Infinite Loop in OpenSSL s_server
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssl (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Focal |
Fix Released
|
Medium
|
Unassigned | ||
Impish |
Fix Released
|
Medium
|
Unassigned | ||
Jammy |
Fix Released
|
Medium
|
Unassigned |
Bug Description
[Impact]
The TLS test server `openssl s_server` can very easily be led into an
infinite loop if configured with incompatible settings and used via
DTLS. This makes it harder to test one's TLS configuration.
[Test plan]
In one session:
$ openssl s_server -nocert -psk 01020304 -dtls1
In parallel:
$ openssl s_client -dtls1 -psk 01020304
The server session will enter an infinite loop:
Using default temp DH parameters
ACCEPT
ERROR
140247926990208
ERROR
140247926990208
ERROR
... etc...
[Where problems could occur]
The patch is fairly self-contained, so regressions should only occur in
the `openssl s_server` application, and not in the libssl or libcrypto
libraries.
However, the patch could break said server, which might be used in e.g.
autopkgtests.
[Original report]
Launching openssl s_server as follows:
$ openssl s_server -nocert -psk 01020304 -dtls1
And using openssl s_client to connect to it like this:
$ openssl s_client -dtls1 -psk 01020304
Results in s_server entering an infinite loop:
Using default temp DH parameters
ACCEPT
ERROR
140247926990208
ERROR
140247926990208
ERROR
...and so on...
I have confirmed that upstream OpenSSL does not have this issue in a default build of 1.1.1j or 1.1.1k. Upstream 1.1.1l has a different bug with these commands (https:/
$ lsb_release -rd
Description: Ubuntu 21.04
Release: 21.04
$ apt-cache policy openssl
openssl:
Installed: 1.1.1j-1ubuntu3.5
Candidate: 1.1.1j-1ubuntu3.5
Version table:
*** 1.1.1j-1ubuntu3.5 500
500 http://
500 http://
100 /var/lib/
1.
500 http://
$ openssl version -a
OpenSSL 1.1.1j 16 Feb 2021
built on: Mon Aug 23 17:02:39 2021 UTC
platform: debian-amd64
options: bn(64,64) rc4(16x,int) des(int) blowfish(ptr)
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -ffile-
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/
Seeding source: os-specific
Related branches
- Canonical Server: Pending requested
- git-ubuntu import: Pending requested
-
Diff: 5913 lines (+5452/-13)49 files modifieddebian/README.debian (+0/-8)
debian/changelog (+524/-0)
debian/control (+4/-1)
debian/libssl3.postinst (+226/-0)
debian/libssl3.templates (+42/-0)
debian/patches/Drop-the-last-ossl_init_casecmp-call.patch (+36/-0)
debian/patches/Set-systemwide-default-settings-for-libssl-users.patch (+2/-3)
debian/patches/lp1947588.patch (+97/-0)
debian/patches/series (+11/-0)
debian/patches/skip_tls1.1_seclevel3_tests.patch (+51/-0)
debian/patches/strcasecmp-implement-strcasecmp-and-strncasecmp.patch (+215/-0)
debian/patches/tests-use-seclevel-1.patch (+235/-0)
debian/patches/tls1.2-min-seclevel2.patch (+63/-0)
debian/patches/tolower-refine-the-tolower-code-to-avoid-a-memory-ac.patch (+139/-0)
debian/po/ar.po (+108/-0)
debian/po/ca.po (+117/-0)
debian/po/cs.po (+119/-0)
debian/po/da.po (+119/-0)
debian/po/de.po (+119/-0)
debian/po/el.po (+115/-0)
debian/po/es.po (+153/-0)
debian/po/eu.po (+114/-0)
debian/po/fi.po (+121/-0)
debian/po/fr.po (+128/-0)
debian/po/gl.po (+108/-0)
debian/po/hu.po (+101/-0)
debian/po/it.po (+117/-0)
debian/po/ja.po (+109/-0)
debian/po/ko.po (+104/-0)
debian/po/lt.po (+124/-0)
debian/po/ml.po (+106/-0)
debian/po/nb.po (+117/-0)
debian/po/nl.po (+130/-0)
debian/po/pl.po (+120/-0)
debian/po/pt.po (+115/-0)
debian/po/pt_BR.po (+131/-0)
debian/po/ro.po (+115/-0)
debian/po/ru.po (+119/-0)
debian/po/sk.po (+113/-0)
debian/po/sv.po (+126/-0)
debian/po/ta.po (+95/-0)
debian/po/templates.pot (+95/-0)
debian/po/tr.po (+118/-0)
debian/po/uk.po (+105/-0)
debian/po/vi.po (+107/-0)
debian/po/zh_CN.po (+106/-0)
debian/po/zh_TW.po (+98/-0)
debian/rules (+14/-0)
debian/tests/control (+1/-1)
tags: | removed: rls-ff-incoming |
Changed in openssl (Ubuntu Jammy): | |
importance: | Undecided → Medium |
Changed in openssl (Ubuntu Impish): | |
importance: | Undecided → Medium |
Changed in openssl (Ubuntu Focal): | |
importance: | Undecided → Medium |
tags: | added: fr-2135 |
tags: | removed: rls-jj-incoming |
description: | updated |
Hi Matt, thanks for taking the time to report this, as well as investigating the different versions that might be affected.
I just checked, and both Impish and Jammy are affected as well (the latter using OpenSSL 3.0).