Bug 253526 - security/libressl 3.2.4 breaks OpenLDAP, Dovecot, and Postfix
Summary: security/libressl 3.2.4 breaks OpenLDAP, Dovecot, and Postfix
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Bernard Spil
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-02-15 01:43 UTC by Mohammad S. Babaei
Modified: 2021-02-16 15:01 UTC (History)
1 user (show)

See Also:
linimon: maintainer-feedback? (brnrd)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mohammad S. Babaei 2021-02-15 01:43:33 UTC
I cannot make a simple connection and on the OpenLDAP server I receive:

tls_write: want=58 error=Broken pipe
TLS: can't accept: error:02FFF020:system library:func(4095):Broken pipe.
6029d02e connection_read(15): TLS accept failure error=-1 id=1006, closing
6029d02e connection_closing: readying conn=1006 sd=15 for close
6029d02e daemon: activity on 1 descriptor
6029d02e daemon: waked
6029d02e daemon: select: listen=6 active_threads=0 tvp=NULL
6029d02e connection_close: conn=1006 sd=15
6029d02e daemon: removing 15
6029d02e conn=1006 fd=15 closed (TLS negotiation failure)
6029d02e daemon: select: listen=7 active_threads=0 tvp=NULL
6029d02e daemon: select: listen=8 active_threads=0 tvp=NULL
6029d02e daemon: select: listen=9 active_threads=0 tvp=NULL
6029d02e daemon: select: listen=10 active_threads=0 tvp=NULL
^C6029d03f daemon: shutdown requested and initiated.
6029d03f daemon: closing 6
6029d03f daemon: closing 7
6029d03f daemon: closing 8
6029d03f daemon: closing 9
6029d03f daemon: closing 10
6029d03f slapd shutdown: waiting for 0 operations/tasks to finish
6029d03f slapd shutdown: initiated
6029d03f slapd destroy: freeing system resources.
6029d03f slapd stopped.
root@core:/usr/home/mamadou # 
root@core:/usr/home/mamadou # pkg install -f libressl
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):


And the client:

ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)


Downgrading to 3.2.3 resolved the issue for me.

My dovecot relies on LDAP, but Postfix is not and it was also broken. If it requires, I can upgrade again and check the logs for Postfix also.
Comment 1 Mohammad S. Babaei 2021-02-15 01:48:12 UTC
I have to mention that my certificate for the OpenLDAP has been issued by Let's Encrypt and is not self-signed if it makes any difference (because I saw the following changes) on the release note:

https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.4-relnotes.txt

We have released LibreSSL 3.2.4, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon.

It includes the following bug and interoperability fixes:

    * Switch back to certificate verification code from LibreSSL 3.1.x. The
      new verifier is not bug compatible with the old verifier causing issues
      with applications expecting behavior of the old verifier.

    * Unbreak DTLS retransmissions for flights that include a CCS

    * Only check BIO_should_read() on read and BIO_should_write() on write

    * Implement autochain for the TLSv1.3 server

    * Use the legacy verifier for autochain

    * Implement exporter for TLSv1.3

    * Free alert_data and phh_data in tls13_record_layer_free()

    * Plug leak in x509_verify_chain_dup()

    * Free the policy tree in x509_vfy_check_policy()

The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this
release possible.
Comment 2 Bernard Spil freebsd_committer 2021-02-16 13:33:04 UTC
Can you please check if your ldap server serves the complete chain? There previously was an issue with LibreSSL 3.2 and certificate chains, but those were resolved.

> openssl s_client -connect ldap.example.com:636 -showcerts

(or use -starttls ldap for port 389)
It should return your leaf and the intermediate 'CN=R3' certificate.
Comment 3 Mohammad S. Babaei 2021-02-16 15:01:39 UTC
Sorry, I am not much experienced in this. Here is the output:

$ openssl s_client -connect {REMOVED}:636 -showcerts

CONNECTED(00000003)
depth=0 CN = {REMOVED}
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = {REMOVED}
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:CN = {REMOVED}
   i:C = US, O = Let's Encrypt, CN = R3
-----BEGIN CERTIFICATE-----
{REMOVED}
-----END CERTIFICATE-----
---
Server certificate
subject=CN = {REMOVED}

issuer=C = US, O = Let's Encrypt, CN = R3

---
No client certificate CA names sent
Requested Signature Algorithms: RSA-PSS+SHA512:RSA+SHA512:ECDSA+SHA512:RSA-PSS+SHA384:RSA+SHA384:ECDSA+SHA384:RSA-PSS+SHA256:RSA+SHA256:ECDSA+SHA256
Shared Requested Signature Algorithms: RSA-PSS+SHA512:RSA+SHA512:ECDSA+SHA512:RSA-PSS+SHA384:RSA+SHA384:ECDSA+SHA384:RSA-PSS+SHA256:RSA+SHA256:ECDSA+SHA256
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 2319 bytes and written 429 bytes
Verification error: unable to verify the first certificate
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 21 (unable to verify the first certificate)
---


---
No client certificate CA names sent
Requested Signature Algorithms: RSA-PSS+SHA512:RSA+SHA512:ECDSA+SHA512:RSA-PSS+SHA384:RSA+SHA384:ECDSA+SHA384:RSA-PSS+SHA256:RSA+SHA256:ECDSA+SHA256
Shared Requested Signature Algorithms: RSA-PSS+SHA512:RSA+SHA512:ECDSA+SHA512:RSA-PSS+SHA384:RSA+SHA384:ECDSA+SHA384:RSA-PSS+SHA256:RSA+SHA256:ECDSA+SHA256
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 2315 bytes and written 405 bytes
Verification error: unable to verify the first certificate
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 21 (unable to verify the first certificate)
---