-
-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
If an engine comes up explicitely, it must also come down explicitely #1643
Conversation
@dwmw2, would you please make a few tries with this, see if that fixes the issues you're seeing? |
(#1644 is the same for 1.0.2) |
As I said in #1642, probably an engine_pkcs11 bug. Even so, can we fix it this way in 1.1.0 and 1.0.2? I had been thinking that we couldn't.... but actually, engine_pkcs11 doesn't suffer the above use-after-free until the latest git, where we made it stop registering default key methods. Until then, it was pinned because its methods were default. So as long as we fix this bug in engine_pkcs11 and make it properly refcount its keys before the next release, maybe it's OK for you to ship your version in a stable OpenSSL release? Shipping my version where we hold a functional reference not a structural reference might still be safer though, even if we can persuade ourselves it's OK for engine_pkcs11. |
The trouble you're having is here. The Sorry to say this, but I guess that's a long standing bug on the engine_pkcs11 side of things, you've just been lucky that there was a reference of some sort hiding it... |
This line here in libp11 should really be: rsa = RSA_new_method(eng); (given en input |
Sure, I understand the nature of the problem (although thanks for pointing me at the specific fix; I hadn't quite got there yet). But since we're hopefully looking at applying this to the stable 1.0.2 and 1.1 trees too, my concern was whether we want to do it in a way that triggers such "long standing bugs". Why are you so keen to return a structural reference from I had chosen to use a functional reference because that basically mimics the existing assumptions — it only ever worked when As I said, for engine_pkcs11 perhaps it's OK — because there is no release yet which doesn't register those bogus generic EC and RSA methods, and which doesn't thus get a functional reference pinned anyway via For the general case of engines without default methods which have similar refcounting bugs... maybe it's valid to observe that they never worked anyway, as we're only changing the failure mode in a stable release and that's OK? But still, even for that I think you'd have to really want it to be only a structural reference, not a functional one. And I haven't seen a really good reason to want that. It's not supposed to be a torture test for engines :) |
I can't claim to have seen every engine in the world... however, of all I've seen, engine_pkcs11 / libp11 is the only one so far where I've seen this particular reference bug. The problem comes when some other application does things "the right way" (i.e.
I'll have you note that there is a functional reference around key loading, 49e476a makes sure of that. |
Not 'changed to'. In the context of this discussion, it was more about whether they should continue to do it that way in a stable release series, if that's they way they were already behaving. With the noted caveat that in our case, it didn't work before either; it was just differently broken before. Your version is fine; I just wanted to double-check that the compatibility implications for the stable release were fully considered. Thanks.
And then you drop the reference immediately, while you still hold the key. That's the behaviour I was considering "new and exciting" for a stable release. But you said that engine bug isn't common and you've never seen it anywhere but in engine_pkcs11, and we know it was masked in engine_pkcs11 by other bugs until this week anyway, so it's never been in a release. So "new and exciting" is absolutely fine by me. |
I'm not sure I understand what you mean. Are you saying that applications usually do hold an explicit global functional reference (i.e. they call |
Noted, and thank you. Now, all I need is another team member reviewing this stuff. |
(Potentially flogging a dead horse here, since I've already conceded the point. But since you asked after I had done so... and since when I'm done yak-shaving on this latest occurrence of "I'll just show someone how to do this trivial thing with PKCS#11.... oh f%ck it's all f%cking broken" I get to go back to the joyous task of writing test cases for my NSS support of PKCS#11 URIs... I'll tarry a while longer ☺)
Nonono, I'm saying that if, in a stable series, they have previously held that long-term reference (as was the But I have already conceded the point that for (Note s_client still broken in 1.1.0 because commit a6972f3 wants backporting) |
There is a slight misunderstanding here.
Now done. |
That was a typo not a misunderstanding fwiw. Brain said For default functionality... now we really need your guidance in OpenSC/libp11#110 |
For 1.1.0, we've figured out / reminded ourselves that this is not strictly necessary, as engines without any registered cipher or hash methods is impossible... or, well, not strictly impossible, but entirely useless and/or buggy, given the intended ENGINE structure. It's a different story with 1.0.2, since the engine implementor has full access to all structures, and can therefore hack around OpenSSL limitations much more. |
I'm closing this one and starting it over. It's not necessary for 1.1.0, as registering any algorithm is mandatory (either to be able to retrieve a key or to use the engine for crypto acceleration). |
For now, we're making engine_pkcs11 just register a default RSA method (not EC; it only has to be default for something) and pass through to the OpenSSL internal methods for "alien" keys. However...
I think we can make that work even for 1.1. Even though And right now, engine_pkcs11 is unloadable anyway because it never releases all its references to the keys it has. We've got plenty of work to do internally to fix its refcounting, before talk of releasing the engine even makes any sense. So right now, apart from the use-after-free issue in |
Since commit f160e2f ("Gracefully handle alien RSA keys") it's OK for the engine to be set as the default method for RSA keys. And since the openssl command line tool in many released versions forgets to do ENGINE_init(), it *only* works if the engine is default for *something*, as discussed in openssl/openssl#1643 This reverts the RSA part of commit b9b7941. Closes #118
In apps/apps.c, one can set up an engine with setup_engine(). However, we freed the structural reference immediately, which means that for engines that don't already have a structural reference somewhere else (because it's a built in engine), we end up returning an invalid reference. Instead, the function release_engine() is added, and called at the end of the routines that call setup_engine().
b9f2546
to
ddb93b8
Compare
Did a rebase to see that the builds all go through |
nice. +1 |
In apps/apps.c, one can set up an engine with setup_engine(). However, we freed the structural reference immediately, which means that for engines that don't already have a structural reference somewhere else (because it's a built in engine), we end up returning an invalid reference. Instead, the function release_engine() is added, and called at the end of the routines that call setup_engine(). Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from #1643)
… always Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from #1643)
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from #1643)
In apps/apps.c, one can set up an engine with setup_engine(). However, we freed the structural reference immediately, which means that for engines that don't already have a structural reference somewhere else (because it's a built in engine), we end up returning an invalid reference. Instead, the function release_engine() is added, and called at the end of the routines that call setup_engine(). Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from #1643) (cherry picked from commit dd1abd4)
Merged. Thanks for the review, guys! |
In apps/apps.c, one can set up an engine with setup_engine().
However, we freed the structural reference immediately, which means
that for engines that don't already have a structural reference
somewhere else (because it's a built in engine), we end up returning
an invalid reference.
Instead, the function release_engine() is added, and called at the end
of the routines that call setup_engine().