From: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: git-packagers@googlegroups.com, git@vger.kernel.org,
"brian m . carlson" <sandals@crustytoothpaste.net>,
Carlo Arenas <carenas@gmail.com>, Mike Hommey <mh@glandium.org>,
Eric Sunshine <sunshine@sunshineco.com>,
git-packagers <git-packagers@googlegroups.com>,
Tim Harper <timcharper@gmail.com>, Jeff King <peff@peff.org>
Subject: Re: [PATCH 0/5] core: update our SHA-1 docs, use sha1collisiondetection on OSX too
Date: Thu, 26 May 2022 21:02:54 +0200 [thread overview]
Message-ID: <220526.86ilps3yk4.gmgdl@evledraar.gmail.com> (raw)
In-Reply-To: <220519.86k0ah2ryh.gmgdl@evledraar.gmail.com>
On Thu, May 19 2022, Ævar Arnfjörð Bjarmason wrote:
> On Fri, Apr 22 2022, Junio C Hamano wrote:
>
>> Ævar Arnfjörð Bjarmason <avarab@gmail.com> writes:
>>
>>> I wasn't able to find any on-list references to it being intentional,
>>> but it appears that while we made the sha1collisiondetection variant
>>> of SHA-1 the default in early 2017 we've never updated the OSX builds
>>> to do likewise.
>>>
>>> I don't know what various git packages for OSX to, but our vanilla OSX
>>> distribution definitely uses Apple Common Crypto, and won't detect the
>>> https://shattered.io attack.
>>>
>>> This series changes that, and while doing so in 2/5 updates our
>>> documentation and Makefile interface for the SHA-1 selection. Our
>>> INSTALL file was still claiming we used OpenSSL's SHA-1 by default.
>>>
>>> Then since we'd made sha1collisiondetection the default we hadn't
>>> changed the code's default fallback to be that, it was still
>>> block-sha1. Now our fallback behavior is "error" instead, which makes
>>> it less likely that we'll get some foot-gun like the "OSX not using
>>> sha1collisiondetection" again.
>>>
>>> The 4/5 and 5/5 then remove the PPC_SHA1 implementation. I submitted
>>> this before as [1], and the range-diff is to that submission (it
>>> wasn't picked up). I think it makes sense as part of this general
>>> SHA-1 cleanup.
>>
>> Thanks for this effort.
>>
>> I'd like to see somebody with "building Git for distributing to
>> macOS" background to comment (I am assuming that the mailing list
>> git-packagers@googlegroups.com is the way to reach them).
>
> *Bump* in case anyone there would like to chime on this bit of OSX
> portability.
>
> I also sent an off-list E-Mail to Tim Harper today, and addresses which
> I gather (from some old git-security@ traffic) are involved in packaging
> the Apple Git shipped with OSX itself.
>
> In the meantime do you mind if this topic were queued up? If there are
> any lingering portability concerns getting it into CI and exposed to
> anyone else building on OSX would be a good thing.
>
> I don't see any reason for why we'd decide that OSX out of all our
> supported platforms should be the only one where we're not mitigating
> the SHAttered attack (and similar future attacks) by default.
>
> So aside from any finer details of OSX portability the direction here of
> building with sha1collisiondetection by default on OSX by default seems
> like a safe bet, just as we do on the rest of our (checks out
> config.mak.uname) 20+ supported platforms (per `uname -s`).
Update: I didn't get a reply from Tim or the people I E-Mailed
@apple.com a week ago.
Junio: I still think it makes sense to just queue this anyway & finally
get the OSX build to use the SHAttered mitigation sha1collisiondetection
gives us by default.
next prev parent reply other threads:[~2022-05-26 19:05 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-22 9:53 [PATCH 0/5] core: update our SHA-1 docs, use sha1collisiondetection on OSX too Ævar Arnfjörð Bjarmason
2022-04-22 9:53 ` [PATCH 1/5] Makefile: create and use sections for "define" flag listing Ævar Arnfjörð Bjarmason
2022-04-22 9:53 ` [PATCH 2/5] Makefile: really use and document sha1collisiondetection by default Ævar Arnfjörð Bjarmason
2022-04-22 9:53 ` [PATCH 3/5] Makefile: rephrase the discussion of *_SHA1 knobs Ævar Arnfjörð Bjarmason
2022-04-22 9:53 ` [PATCH 4/5] Makefile + hash.h: remove PPC_SHA1 implementation Ævar Arnfjörð Bjarmason
2022-04-22 9:53 ` [PATCH 5/5] Makefile: use $(OBJECTS) instead of $(C_OBJ) Ævar Arnfjörð Bjarmason
2022-04-22 18:56 ` [PATCH 0/5] core: update our SHA-1 docs, use sha1collisiondetection on OSX too Junio C Hamano
2022-05-19 20:14 ` Ævar Arnfjörð Bjarmason
2022-05-26 19:02 ` Ævar Arnfjörð Bjarmason [this message]
2022-10-19 1:03 ` [PATCH v2 0/4] " Ævar Arnfjörð Bjarmason
2022-10-19 1:03 ` [PATCH v2 1/4] fsmonitor OSX: compile with DC_SHA1=YesPlease Ævar Arnfjörð Bjarmason
2022-10-19 1:03 ` [PATCH v2 2/4] Makefile: create and use sections for "define" flag listing Ævar Arnfjörð Bjarmason
2022-10-19 1:03 ` [PATCH v2 3/4] Makefile: really use and document sha1collisiondetection by default Ævar Arnfjörð Bjarmason
2022-10-19 2:59 ` Eric Sunshine
2022-10-19 16:28 ` Junio C Hamano
2022-10-19 18:54 ` Ævar Arnfjörð Bjarmason
2022-10-19 19:43 ` Junio C Hamano
2022-10-19 22:15 ` Junio C Hamano
2022-10-19 22:27 ` Junio C Hamano
2022-10-20 21:15 ` brian m. carlson
2022-10-19 1:03 ` [PATCH v2 4/4] Makefile: rephrase the discussion of *_SHA1 knobs Ævar Arnfjörð Bjarmason
2022-10-20 22:43 ` [PATCH v3 0/9] Makefile & docs: document SHA-{1,256} behavior, fix bug Ævar Arnfjörð Bjarmason
2022-10-20 22:43 ` [PATCH v3 1/9] Makefile: always (re)set DC_SHA1 on fallback Ævar Arnfjörð Bjarmason
2022-10-20 22:43 ` [PATCH v3 2/9] INSTALL: remove discussion of SHA-1 backends Ævar Arnfjörð Bjarmason
2022-10-20 22:43 ` [PATCH v3 3/9] Makefile: correct DC_SHA1 documentation Ævar Arnfjörð Bjarmason
2022-10-20 22:43 ` [PATCH v3 4/9] Makefile: create and use sections for "define" flag listing Ævar Arnfjörð Bjarmason
2022-10-20 22:43 ` [PATCH v3 5/9] Makefile: rephrase the discussion of *_SHA1 knobs Ævar Arnfjörð Bjarmason
2022-10-20 22:43 ` [PATCH v3 6/9] Makefile: document default SHA-256 backend Ævar Arnfjörð Bjarmason
2022-10-20 22:43 ` [PATCH v3 7/9] Makefile: document SHA-1 and SHA-256 default and selection order Ævar Arnfjörð Bjarmason
2022-10-20 22:58 ` Eric Sunshine
2022-10-20 22:43 ` [PATCH v3 8/9] Makefile: document default SHA-1 backend on OSX Ævar Arnfjörð Bjarmason
2022-10-20 23:01 ` Eric Sunshine
2022-10-20 22:43 ` [PATCH v3 9/9] Makefile: discuss SHAttered in *_SHA{1,256} discussion Ævar Arnfjörð Bjarmason
2022-10-26 14:56 ` [PATCH v4 0/9] Makefile & docs: document SHA-{1,256} behavior, fix bug Ævar Arnfjörð Bjarmason
2022-10-26 14:56 ` [PATCH v4 1/9] Makefile: always (re)set DC_SHA1 on fallback Ævar Arnfjörð Bjarmason
2022-10-26 14:56 ` [PATCH v4 2/9] INSTALL: remove discussion of SHA-1 backends Ævar Arnfjörð Bjarmason
2022-10-26 14:56 ` [PATCH v4 3/9] Makefile: correct DC_SHA1 documentation Ævar Arnfjörð Bjarmason
2022-10-26 14:56 ` [PATCH v4 4/9] Makefile: create and use sections for "define" flag listing Ævar Arnfjörð Bjarmason
2022-10-26 14:56 ` [PATCH v4 5/9] Makefile: rephrase the discussion of *_SHA1 knobs Ævar Arnfjörð Bjarmason
2022-10-26 14:56 ` [PATCH v4 6/9] Makefile: document default SHA-256 backend Ævar Arnfjörð Bjarmason
2022-10-26 14:56 ` [PATCH v4 7/9] Makefile: document SHA-1 and SHA-256 default and selection order Ævar Arnfjörð Bjarmason
2022-10-26 22:30 ` Junio C Hamano
2022-10-26 14:56 ` [PATCH v4 8/9] Makefile: document default SHA-1 backend on OSX Ævar Arnfjörð Bjarmason
2022-10-26 14:56 ` [PATCH v4 9/9] Makefile: discuss SHAttered in *_SHA{1,256} discussion Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 00/10] Makefile, docs & code: document & fix SHA-{1,256} selection behavior Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 01/10] Makefile: always (re)set DC_SHA1 on fallback Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 02/10] INSTALL: remove discussion of SHA-1 backends Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 03/10] Makefile: correct DC_SHA1 documentation Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 04/10] Makefile: create and use sections for "define" flag listing Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 05/10] Makefile: rephrase the discussion of *_SHA1 knobs Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 06/10] Makefile: document default SHA-256 backend Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 07/10] Makefile: document SHA-1 and SHA-256 default and selection order Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 08/10] Makefile & test-tool: replace "DC_SHA1" variable with a "define" Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 09/10] Makefile: document default SHA-1 backend on OSX Ævar Arnfjörð Bjarmason
2022-11-07 21:23 ` [PATCH v5 10/10] Makefile: discuss SHAttered in *_SHA{1,256} discussion Ævar Arnfjörð Bjarmason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=220526.86ilps3yk4.gmgdl@evledraar.gmail.com \
--to=avarab@gmail.com \
--cc=carenas@gmail.com \
--cc=git-packagers@googlegroups.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=mh@glandium.org \
--cc=peff@peff.org \
--cc=sandals@crustytoothpaste.net \
--cc=sunshine@sunshineco.com \
--cc=timcharper@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).