Bug 191799 - [patch] openssl - fix regression from CVE-2014-0224 - "ccs received early"
Summary: [patch] openssl - fix regression from CVE-2014-0224 - "ccs received early"
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 8.4-RELEASE
Hardware: Any Any
: --- Affects Many People
Assignee: FreeBSD Release Engineering
Keywords: patch, regression
Depends on:
Reported: 2014-07-11 01:25 UTC by Andrew Daugherity
Modified: 2015-04-16 18:39 UTC (History)
3 users (show)

See Also:

patch to fix "ccs received early" error (781 bytes, patch)
2014-07-11 01:25 UTC, Andrew Daugherity
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Daugherity 2014-07-11 01:25:37 UTC
Created attachment 144567 [details]
patch to fix "ccs received early" error

I've recently been having issues with net/relayd randomly (e.g. once every 10 minutes or so) flagging backend HTTPS servers as down for one check, then back up the next.

Running it in debug+extra verbose mode showed a libssl error:
SSL library error: cannot connect: error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early
hce_notify_done: (ssl connect failed)
host, check http code use ssl (94ms), state up -> down, availability 95.65%

The only relevant results I found searching for this error was the changelog for Ubuntu's openssl package, where apparently the patch for CVE-2014-0224 introduced this error for people running pg_dump (postgres) with ssl enabled.  The issue was fixed upstream in openssl's git (post-1.0.1h), and Debian & Ubuntu cherry-picked this commit.  After manually applying the same one-line patch to my tree and rebuilding world, relayd is back to 100% uptime.

I've attached the diff (against ^/releng/8.4); 9/10/HEAD are also affected and the patch should apply with only changing line numbers.  I suppose the security/openssl port should also be fixed.

External links:
OpenSSL bug: https://rt.openssl.org/Ticket/Display.html?id=3400&user=guest&pass=guest
OpenSSL git commit: https://git.openssl.org/gitweb/?p=openssl.git;a=history;f=ssl/s3_clnt.c;hb=3b77f01702cbbb75c77
Ubuntu bug: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1332643
Comment 1 Andrew Daugherity 2015-01-16 00:47:30 UTC
Pasting in lost comments from the mailing list archives.  It seems I do not have permissions to add the people to CC that Xin LI did in #2, so if someone can redo that, it would be appreciated. 

FYI I browsed the openssl patch that just dropped (FreeBSD-SA-15:01.openssl) and it appears to be unrelated to this issue (aside from making me buildworld yet again).
--- Comment #1 from Andrew Daugherity <andrew.daugherity at gmail.com> ---
This bug still needs attention -- I have to rebuild libssl locally (with this
patch) after each openssl advisory.

For releng/10.1 it was fixed with the import of openssl 1.0.1i in r269686.  It
has not been fixed for releng/10.0, 9.3, or 8.4 (or 9.1/9.2, but those have
fallen out of support).

Can someone please add the 'patch' and 'regression' keywords (or whatever is
appropriate -- I apparently can't set them myself) so the appropriate people
see it and the patch can be reviewed/committed?  Thanks!

Xin LI <delphij at FreeBSD.org> changed:

           What    |Removed                     |Added
                 CC|                            |benl at FreeBSD.org,
                   |                            |delphij at FreeBSD.org,
                   |                            |jkim at FreeBSD.org

--- Comment #2 from Xin LI <delphij at FreeBSD.org> ---
(In reply to Andrew Daugherity from comment #1)
The change was superseded later by commit e94a6c0 [1] which looks like needs to
be ported, too?

Adding OpenSSL maintainers for their opinion as well.


--- Comment #3 from Andrew Daugherity <andrew.daugherity at gmail.com> ---
(In reply to Xin LI from comment #2)
Interestingly, that fix was not committed to the upstream OpenSSL_0_9_8-stable
branch.  No idea if that's an oversight or intentional.

If it was correctly omitted, then only FreeBSD 10.x would need the extra fix,
as 8.x and 9.x track 0.9.8 and would only need the original one-line patch.
Comment 2 Xin LI freebsd_committer 2015-04-15 18:57:34 UTC
This should have been resolved by FreeBSD-EN-15:02.openssl.
Comment 3 Andrew Daugherity 2015-04-16 18:39:56 UTC
Yes, as FreeBSD-EN-15:02.openssl pulled in new versions of OpenSSL wholesale, which included this commit, it should.  I have successfully tested it on 8.4.

My apologies, I had meant to update this bug afterwards but it slipped my mind.