Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ERL-203: Avoid use of deprecated ciphers #3481

Closed
OTP-Maintainer opened this issue Jul 28, 2016 · 2 comments
Closed

ERL-203: Avoid use of deprecated ciphers #3481

OTP-Maintainer opened this issue Jul 28, 2016 · 2 comments
Assignees
@IngelaAndin
Labels
bug Issue is reported as a bug priority:medium team:PS Assigned to OTP team PS
Milestone
OTP-19.1

Comments

@OTP-Maintainer
Copy link

Original reporter: michaesc
Affected version: OTP-19.0
Fixed in version: OTP-19.1
Component: crypto
Migrated from: https://bugs.erlang.org/browse/ERL-203

gwuser@dell-3290:/tmp$ uname -a
Linux dell-3290 3.14.58_IDP-XT_3.1-WR7.0.0.13_idp #1 SMP PREEMPT Tue Jun 7 16:52:19 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

gwuser@dell-3290:/tmp$ openssl version
OpenSSL 1.0.1j 15 Oct 2014

gwuser@dell-3290:/tmp$ rpm -qi openssl
Name        : openssl                      Relocations: (not relocatable)
Version     : 1.0.1j                            Vendor: (none)
Release     : r0.6                          Build Date: Tue Jun  7 16:11:20 2016
Install Date: Thu Jul 28 09:52:04 2016      Build Host: idpbuildserver
Group       : libs/network                  Source RPM: openssl-1.0.1j-r0.6.src.rpm
Size        : 474256                           License: openssl
Signature   : RSA/SHA256, Tue Jun  7 20:29:48 2016, Key ID ae2d2d9f584c3230
Packager    : Wind River <info@windriver.com>
URL         : http://www.openssl.org/
Summary     : Secure Socket Layer
Architecture: corei7_64

gwuser@dell-3290:~/otp_src_19.0$ configure && make
[...]
make[4]: Entering directory 'otp_src_19.0/lib/crypto/c_src'
 CC ../priv/obj/x86_64-unknown-linux-gnu/crypto.o
In file included from crypto.c:40:0:
/usr/include/openssl/des.h:66:2: error: #error DES is disabled.
 #error DES is disabled.

PROPOSAL

We should include logic for the DES cipher only when it's actually available. Here's a scrappy patch that works on today's trunk revision: msvbotpgitcrypto-20160728.patch
@OTP-Maintainer
Copy link
Author

raimo said:

Now running in our daily tests on the 'maint' branch.

When we have the right people back from vacation it will be reviewed.

@OTP-Maintainer
Copy link
Author

raimo said:

After feedback from the crypto application maintainer I have modified your patch to:
* Exit 'notsup' instead of 'badarg' when trying to use a disabled DES cipher
* Not present these disabled ciphers in crypto:supports()
* Fix all test cases to not fail when these ciphers are not supported
* Correct an old spelling error 'des3_cbf' by creating an alias 'des3_cfb' and the same for 'des_ede3_cbf' (unrelated to your patch)

Now running in our daily tests on the 'maint' branch.

@OTP-Maintainer OTP-Maintainer added bug Issue is reported as a bug team:PS Assigned to OTP team PS priority:medium labels Feb 10, 2021
@OTP-Maintainer OTP-Maintainer added this to the OTP-19.1 milestone Feb 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@IngelaAndin IngelaAndin

Labels
bug Issue is reported as a bug priority:medium team:PS Assigned to OTP team PS
Projects
None yet
Milestone
OTP-19.1
Development

No branches or pull requests
2 participants
@IngelaAndin @OTP-Maintainer