public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
* [rpms/openssl] rebase_40beta: Instrument with USDT probes related to SHA-1 deprecation
@ 2026-06-09 12:44 Alexander Sosedkin
0 siblings, 0 replies; 2+ messages in thread
From: Alexander Sosedkin @ 2026-06-09 12:44 UTC (permalink / raw)
To: git-commits
A new commit has been pushed.
Repo : rpms/openssl
Branch : rebase_40beta
Commit : 8f08128432446ac4c4df4f6f29de1bccb391d818
Author : Alexander Sosedkin <asosedkin@redhat.com>
Date : 2022-04-26T19:08:09+02:00
Stats : +246/-1 in 2 file(s)
URL : https://src.fedoraproject.org/rpms/openssl/c/8f08128432446ac4c4df4f6f29de1bccb391d818?branch=rebase_40beta
Log:
Instrument with USDT probes related to SHA-1 deprecation
---
diff --git a/0053-Add-SHA1-probes.patch b/0053-Add-SHA1-probes.patch
new file mode 100644
index 0000000..b146d4a
--- /dev/null
+++ b/0053-Add-SHA1-probes.patch
@@ -0,0 +1,235 @@
+From a1905af412163cf971107f51a33dff8b416ab690 Mon Sep 17 00:00:00 2001
+From: Clemens Lang <cllang@redhat.com>
+Date: Mon, 25 Apr 2022 15:21:46 +0200
+Subject: [PATCH] Instrument SHA-1 signatures with USDT probes
+
+In order to discover remaining uses of SHA-1 in signatures without
+forcefully breaking the code paths, add USDT probes that can be queried
+with systemtap at runtime.
+
+This should allow identifying components that still use SHA-1 signatures
+in production so that they can be transitioned to more modern hash
+algorithms.
+---
+crypto/evp/m_sigver.c | 13 +++++++++----
+crypto/evp/pmeth_lib.c | 13 +++++++++----
+crypto/x509/x509_vfy.c | 6 +++++-
+providers/common/securitycheck.c | 22 +++++++++++++++-------
+providers/common/securitycheck_default.c | 13 +++++++++++--
+ssl/t1_lib.c | 8 +++++++-
+6 files changed, 56 insertions(+), 19 deletions(-)
+
+diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
+index 8da2183ce0..c17cdfa5d5 100644
+--- a/crypto/evp/m_sigver.c
++++ b/crypto/evp/m_sigver.c
+@@ -16,6 +16,8 @@
+ #include "internal/numbers.h" /* includes SIZE_MAX */
+ #include "evp_local.h"
+
++#include <sys/sdt.h>
++
+ typedef struct ossl_legacy_digest_signatures_st {
+ int allowed;
+ } OSSL_LEGACY_DIGEST_SIGNATURES;
+@@ -336,10 +338,13 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ && !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf)
+ && !EVP_PKEY_is_a(locpctx->pkey, SN_hkdf)) {
+ int mdnid = EVP_MD_nid(ctx->reqdigest);
+- if (!ossl_ctx_legacy_digest_signatures_allowed(locpctx->libctx, 0)
+- && (mdnid == NID_sha1 || mdnid == NID_md5_sha1)) {
+- ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
+- goto err;
++ if (mdnid == NID_sha1 || mdnid == NID_md5_sha1) {
++ if (!ossl_ctx_legacy_digest_signatures_allowed(locpctx->libctx, 0)) {
++ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
++ goto err;
++ } else {
++ DTRACE_PROBE1(libcrypto, fedora_do_sigver_init_1, mdnid);
++ }
+ }
+ }
+
+diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
+index 3c5a1e6f5d..589a352974 100644
+--- a/crypto/evp/pmeth_lib.c
++++ b/crypto/evp/pmeth_lib.c
+@@ -36,6 +36,8 @@
+ #include "internal/sslconf.h"
+ #include "evp_local.h"
+
++#include <sys/sdt.h>
++
+ #ifndef FIPS_MODULE
+
+ static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx,
+@@ -954,10 +956,13 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
+ && !EVP_PKEY_is_a(ctx->pkey, SN_tls1_prf)
+ && !EVP_PKEY_is_a(ctx->pkey, SN_hkdf)) {
+ int mdnid = EVP_MD_nid(md);
+- if ((mdnid == NID_sha1 || mdnid == NID_md5_sha1)
+- && !ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0)) {
+- ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
+- return -1;
++ if (mdnid == NID_sha1 || mdnid == NID_md5_sha1) {
++ if (!ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0)) {
++ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
++ return -1;
++ } else {
++ DTRACE_PROBE1(libcrypto, fedora_evp_pkey_ctx_set_md_1, mdnid);
++ }
+ }
+ }
+
+diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
+index 60aa26f552..d054acd5a7 100644
+--- a/crypto/x509/x509_vfy.c
++++ b/crypto/x509/x509_vfy.c
+@@ -29,6 +29,8 @@
+ #include "crypto/x509.h"
+ #include "x509_local.h"
+
++#include <sys/sdt.h>
++
+ /* CRL score values */
+
+ #define CRL_SCORE_NOCRITICAL 0x100 /* No unhandled critical extensions */
+@@ -3462,10 +3464,12 @@ static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert)
+
+ if (nid == NID_sha1
+ && ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)
+- && ctx->param->auth_level < 2)
++ && ctx->param->auth_level < 2) {
++ DTRACE_PROBE1(libcrypto, fedora_check_sig_level_1, nid);
+ /* When rh-allow-sha1-signatures = yes and security level <= 1,
+ * explicitly allow SHA1 for backwards compatibility. */
+ return 1;
++ }
+
+ return secbits >= minbits_table[level - 1];
+ }
+diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c
+index e534ad0a5f..bf496450cf 100644
+--- a/providers/common/securitycheck.c
++++ b/providers/common/securitycheck.c
+@@ -21,6 +21,8 @@
+ #include "prov/securitycheck.h"
+ #include "internal/sslconf.h"
+
++#include <sys/sdt.h>
++
+ /*
+ * FIPS requires a minimum security strength of 112 bits (for encryption or
+ * signing), and for legacy purposes 80 bits (for decryption or verifying).
+@@ -238,11 +240,14 @@ int ossl_digest_get_approved_nid_with_sha1(OSSL_LIB_CTX *ctx, const EVP_MD *md,
+ # endif /* OPENSSL_NO_FIPS_SECURITYCHECKS */
+
+ #ifndef FIPS_MODULE
+- if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
+- /* SHA1 is globally disabled, check whether we want to locally allow
+- * it. */
+- if (mdnid == NID_sha1 && !sha1_allowed)
++ if (mdnid == NID_sha1 && !sha1_allowed) {
++ if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
++ /* SHA1 is globally disabled, check whether we want to locally allow
++ * it. */
+ mdnid = -1;
++ else
++ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_get_approved_nid_with_sha1_1, mdnid);
++ }
+ #endif
+
+ return mdnid;
+@@ -258,9 +263,12 @@ int ossl_digest_is_allowed(OSSL_LIB_CTX *ctx, const EVP_MD *md)
+ #ifndef FIPS_MODULE
+ {
+ int mdnid = EVP_MD_nid(md);
+- if ((mdnid == NID_sha1 || mdnid == NID_md5_sha1)
+- && !ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
+- return 0;
++ if (mdnid == NID_sha1 || mdnid == NID_md5_sha1) {
++ if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
++ return 0;
++ else
++ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_is_allowed_1, mdnid);
++ }
+ }
+ #endif
+
+diff --git a/providers/common/securitycheck_default.c b/providers/common/securitycheck_default.c
+index ce54a94fbc..ecb3a9d4b6 100644
+--- a/providers/common/securitycheck_default.c
++++ b/providers/common/securitycheck_default.c
+@@ -17,6 +17,8 @@
+ #include "internal/nelem.h"
+ #include "internal/sslconf.h"
+
++#include <sys/sdt.h>
++
+ /* Disable the security checks in the default provider */
+ int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)
+ {
+@@ -40,9 +42,16 @@ int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX *ctx, const EVP_MD *md,
+
+ ldsigs_allowed = ossl_ctx_legacy_digest_signatures_allowed(ctx, 0);
+ mdnid = ossl_digest_get_approved_nid_with_sha1(ctx, md, sha1_allowed || ldsigs_allowed);
++ if (mdnid == NID_sha1)
++ /* This will only happen if SHA1 is allowed, otherwise mdnid is -1. */
++ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_rsa_sign_get_md_nid_1, mdnid);
+ if (mdnid == NID_undef)
+ mdnid = ossl_digest_md_to_nid(md, name_to_nid, OSSL_NELEM(name_to_nid));
+- if (mdnid == NID_md5_sha1 && !ldsigs_allowed)
+- mdnid = -1;
++ if (mdnid == NID_md5_sha1) {
++ if (ldsigs_allowed)
++ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_rsa_sign_get_md_nid_2, mdnid);
++ else
++ mdnid = -1;
++ }
+ return mdnid;
+ }
+diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
+index e47ddf56f1..a4b9ff749e 100644
+--- a/ssl/t1_lib.c
++++ b/ssl/t1_lib.c
+@@ -28,6 +28,8 @@
+ #include "ssl_local.h"
+ #include <openssl/ct.h>
+
++#include <sys/sdt.h>
++
+ static const SIGALG_LOOKUP *find_sig_alg(SSL *s, X509 *x, EVP_PKEY *pkey);
+ static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu);
+
+@@ -1568,6 +1570,7 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
+ && SSL_get_security_level(s) < 2) {
+ /* when rh-allow-sha1-signatures = yes and security level <= 1,
+ * explicitly allow SHA1 for backwards compatibility */
++ DTRACE_PROBE1(libssl, fedora_tls12_check_peer_sigalg_1, lu->hash);
+ } else {
+ /*
+ * Make sure security callback allows algorithm. For historical
+@@ -2120,6 +2123,7 @@ static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu)
+ && SSL_get_security_level(s) < 2) {
+ /* when rh-allow-sha1-signatures = yes and security level <= 1,
+ * explicitly allow SHA1 for backwards compatibility */
++ DTRACE_PROBE1(libssl, fedora_tls12_sigalg_allowed_1, lu->hash);
+ return 1;
+ }
+
+@@ -3018,10 +3022,12 @@ static int ssl_security_cert_sig(SSL *s, SSL_CTX *ctx, X509 *x, int op)
+ && ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)
+ && ((s != NULL && SSL_get_security_level(s) < 2)
+ || (ctx != NULL && SSL_CTX_get_security_level(ctx) < 2)
+- ))
++ )) {
+ /* When rh-allow-sha1-signatures = yes and security level <= 1,
+ * explicitly allow SHA1 for backwards compatibility. */
++ DTRACE_PROBE1(libssl, fedora_ssl_security_cert_sig_1, nid);
+ return 1;
++ }
+
+ if (s)
+ return ssl_security(s, op, secbits, nid, x);
+--
+2.35.1
diff --git a/openssl.spec b/openssl.spec
index af8a1f2..289670a 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -15,7 +15,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 3.0.2
-Release: 3%{?dist}
+Release: 4%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@@ -73,6 +73,12 @@ Patch52: 0052-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch
# Support SHA1 in TLS in LEGACY crypto-policy (which is SECLEVEL=1)
Patch52: 0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch
%endif
+%if 0%{?rhel}
+# no USDT probe instrumentation required
+%else
+# Instrument with USDT probes related to SHA-1 deprecation
+Patch53: 0053-Add-SHA1-probes.patch
+%endif
License: ASL 2.0
URL: http://www.openssl.org/
@@ -87,6 +93,7 @@ BuildRequires: perl(Module::Load::Conditional), perl(File::Temp)
BuildRequires: perl(Time::HiRes), perl(IPC::Cmd), perl(Pod::Html), perl(Digest::SHA)
BuildRequires: perl(FindBin), perl(lib), perl(File::Compare), perl(File::Copy), perl(bigint)
BuildRequires: git-core
+BuildRequires: systemtap-sdt-devel
Requires: coreutils
Requires: %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release}
@@ -403,6 +410,9 @@ install -m644 %{SOURCE9} \
%ldconfig_scriptlets libs
%changelog
+* Tue Apr 26 2022 Alexander Sosedkin <asosedkin@redhat.com> - 1:3.0.2-4
+- Instrument with USDT probes related to SHA-1 deprecation
+
* Wed Apr 20 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.2-3
- Disable SHA-1 by default in ELN using the patches from CentOS
- Fix a FIXME in the openssl.cnf(5) manpage
^ permalink raw reply related [flat|nested] 2+ messages in thread* [rpms/openssl] rebase_40beta: Instrument with USDT probes related to SHA-1 deprecation
@ 2026-06-09 12:45 Alexander Sosedkin
0 siblings, 0 replies; 2+ messages in thread
From: Alexander Sosedkin @ 2026-06-09 12:45 UTC (permalink / raw)
To: git-commits
A new commit has been pushed.
Repo : rpms/openssl
Branch : rebase_40beta
Commit : 52331659e91ec7a474c4b616fa0b4b7b2fa624aa
Author : Alexander Sosedkin <asosedkin@redhat.com>
Date : 2024-05-28T09:33:50+02:00
Stats : +250/-1 in 2 file(s)
URL : https://src.fedoraproject.org/rpms/openssl/c/52331659e91ec7a474c4b616fa0b4b7b2fa624aa?branch=rebase_40beta
Log:
Instrument with USDT probes related to SHA-1 deprecation
The current attempt is for
https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer
---
diff --git a/0120-Allow-disabling-of-SHA1-signatures.patch b/0120-Allow-disabling-of-SHA1-signatures.patch
new file mode 100644
index 0000000..01ad338
--- /dev/null
+++ b/0120-Allow-disabling-of-SHA1-signatures.patch
@@ -0,0 +1,244 @@
+From e30ce86ca436f042559c2228724b40cf43985314 Mon Sep 17 00:00:00 2001
+From: Clemens Lang <cllang@redhat.com>
+Date: Thu, 21 Mar 2024 19:10:57 +0100
+Subject: [PATCH] Instrument with USDT probes related to SHA-1 deprecation
+
+In order to discover remaining uses of SHA-1 in signatures without
+forcefully breaking the code paths, add USDT probes that can be queried
+with systemtap at runtime.
+
+This should allow identifying components that still use SHA-1 signatures
+in production so that they can be transitioned to more modern hash
+algorithms.
+
+Patch-name: 0120-Allow-disabling-of-SHA1-signatures.patch
+Patch-id: 120
+Patch-status: |
+ # https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer
+Submitted-by: Alexander Sosedkin <asosedkin@redhat.com>
+---
+ crypto/evp/m_sigver.c | 13 +++++++++----
+ crypto/evp/pmeth_lib.c | 13 +++++++++----
+ crypto/x509/x509_vfy.c | 6 +++++-
+ providers/common/securitycheck.c | 22 +++++++++++++++-------
+ providers/common/securitycheck_default.c | 13 +++++++++++--
+ ssl/t1_lib.c | 8 +++++++-
+ 7 files changed, 60 insertions(+), 20 deletions(-)
+
+diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
+index 3e9f33c26c..bebea9c5f6 100644
+--- a/crypto/evp/m_sigver.c
++++ b/crypto/evp/m_sigver.c
+@@ -17,6 +17,8 @@
+ #include "evp_local.h"
+ #include "crypto/context.h"
+
++#include <sys/sdt.h>
++
+ typedef struct ossl_legacy_digest_signatures_st {
+ int allowed;
+ } OSSL_LEGACY_DIGEST_SIGNATURES;
+@@ -335,10 +337,13 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ && !EVP_PKEY_is_a(locpctx->pkey, SN_tls1_prf)
+ && !EVP_PKEY_is_a(locpctx->pkey, SN_hkdf)) {
+ int mdnid = EVP_MD_nid(ctx->reqdigest);
+- if (!ossl_ctx_legacy_digest_signatures_allowed(locpctx->libctx, 0)
+- && (mdnid == NID_sha1 || mdnid == NID_md5_sha1)) {
+- ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
+- goto err;
++ if (mdnid == NID_sha1 || mdnid == NID_md5_sha1) {
++ if (!ossl_ctx_legacy_digest_signatures_allowed(locpctx->libctx, 0)) {
++ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
++ goto err;
++ } else {
++ DTRACE_PROBE1(libcrypto, fedora_do_sigver_init_1, mdnid);
++ }
+ }
+ }
+ #endif /* !defined(FIPS_MODULE) */
+diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
+index 248f655d0f..92f98c4c21 100644
+--- a/crypto/evp/pmeth_lib.c
++++ b/crypto/evp/pmeth_lib.c
+@@ -36,6 +36,8 @@
+ #include "internal/sslconf.h"
+ #include "evp_local.h"
+
++#include <sys/sdt.h>
++
+ #ifndef FIPS_MODULE
+
+ static int evp_pkey_ctx_store_cached_data(EVP_PKEY_CTX *ctx,
+@@ -959,10 +961,13 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
+ && !EVP_PKEY_is_a(ctx->pkey, SN_tls1_prf)
+ && !EVP_PKEY_is_a(ctx->pkey, SN_hkdf)) {
+ int mdnid = EVP_MD_nid(md);
+- if ((mdnid == NID_sha1 || mdnid == NID_md5_sha1)
+- && !ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0)) {
+- ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
+- return -1;
++ if (mdnid == NID_sha1 || mdnid == NID_md5_sha1) {
++ if (!ossl_ctx_legacy_digest_signatures_allowed(ctx->libctx, 0)) {
++ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_DIGEST);
++ return -1;
++ } else {
++ DTRACE_PROBE1(libcrypto, fedora_evp_pkey_ctx_set_md_1, mdnid);
++ }
+ }
+ }
+
+diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
+index 1dfbe58a4a..6ef83792f8 100644
+--- a/crypto/x509/x509_vfy.c
++++ b/crypto/x509/x509_vfy.c
+@@ -29,6 +29,8 @@
+ #include "crypto/x509.h"
+ #include "x509_local.h"
+
++#include <sys/sdt.h>
++
+ /* CRL score values */
+
+ #define CRL_SCORE_NOCRITICAL 0x100 /* No unhandled critical extensions */
+@@ -3689,11 +3691,13 @@ static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert)
+
+ if ((nid == NID_sha1 || nid == NID_md5_sha1)
+ && ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)
+- && ctx->param->auth_level < 2)
++ && ctx->param->auth_level < 2) {
++ DTRACE_PROBE1(libcrypto, fedora_check_sig_level_1, nid);
+ /* When rh-allow-sha1-signatures = yes and security level <= 1,
+ * explicitly allow SHA1 for backwards compatibility. Also allow
+ * MD5-SHA1 because TLS 1.0 is still supported, which uses it. */
+ return 1;
++ }
+
+ return secbits >= minbits_table[level - 1];
+ }
+diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c
+index f635b5aec8..b061125291 100644
+--- a/providers/common/securitycheck.c
++++ b/providers/common/securitycheck.c
+@@ -21,6 +21,8 @@
+ #include "prov/securitycheck.h"
+ #include "internal/sslconf.h"
+
++#include <sys/sdt.h>
++
+ /*
+ * FIPS requires a minimum security strength of 112 bits (for encryption or
+ * signing), and for legacy purposes 80 bits (for decryption or verifying).
+@@ -247,11 +249,14 @@ int ossl_digest_get_approved_nid_with_sha1(OSSL_LIB_CTX *ctx, const EVP_MD *md,
+ # endif /* OPENSSL_NO_FIPS_SECURITYCHECKS */
+
+ #ifndef FIPS_MODULE
+- if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
+- /* SHA1 is globally disabled, check whether we want to locally allow
+- * it. */
+- if (mdnid == NID_sha1 && !sha1_allowed)
++ if (mdnid == NID_sha1 && !sha1_allowed) {
++ if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
++ /* SHA1 is globally disabled, check whether we want to locally allow
++ * it. */
+ mdnid = -1;
++ else
++ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_get_approved_nid_with_sha1_1, mdnid);
++ }
+ #endif
+
+ return mdnid;
+@@ -267,9 +272,12 @@ int ossl_digest_is_allowed(OSSL_LIB_CTX *ctx, const EVP_MD *md)
+ #ifndef FIPS_MODULE
+ {
+ int mdnid = EVP_MD_nid(md);
+- if ((mdnid == NID_sha1 || mdnid == NID_md5_sha1)
+- && !ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
+- return 0;
++ if (mdnid == NID_sha1 || mdnid == NID_md5_sha1) {
++ if (!ossl_ctx_legacy_digest_signatures_allowed(ctx, 0))
++ return 0;
++ else
++ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_is_allowed_1, mdnid);
++ }
+ }
+ #endif
+
+diff --git a/providers/common/securitycheck_default.c b/providers/common/securitycheck_default.c
+index 2ca7a59f39..13993b5eb1 100644
+--- a/providers/common/securitycheck_default.c
++++ b/providers/common/securitycheck_default.c
+@@ -17,6 +17,8 @@
+ #include "internal/nelem.h"
+ #include "internal/sslconf.h"
+
++#include <sys/sdt.h>
++
+ /* Disable the security checks in the default provider */
+ int ossl_securitycheck_enabled(OSSL_LIB_CTX *libctx)
+ {
+@@ -46,9 +48,16 @@ int ossl_digest_rsa_sign_get_md_nid(OSSL_LIB_CTX *ctx, const EVP_MD *md,
+
+ ldsigs_allowed = ossl_ctx_legacy_digest_signatures_allowed(ctx, 0);
+ mdnid = ossl_digest_get_approved_nid_with_sha1(ctx, md, sha1_allowed || ldsigs_allowed);
++ if (mdnid == NID_sha1)
++ /* This will only happen if SHA1 is allowed, otherwise mdnid is -1. */
++ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_rsa_sign_get_md_nid_1, mdnid);
+ if (mdnid == NID_undef)
+ mdnid = ossl_digest_md_to_nid(md, name_to_nid, OSSL_NELEM(name_to_nid));
+- if (mdnid == NID_md5_sha1 && !ldsigs_allowed)
+- mdnid = -1;
++ if (mdnid == NID_md5_sha1) {
++ if (ldsigs_allowed)
++ DTRACE_PROBE1(libcrypto, fedora_ossl_digest_rsa_sign_get_md_nid_2, mdnid);
++ else
++ mdnid = -1;
++ }
+ return mdnid;
+ }
+diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
+index 87f2ae7000..19ed7b6265 100644
+--- a/ssl/t1_lib.c
++++ b/ssl/t1_lib.c
+@@ -29,6 +29,8 @@
+ #include "quic/quic_local.h"
+ #include <openssl/ct.h>
+
++#include <sys/sdt.h>
++
+ static const SIGALG_LOOKUP *find_sig_alg(SSL_CONNECTION *s, X509 *x, EVP_PKEY *pkey);
+ static int tls12_sigalg_allowed(const SSL_CONNECTION *s, int op, const SIGALG_LOOKUP *lu);
+
+@@ -1998,6 +2000,7 @@ int tls12_check_peer_sigalg(SSL_CONNECTION *s, uint16_t sig, EVP_PKEY *pkey)
+ /* When rh-allow-sha1-signatures = yes and security level <= 1,
+ * explicitly allow SHA1 for backwards compatibility. Also allow
+ * MD5-SHA1 because TLS 1.0 is still supported, which uses it. */
++ DTRACE_PROBE1(libssl, fedora_tls12_check_peer_sigalg_1, lu->hash);
+ } else {
+ /*
+ * Make sure security callback allows algorithm. For historical
+@@ -2592,6 +2595,7 @@ static int tls12_sigalg_allowed(const SSL_CONNECTION *s, int op,
+ /* When rh-allow-sha1-signatures = yes and security level <= 1,
+ * explicitly allow SHA1 for backwards compatibility. Also allow
+ * MD5-SHA1 because TLS 1.0 is still supported, which uses it. */
++ DTRACE_PROBE1(libssl, fedora_tls12_sigalg_allowed_1, lu->hash);
+ return 1;
+ }
+
+@@ -3564,11 +3568,13 @@ static int ssl_security_cert_sig(SSL_CONNECTION *s, SSL_CTX *ctx, X509 *x,
+ && ossl_ctx_legacy_digest_signatures_allowed(libctx, 0)
+ && ((s != NULL && SSL_get_security_level(SSL_CONNECTION_GET_SSL(s)) < 2)
+ || (ctx != NULL && SSL_CTX_get_security_level(ctx) < 2)
+- ))
++ )) {
+ /* When rh-allow-sha1-signatures = yes and security level <= 1,
+ * explicitly allow SHA1 for backwards compatibility. Also allow
+ * MD5-SHA1 because TLS 1.0 is still supported, which uses it. */
++ DTRACE_PROBE1(libssl, fedora_ssl_security_cert_sig_1, nid);
+ return 1;
++ }
+
+ if (s != NULL)
+ return ssl_security(s, op, secbits, nid, x);
+--
+GitLab
+
diff --git a/openssl.spec b/openssl.spec
index 913164b..b8f7ac7 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -29,7 +29,7 @@ print(string.sub(hash, 0, 16))
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 3.2.1
-Release: 7%{?dist}
+Release: 8%{?dist}
Epoch: 1
Source: openssl-%{version}.tar.gz
Source2: Makefile.certificate
@@ -147,6 +147,8 @@ Patch117: 0117-ignore-unknown-sigalgorithms-groups.patch
Patch118: 0118-no-crl-memleak.patch
# https://github.com/openssl/openssl/issues/22779
Patch119: 0119-provider-sigalgs-in-signaturealgorithms-conf.patch
+# https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer
+Patch120: 0120-Allow-disabling-of-SHA1-signatures.patch
# From CentOS 9
Patch121: 0121-FIPS-cms-defaults.patch
@@ -487,6 +489,9 @@ install -m644 %{SOURCE9} \
%ldconfig_scriptlets libs
%changelog
+* Tue May 28 2024 Alexander Sosedkin <asosedkin@redhat.com> - 1:3.2.1-8
+- Instrument with USDT probes related to SHA-1 deprecation
+
* Tue May 14 2024 David Abdurachmanov <davidlt@rivosinc.com> - 1:3.2.1-7
- Add --libdir=%{_lib} for riscv64 (uses linux-generic64)
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-06-09 12:45 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-09 12:44 [rpms/openssl] rebase_40beta: Instrument with USDT probes related to SHA-1 deprecation Alexander Sosedkin
2026-06-09 12:45 Alexander Sosedkin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox