I upgraded some machines to Ubuntu 22.04(.1) this weekend, and hit the
failure in this bug in boxbackup-client; specifically, bbackupd aborts
on startup because it uses Blowfish, which openssl 3.x has now relegated
to the "legacy" provider.
I made the attached patch, which causes the package to build and run on
both openssl 3.x and pre-3.x systems.
Note, however, that on openssl 3.x systems, a number of the tests run at
build time still fail with:
FAILED: Exception caught: TLSServerWeakCertificate: Failed to load certificates
from testfiles/clientCerts.pem: hash too weak for current security level
but that is for a different reason: the pre-built certificates bundled
with the source package for running the tests use the
now-deemed-insecure SHA1 hash.
Nonetheless, the package builds, and works fine at runtime, assuming
you've upgraded your certs to sha256 as recommended here:
https://github.com/boxbackup/boxbackup/wiki/WeakSSLCertificates#replacing-certificates
This patch is against the version in Ubuntu 22.04.1:
oxbackup_0.13~~git20200326.g8e8b63c-1ubuntu2.dsc
--
Ian Goldberg
Canada Research Chair in Privacy Enhancing Technologies
Professor, Cheriton School of Computer Science
University of Waterloo
index 78b99f7..812f5d1 100644
--- a/infrastructure/m4/ax_check_ssl.m4
+++ b/infrastructure/m4/ax_check_ssl.m4
@@ -32,6 +32,7 @@ AC_DEFUN([AX_CHECK_SSL], [
if test "x$ax_check_ssl_found" = "xyes"; then
AC_DEFINE([HAVE_SSL], 1, [Define to 1 if SSL is available])
+ AC_CHECK_HEADERS([openssl/provider.h],,)
m4_ifvaln([$1],[$1],[:])dnl
m4_ifvaln([$2],[else $2])dnl
fi
diff --git a/lib/server/SSLLib.cpp b/lib/server/SSLLib.cpp
index 1bcadb0..ac8847c 100644
--- a/lib/server/SSLLib.cpp
+++ b/lib/server/SSLLib.cpp
@@ -13,6 +13,9 @@
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
+#ifdef HAVE_OPENSSL_PROVIDER_H
+#include <openssl/provider.h>
+#endif
#ifdef WIN32
#include <wincrypt.h>
@@ -49,6 +52,20 @@ void SSLLib::Initialise()
// More helpful error messages
::SSL_load_error_strings();
+#ifdef HAVE_OPENSSL_PROVIDER_H
+ // We use Blowfish, so in OpenSSL 3.x we need to explicitly load
+ // the legacy provider. Then if you explicitly load any provider
+ // the default provider is no longer loaded implicitly, so load
+ // that as well.
+ OSSL_PROVIDER *legacy = OSSL_PROVIDER_load(NULL, "legacy");
+ OSSL_PROVIDER *deflt = OSSL_PROVIDER_load(NULL, "default");
+ if (legacy == NULL || deflt == NULL) {
+ THROW_EXCEPTION_MESSAGE(ServerException,
+ SSLLibraryInitialisationError,
+ CryptoUtils::LogError("loading OpenSSL providers"));
+ }
+#endif
+
// Extra seeding over and above what's already done by the library
#ifdef WIN32
HCRYPTPROV provider;
