New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
set SSL_MODE_RELEASE_BUFFERS #69858
Comments
Originally raised by Ben Bangert on the python-dev mailing list. It turns out that OpenSSL has a mode setting, SSL_MODE_RELEASE_BUFFERS, that can be set by a call to SSK_CTX_set_mode. This mode can potentially reduce connection overhead by nearly 18kB *per connection*, a reduction of something like 60%. Further, this does not change the behaviour of OpenSSL in any meaningful way. For this reason, we should unconditionally set this mode on all SSL Context objects we create. I'm happy to submit a patch to the standard library that will do this. |
Oh, one further requirement: we should *not* set this mode for OpenSSL releases 1.x through 1.0.1g, which have a NULL pointer dereference vulnerability (CVE 2014-0198). Thanks to Marc-Andre Lemburg for spotting this. See also: https://www.rapid7.com/db/vulnerabilities/http-openssl-cve-2014-0198 |
Ok, I've just uploaded an initial draft of the patch for review. |
It might be better to do a runtime OpenSSL version check in case someone upgrades or downgrades to an vulnerable version without recompiling Python. |
Good idea Benjamin. I've uploaded a second patch that adjusts the check to be a runtime one, rather than a compiled one. |
The release buffer mode bugs were fixed in 1.0.0m and 1.0.1h: https://openssl.org/news/vulnerabilities.html#y2014 CVE-2014-0198 (OpenSSL advisory) 21st April 2014:
CVE-2010-5298 (OpenSSL advisory) 8th April 2014:
PS: OpenSSL normally doesn't issue betas. All their releases are final. The numbering scheme is a bit weird - perhaps they'll change to a more common one with 1.1 (this will have a beta cycle): https://openssl.org/policies/releasestrat.html |
Thanks for the updated info Marc-Andre. Yeah, while generally speaking OpenSSL doesn't ship betas, it does provide them as tarballs. I have a beta of 1.0.2 floating around somewhere on my machine that I was using for ALPN testing back in 2014, and so I can speak from personal experience and say that people do actually work with betas sometimes. On this issue (defending ourselves from a CVE) my instinct is to be conservative. However, we should allow later patch releases of OpenSSL 1.0.0 to have this optimisation if they're safe. Therefore, I've uploaded a new patch that does allow for 1.0.0m and later to use this optimisation too. It makes the conditional a little more complex, but c'est la vie. |
On 20.11.2015 12:10, Cory Benfield wrote:
Ah, right. For new major release versions such as 1.0.1 or 1.0.2
LGTM Thanks,Marc-Andre Lemburg |
I assume this can be checked in, MAL? If you need someone to do it for you, feel free to assign it to me and I can do it when I have a chance. |
Thanks, Brett. I'm too busy with other things at the moment. |
New changeset b5b0394ed20b by Benjamin Peterson in branch 'default': |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: