To: openssl-dev at openssl.org
> 
> Apologies that this is kinda badly written. Detailed bug reports
> aren't my forte. Feel free to ping back questions if detail isn't
> clear/useful/etc.
> 
> OS X 10.10.3’s release changed some certs in the Keychain. There’s
> a full list of changes here: 
> https://gist.github.cok/DomT4/f86618bdfe2f27c8d66a
> 
> This has caused some chaos with OpenSSL and LibreSSL, in things
> built against them, using a .pem generated from OS X’s Keychains.
> The biggest, most popular affected sites are the whole range of
> Google domains.
> 
> Google cross-sign their GeoTrust root with an old Equifax root
> (Equifax Secure Certificate Authority) because a lot of the older
> clients don’t have the GeoTrust root on their system and would just
> error out. Have emailed with Adam Langley on the cert errors and
> essentially Google aren’t going to be able to stop that
> cross-signing any time soon.
> 
> According to Adam most SSL clients should go through the cert chain
> of the domain and hit the GeoTrust cert and verify at that point,
> if the GeoTrust root exists in a .pem file OpenSSL can find and
> use, which does exist when generating a PEM from the system
> Keychains. It’s not supposed to carry on to the Equifax root, but
> it is, and this is causing breakage on OS X 10.10.3 onwards.

Hi Dominyk

This is a known issue. It has been fixed in git master for a while.
Technically speaking this is not a bug at all. OpenSSL's verification
algorithm is working exactly as designed. For that reason a decision
was taken not to backport this to existing releases (which only
receives bug fixes). However, due to the real problems that this is
causing for users, we have changed our mind on this and we have now
backported this to 1.0.2. It's in git now and will become available as
part of 1.0.2b. Discussions are ongoing with regards to 1.0.1.

Regards

Matt



> 
> This problem only exists in OpenSSL and LibreSSL as far as testing
> goes. It isn’t reproducible with Apple’s Security Framework, or
> GnuTLS.
> 
> Interestingly, Apple have done something to their shipped OpenSSL
> 0.9.8x to fix the problem - If I build OpenSSL 0.9.8x from source
> and use it, failure, but if I use the one Apple installs the
> connection verifies and succeeds. Here’s hoping they’ve punted
> whatever those changes were upstream to you.
> 
> This is the error you get:
> 
> ================================================== —2015-04-10
> 16:58:58—  https://google.com/ Resolving google.com… 216.58.210.46,
> 2a00:1450:4009:800::200e Connecting to
> google.com|216.58.210.46|:443… connected. ERROR: cannot verify
> google.com’s certificate, issued by ‘CN=Google Internet Authority
> G2,O=Google Inc,C=US’: Unable to locally verify the issuer’s
> authority. To connect to google.com insecurely, use
> `—no-check-certificate’. 
> ==================================================
> 
> How to reproduce:
> 
> * Install OpenSSL on OS X 10.10.3 or above. I have it installed to 
> /usr/local/opt/openssl - With the sysconfdir in /usr/local/etc.
> 
> * Generate a PEM file from OS X’s Security Keychain: * security
> find-certificate -a -p /Library/Keychains/System.keychain >> 
> sys.pem * security find-certificate -a -p 
> /System/Library/Keychains/SystemRootCertificates.keychain >>
> sysroot.pem * cat sys.pem >> sysroot.pem * mv sysroot.pem
> /usr/local/etc/openssl
> 
> * Download and install cURL: * Pass
> “—with-ssl=/path/to/openssl/dir” and 
> “--with-ca-bundle=/path/to/sysconfdir/openssl/sysroot.pem” to
> configure.
> 
> * Run “/path/to/your/installed/curl -I https://google.com”
> 
> It reproduces with wget, mutt, various other tools. If you put the 
> Equifax certificate back, and then rehash, you can make the
> connection. But the Equifax cert is old, and weak, and Apple aren’t
> likely to return it to the Keychain. So this problem connecting to
> Google will persist until the reason for not stopping at and
> verifying on the GeoTrust root are narrowed down and hopefully
> fixed.
> 
> Mozilla are also pressing ahead with removing that Equifax root
> from their certs, so it’s not a simple case of working around it by
> switching PEM.
> 
> 
> 
> _______________________________________________ openssl-dev mailing
> list To unsubscribe:
> https://mta.openssl.org/mailman/listinfo/openssl-dev
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVNYMnAAoJENnE0m0OYESRLkQIAIKPnmVymZbwEd+iWszlrLrc
Vcjx6Yy8R/xoFsgo8yuFEXwpFdWBcowiHYdKXgDqx5Du9f5io2VlqE/ghKqCVpe5
yHrlL29bU16G6RlpSoBqKZB+mL+8IbTzoYMUYE14pIBPuhwhbpR+aORAdeO/qxuI
IZ0Py9PQYEATboEMA0WtFmumw6AWFpAMPnr+lUhhTKF5yXyb98vk82KyTd2Hv9MY
3KS/k3x6hblXSLlOlyNNEyCuLBzqXGqfANxbuoXf+RQufFSaD8Mbmo2ZDmMJHuT9
kkSxcYTUd0InE9R02StyV8OdZpijvyxisAZgDumGJJXzsp56lBjijW4Z20ju4gA=
=zvru
-----END PGP SIGNATURE-----