From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/1156 Path: news.gmane.org!not-for-mail From: Alex Efros Newsgroups: gmane.comp.sysutils.supervision.general Subject: [OT] MatrixSSL Date: Mon, 12 Jun 2006 15:50:08 +0300 Organization: asdfGroup Inc., http://powerman.asdfGroup.com/ Message-ID: <20060612125007.GP5748@home.power> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1150116618 24543 80.91.229.2 (12 Jun 2006 12:50:18 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Mon, 12 Jun 2006 12:50:18 +0000 (UTC) Original-X-From: supervision-return-1392-gcsg-supervision=m.gmane.org@list.skarnet.org Mon Jun 12 14:50:16 2006 Return-path: Envelope-to: gcsg-supervision@gmane.org Original-Received: from antah.skarnet.org ([212.85.147.14]) by ciao.gmane.org with smtp (Exim 4.43) id 1Fplru-0004oI-Ol for gcsg-supervision@gmane.org; Mon, 12 Jun 2006 14:50:10 +0200 Original-Received: (qmail 29107 invoked by uid 76); 12 Jun 2006 12:50:32 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Archive: Original-Received: (qmail 29096 invoked from network); 12 Jun 2006 12:50:32 -0000 Original-To: supervision@list.skarnet.org Mail-Followup-To: supervision@list.skarnet.org Content-Disposition: inline User-Agent: Mutt/1.5.11 Xref: news.gmane.org gmane.comp.sysutils.supervision.general:1156 Archived-At: Hi! Below is forward of my email to Gerrit Pape. He didn't reply yet (I suppose this can be because of some bug/misconfiguration in his qconfirm spam protection or he just ignore me :)), so maybe somebody else here can answer on question. ----- Forwarded message from Alex Efros ----- Date: Tue, 6 Jun 2006 02:32:22 +0300 From: Alex Efros To: Gerrit Pape Subject: MatrixSSL Hi! I noticed you using MatrixSSL library in your sslio program and I wanna know your attitude to this library as C-expert (if you remember, I'm Perl programmer and don't know C good enough). I've also tried to use MatrixSSL and found some issues. For example, I try to configure my https:// client based on MatrixSSL to know some root CA certificates. I've found in /etc/ssl/certs/ 12 root CA certificates installed by openssl package, and I try to send them into matrixSslReadKeys() using trustedCAcertFiles param. There exists two ways how to do this AFAIK: 1) set trustedCAcertFiles to ;-separated list of .pem-files like: 'cert/vsignss.pem;cert/wellsfgo.pem;cert/nortelCA.pem;...' 2) `cat` all certificated into single .pem file First way result in "Segmentation fault" in matrixSslReadKeys(). Second way result in "stack smashing attack in function matrixX509ReadCert()" in matrixSslReadKeys() [this error probably result of my hardened gcc with pie/ssp patches]. I've send email to MatrixSSL support, but they didn't reply yet. I'm worrying about these errors because they probably indicate bad, insecure style of C programming and may result in unexpected segfaults in long-running script which doing a lot of ssl-work or remotely exploitable security holes. :( From other view, this can be single rare mistake in elegant and secure code. I'm not a C-expert and can't know which supposition correct, so I'm asking you. If you think this isn't looks like 'single rare mistake', then I probably shouldn't continue using MatrixSSL and must return to developing my own SSL perl module - at least there will be no stack overflows there. :-/ -- WBR, Alex. ----- End forwarded message ----- P.S. After sending that email situation was slightly changed: 1) MatrixSSL support replied on my email and provide a fix for described SegFaults - very bad fix, from my view: --- matrixCommon.h 2006-06-07 16:14:38.000000000 +0300 +++ matrixCommon.h 2006-06-12 15:29:20.000000000 +0300 @@ -183,1 +183,1 @@ -#define MAX_CHAIN_LENGTH 8 +#define MAX_CHAIN_LENGTH 192 but I hope it's just a dirty hack and this issue will be solved in right way in next release 2) I've found (and fixed myself because MatrixSSL support isn't reply on my email yet) significant memory leak while reading certificates: --- x509.c.orig 2006-04-04 14:14:02.000000000 +0300 +++ x509.c 2006-06-11 03:17:22.000000000 +0300 @@ -834,6 +834,7 @@ matrixStrDebugMsg("extension format that is notcurrently\n", NULL); matrixStrDebugMsg("recognized. Please emailsupport@peersec.com\n", NULL); matrixStrDebugMsg("to add support for theextension.\n\n", NULL); + matrixX509FreeCert(cert); return -1; } } but I suppose there a lot of similar memory leaks left - memory must be freed before _each_ 'return -1', I think, and there a lot of them. 3) I've found few minor bugs. :( So, maybe MatrixSSL is best for embedded environment, but I'm not sure is it good for OpenSSL replacement for real-world https:// clients and servers. -- WBR, Alex.