[openssl-dev] Fwd: latest OpenSSL causes OpenSMTPD to segv

Mon Feb 1 23:34:01 UTC 2016

On Mon, Feb 01, 2016 at 11:16:50PM +0000, Viktor Dukhovni wrote:
> On Mon, Feb 01, 2016 at 10:52:56PM +0000, Viktor Dukhovni wrote:
> 
> > The only thing I see that's plausibly pertinent is:
> > 
> > commit 6656ba7152dfe4bba865e327dd362ea08544aa80
> > Author: Dr. Stephen Henson <steve at openssl.org>
> > Date:   Sun Dec 20 18:18:43 2015 +0000
> > 
> >     Don't check RSA_FLAG_SIGN_VER.
> > 
> >     Reviewed-by: Richard Levitte <levitte at openssl.org>
> > 
> 
> This is related to:
> 
>     commit 1c80019a2c8f59410552197723829fd72ab45a5e
>     Author: Dr. Stephen Henson <steve at openssl.org>
>     Date:   Sat Sep 18 22:37:44 1999 +0000
> 
> 	Add new sign and verify members to RSA_METHOD and change SSL code to use sign
> 	and verify rather than direct encrypt/decrypt.
> 
> Which was already present in 0.9.7.  Thus, presumably engines have
> been expected to implement the "new" methods, if they were ported
> to OpenSSL 0.9.7 or later.
> 
> It seems that perhaps the need to implemnt sign/verify and not just
> encrypt/decrypt has not been communicated to the engine maintainers.
> 
> The master branch has:
> 
>     commit 19c6d3ea2d3b4e0ad3e978e42cc7cbdf0c09891f
>     Author: Dr. Stephen Henson <steve at openssl.org>
>     Date:   Wed Dec 2 14:30:39 2015 +0000
> 
> 	Remove RSA_FLAG_SIGN_VER flag.
> 
> 	Remove RSA_FLAG_SIGN_VER: this was origininally used to retain binary
> 	compatibility after RSA_METHOD was extended to include rsa_sign and
> 	rsa_verify fields. It is no longer needed.
> 
> 	Reviewed-by: Richard Levitte <levitte at openssl.org>
> 
> And while indeed the structure has been stable with sign/verify
> methods for ages, engines that don't implement sign/verify may well
> exist, so dropping the flag check can break some engines.

This looks like a change in behaviour that's not just a bug fix,
and we should properly revert that.

Kurt