OpenBSD Journal

One week of OpenSSL cleanup

Contributed by weerd on from the its-not-a-race-and-everybody-is-winning dept.

After the news of heartbleed broke early last week, the OpenBSD team dove in and started axing it up into shape. Leading this effort are Ted Unangst (tedu@) and Miod Vallat (miod@), who are head-to-head on a pure commit count basis with both having around 50 commits in this part of the tree in the week since Ted's first commit in this area. They are followed closely by Joel Sing (jsing@) who is systematically going through every nook and cranny and applying some basic KNF. Next in line are Theo de Raadt (deraadt@) and Bob Beck (beck@) who've been both doing a lot of cleanup, ripping out weird layers of abstraction for standard system or library calls.

Then Jonathan Grey (jsg@) and Reyk Flöter (reyk@) come next, followed by a group of late starters. Also, an honorable mention for Christian Weisgerber (naddy@), who has been fixing issues in ports related to this work.

All combined, there've been over 250 commits cleaning up OpenSSL. In one week. Some of these are simple or small changes, while other commits carry more weight. Of course, occasionally mistakes get made but these are also quickly fixed again, but the general direction is clear: move the tree forward towards a better, more readable, less buggy crypto library.

(Comments are closed)


Comments
  1. By chronicdiscord (70.31.112.39) on

    I do hope that this knocks some sense into the OpenSSL developers, it'd be interesting if after all this was done they took the audited version and added any portability lost back in, like OpenSSH.

    Actually, that'd be kinda nice if that became their standard release method, then anyone really interested in improving OpenSSL would have some much more seriously security oriented minds overseeing their commits.

    Plus it would end that long running confusion on if OpenSSL and OpenBSD were related.

  2. By Breen Ouellette (207.47.253.253) on www.breeno.net

    Will the fork get a new name? OpenerSSL?

    Comments
    1. By Miod Vallat (miod) on

      > Will the fork get a new name? OpenerSSL?

      WHO CARES!

      This is not about a fancy name.

      This is about realizing belatedly that code we thought of good quality was not even decent, and ended up becoming too complex and unmaintainable.

      So now we are hurrying to remove everything in the way of exposing the concrete guts of the code, fixing the bad practices inherited from the way we were doing security 15+ years ago, and making sure we do not break basic functionality in the process.

      We have a good six weeks of work ahead of thus, simply doing this.

      Then will come a second time, when we can add the few features we deem desirable, and work on spotting and fixing bugs. Then we'll need to concentrate on getting a new OpenBSD release out of the door.

      Only after that, and if the above work succeeds, will we be able to consider making standalone releases of this new OpenSSL flavour, and consider working on a portable version for the other Unix-like operating systems out there.

      We don't need a name for this right now.
      We don't need a name for this in two weeks from now.
      We don't need a name for this in two months from now.

      Comments
      1. By TW (2601:6:5380:54:1de6:b1de:1170:7d7b) on

        > > Will the fork get a new name? OpenerSSL?
        >
        > WHO CARES!
        >
        > This is not about a fancy name.

        So true! I have been following the news and all the armchair quarterbacks and cheerleaders seem to be focusing on the wrong things. Authors don't sit down and design the dust-jacket and think of the title before they begin writing. Let's all just let the developers focus on what is important.

        Comments
        1. By Anonymous Coward (174.1.146.68) on

          > > > Will the fork get a new name? OpenerSSL?
          > >
          > > WHO CARES!
          > >
          > > This is not about a fancy name.
          >
          > So true! I have been following the news and all the armchair quarterbacks and cheerleaders seem to be focusing on the wrong things. Authors don't sit down and design the dust-jacket and think of the title before they begin writing. Let's all just let the developers focus on what is important.
          >

          I think that discussion is finished anyway. None of the suggested names came even close to "OpenTLS". Take THAT, GnuTLS.

          Comments
          1. By chronicdiscord (70.31.112.39) on

            > I think that discussion is finished anyway. None of the suggested names came even close to "OpenTLS". Take THAT, GnuTLS.

            Someone already has OpenTLS.

    2. By Anonymous Coward (174.1.146.68) on

      > Will the fork get a new name? OpenerSSL?

      If they call it anything other than OpenTLS, I will be very, very surprised.

      Comments
      1. By Anonymous Coward (174.1.146.68) on

        > > Will the fork get a new name? OpenerSSL?
        >
        > If they call it anything other than OpenTLS, I will be very, very surprised.


        Or, since there is no "upstream" for OpenSSL, their cleanup may well become the official OpenSSL. Someone should buy Theo a Fiat. :)

    3. By Anonymous Coward (24.113.147.35) on

      > Will the fork get a new name? OpenerSSL?

      WideOpenSSL ... obviously!

    4. By Anonymous Coward (50.70.146.73) on

      > Will the fork get a new name? OpenerSSL?

      The original license forbids the use of 'OpenSSL' as part of the name of any fork, so it is likely it'll have to be a bit different

      Comments
      1. By Anonymous Coward (66.183.201.254) on

        > > Will the fork get a new name? OpenerSSL?
        >
        > The original license forbids the use of 'OpenSSL' as part of the name of any fork, so it is likely it'll have to be a bit different

        We'll just have to say that OpenBSD OpenSSL is the mainstream, all the others are "forks". So we can keep the OpenSSL name.

        Comments
        1. By Anonymous Coward (79.238.1.213) on

          > > > Will the fork get a new name? OpenerSSL?
          > >
          > > The original license forbids the use of 'OpenSSL' as part of the name of any fork, so it is likely it'll have to be a bit different
          >
          > We'll just have to say that OpenBSD OpenSSL is the mainstream, all the others are "forks". So we can keep the OpenSSL name.

          Paraphrasing the above: "F$%#*ing copyrights, how do they work?"

        2. By phessler (phessler) on why in god's name am I wearing pants?

          > > > Will the fork get a new name? OpenerSSL?
          > >
          > > The original license forbids the use of 'OpenSSL' as part of the name of any fork, so it is likely it'll have to be a bit different
          >
          > We'll just have to say that OpenBSD OpenSSL is the mainstream, all the others are "forks". So we can keep the OpenSSL name.

          Uhh, that is ILLEGAL. OpenBSD will NOT do that.

  3. By Xavier (109.215.177.107) Valeryan_24@laposte.net on

    Hi,

    Congratulations for your great work on OpenBSD and now on OpenSSL for security.

    Just, did you see that :
    https://twitter.com/matthew_d_green/status/456960435845996544

    I'm unable to understand any line of code (I'm not programmer, only an open-source user) and don't know how to report it if unknown as I can't explain the potential bug, but it semmed to be important. Sorry for the disturb if it's a false alert ot already corrected.

    Comments
    1. By Anonymous Coward (217.64.121.114) on

      > Just, did you see that :
      > https://twitter.com/matthew_d_green/status/456960435845996544

      Check the comments near the end.

      Comments
      1. By chronicdiscord (70.31.112.39) on

        > > Just, did you see that :
        > > https://twitter.com/matthew_d_green/status/456960435845996544
        >
        > Check the comments near the end.
        >

        No one knows what you're talking about, instead of making a solid addition to the thread by saying what you mean, you've said, "look for the answer," and hinted at where it actually rests.

        Should have just quoted what you were alluding to instead of being obtuse.

        Comments
        1. By Anonymous Coward (217.64.121.114) on

          > > > Just, did you see that :
          > > > https://twitter.com/matthew_d_green/status/456960435845996544
          > >
          > > Check the comments near the end.
          > >
          >
          > No one knows what you're talking about, instead of making a solid addition to the thread by saying what you mean, you've said, "look for the answer," and hinted at where it actually rests.

          The post I replied to didn't say anything except "look for the problem", and hinted at where it actually rests.

          > Should have just quoted what you were alluding to instead of being obtuse.

          Fine.

          Miod Vallat ‏@MiodVallat Apr 18

          @matthew_d_green @cwlcks The PRNG is no longer being used.
          Details

          Reply
          Retweet
          Favorite

          Matthew Green ‏@matthew_d_green 23h

          @MiodVallat @cwlcks What is being used to generate blinding factors?
          Details

          Reply
          Retweet
          Favorite

          Matthew Green ‏@matthew_d_green 23h

          @renaudallard It sucks yes, but private key + process ID + time (?) seems like it should make the attack impractical...
          Details

          Reply
          Retweet
          Favorite

          Miod Vallat ‏@MiodVallat 22h

          @matthew_d_green @cwlcks ChaCha20, via arc4random() in libc which RAND_bytes() maps to.
          Details

          Reply
          Retweet
          Favorite

          Matthew Green ‏@matthew_d_green 22h

          @MiodVallat @cwlcks Ah, so you ripped out the entire OpenSSL PRNG? That's interesting.
          Details

          Reply
          Retweet
          Favorite

          Miod Vallat ‏@MiodVallat 22h

          @matthew_d_green @cwlcks Yes! That's why we do not need to seed it by anything.
          Details

          Reply
          Retweet
          Favorite

          Matthew Green ‏@matthew_d_green 22h

          @MiodVallat @cwlcks Well then I withdraw my earlier comments. What happens in BSD when the system RNG lacks entropy? Does it block?
          Details

          Reply
          Retweet
          Favorite

          Miod Vallat ‏@MiodVallat 22h

          @matthew_d_green @cwlcks Yes. arc4random() only returns when it has strong data to return.

    2. By TW (2601:6:5380:54:e444:d560:a6d:a9cd) on

      > I'm unable to understand any line of code (I'm not programmer,

      Me too. If you want to try to keep up with what is happening as it happens sign up for the OpenBSD mailing lists. Specifically the 'source-changes' list. It's an automated list generated *I think* when a commit hits the tree in CVS. There is a list of the impacted files as well as who has reviewed the work of the submitting developer and some comments - occasionally saucy. Don't interact with the list (by email) it would be like poking a bear. Just sit back and try to keep up. Also don't sign up to have all the messages sent to you (there are hundreds per day. Just check in and review the list of changes.


  4. By Dean (110.33.246.65) on http://bytefoundry.com.au

    Its terribly sad that big 'open source' companies, Google, red hat, Facebook, canonical etc don't fund this and haven't in the past. Too much focus on rewriting ui toolkits and breaking in convoluted boot systems...

    Comments
    1. By Anonymous Coward (74.88.82.45) on

      > Its terribly sad that big 'open source' companies, Google, red hat, Facebook, canonical etc don't fund this and haven't in the past. Too much focus on rewriting ui toolkits and breaking in convoluted boot systems...

      Do your homework before posting: Google and Facebook are both listed as donators on the OpenBSD Foundation web site.

      As for Red Hat and Canonical, I seriously doubt they would sponsor a competitor to their main product (sending some love to OpenSSH would be nice though).

      Comments
      1. By jdv (216.16.224.222) jdv@clevermonkey.org on http://clvrmnky.org/

        > > Its terribly sad that big 'open source' companies, Google, red hat, Facebook, canonical etc don't fund this and haven't in the past. Too much focus on rewriting ui toolkits and breaking in convoluted boot systems...

        > As for Red Hat and Canonical, I seriously doubt they would sponsor a competitor to their main product (sending some love to OpenSSH would be nice though).
        >

        I'm not arguing that recognizing OpenSSH as the de facto standard for secure comms (something that barely existed a short time ago) is good thing, but it seems to me that the relationship OpenBSD has with, say, Red Hat is different than the one they have with Apple or Google.

        RedHat, et al, and OpenBSD could be considered _peers_ in some regard. i.e., both adhere to some notion of free-as-in-freedom software, and, technically, all benefit from common participation. While a lot of code sharing goes on between the various BSDs, BSD has borrowed a lot from Linux over the years. The maillist history is full of stories about borrowing device driver code and hints for device drivers, for example.

        While those other corps participate somewhat in the free software world by contributing money and source, their primary business is a for-profit proprietary model. It's more of a one-way street, which the big corps recognize with their semi-dependable cheques.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]