Bug #1973760 “Crash when using DIGEST-MD5 with SSF>=128” : Bugs : cyrus-sasl2 package : Ubuntu

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-05-17:

#1

It's also crashing in debian: https://ci.debian.net/data/autopkgtest/unstable/amd64/p/python-bonsai/21842977/log.gz

summary:

- Crash when using DIGEST-MD5 with SSF>0
+ Crash when using DIGEST-MD5 with SSF>=128

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-05-17:

#2

Download full text (6.5 KiB)

Working theory at the moment is that cyrus-sasl2 is using RC4 from OpenSSL, and OpenSSL3 deprecated it:

On Kinetic:
$ openssl version
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)

$ echo -ne test | openssl rc4 -k test
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
Error setting cipher RC4
4057FE8C0B7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:349:Global default library context, Algorithm (RC4 : 37), Properties ()
Salted__gG

On Impish:
$ openssl version
OpenSSL 1.1.1l 24 Aug 2021

$ echo -ne test | openssl rc4 -k test
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
Salted__~T�|=�ʇ��

Jammy:
$ openssl version
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
$ echo -ne "test" | openssl rc4 -k test
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
Error setting cipher RC4
40078BF4127F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:349:Global default library context, Algorithm (RC4 : 37), Properties ()
Salted__��N�x��

Both jammy and kinetic show "Error setting cipher RC4".

Oh, and the stack trace confirming it's inside openssl:
(gdb) bt
#0 0x00007ffff74085cb in EVP_EncryptUpdate (ctx=0x0, out=out@entry=0x5555555c7cf4 "0\036\002\001\004w\031\200\027\061.3.6.1.4.1.4203.1.11.3ST-MD5 client step 3",
    outl=outl@entry=0x7fffffffdbc4, in=0x5555555c8d50 "0\036\002\001\004w\031\200\027\061.3.6.1.4.1.4203.1.11.311.311.3", inl=32) at ../crypto/evp/evp_enc.c:614
#1 0x00007ffff70a07a9 in enc_rc4 (text=0x555555585e00, input=<optimized out>, inputlen=<optimized out>, digest=0x7fffffffdc20 "^\316@+\322}\a\334\006T\005\353:H}\036\260l\\UUU",
    output=0x5555555c7cf4 "0\036\002\001\004w\031\200\027\061.3.6.1.4.1.4203.1.11.3ST-MD5 client step 3", outputlen=0x7fffffffdda4) at ../../plugins/digestmd5.c:1201
#2 0x00007ffff70a1ddb in digestmd5_encode (context=0x555555585e00, invec=<optimized out>, numiov=<optimized out>, output=0x55555559e708, outputlen=0x7fffffffdda4)
    at ../../plugins/digestmd5.c:1552
#3 0x00007ffff7f33c3e in _sasl_encodev (conn=conn@entry=0x555555586cf0, invec=invec@entry=0x7fffffffdd70, numiov=numiov@entry=1, p_num_packets=p_num_packets@entry=0x7fffffffdd0c,
    output=output@entry=0x55555559e708, outputlen=outputlen@entry=0x7fffffffdda4) at ../../lib/common.c:359
#4 0x00007ffff7f360a1 in sasl_encodev (conn=conn@entry=0x555555586cf0, invec=invec@entry=0x7fffffffdd70, numiov=numiov@entry=1, output=output@entry=0x5...

Working theory at the moment is that cyrus-sasl2 is using RC4 from OpenSSL, and OpenSSL3 deprecated it:

On Kinetic:
$ openssl version
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)

$ echo -ne test | openssl rc4 -k test 
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
Error setting cipher RC4
4057FE8C0B7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:349:Global default library context, Algorithm (RC4 : 37), Properties ()
Salted__gG

On Impish:
$ openssl version
OpenSSL 1.1.1l  24 Aug 2021

$ echo -ne test | openssl rc4 -k test
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
Salted__~T�|=�ʇ����

Jammy:
$ openssl version
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
$ echo -ne "test" | openssl rc4 -k test
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
Error setting cipher RC4
40078BF4127F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:349:Global default library context, Algorithm (RC4 : 37), Properties ()
Salted__��N�x���

Both jammy and kinetic show "Error setting cipher RC4".

Oh, and the stack trace confirming it's inside openssl:
(gdb) bt                                                                                                                                                                                       
#0  0x00007ffff74085cb in EVP_EncryptUpdate (ctx=0x0, out=out@entry=0x5555555c7cf4 "0\036\002\001\004w\031\200\027\061.3.6.1.4.1.4203.1.11.3ST-MD5 client step 3",                             
    outl=outl@entry=0x7fffffffdbc4, in=0x5555555c8d50 "0\036\002\001\004w\031\200\027\061.3.6.1.4.1.4203.1.11.311.311.3", inl=32) at ../crypto/evp/evp_enc.c:614                               
#1  0x00007ffff70a07a9 in enc_rc4 (text=0x555555585e00, input=<optimized out>, inputlen=<optimized out>, digest=0x7fffffffdc20 "^\316@+\322}\a\334\006T\005\353:H}\036\260l\\UUU",             
    output=0x5555555c7cf4 "0\036\002\001\004w\031\200\027\061.3.6.1.4.1.4203.1.11.3ST-MD5 client step 3", outputlen=0x7fffffffdda4) at ../../plugins/digestmd5.c:1201                          
#2  0x00007ffff70a1ddb in digestmd5_encode (context=0x555555585e00, invec=<optimized out>, numiov=<optimized out>, output=0x55555559e708, outputlen=0x7fffffffdda4)                            
    at ../../plugins/digestmd5.c:1552                                                                                                                                                          
#3  0x00007ffff7f33c3e in _sasl_encodev (conn=conn@entry=0x555555586cf0, invec=invec@entry=0x7fffffffdd70, numiov=numiov@entry=1, p_num_packets=p_num_packets@entry=0x7fffffffdd0c,            
    output=output@entry=0x55555559e708, outputlen=outputlen@entry=0x7fffffffdda4) at ../../lib/common.c:359                                                                                    
#4  0x00007ffff7f360a1 in sasl_encodev (conn=conn@entry=0x555555586cf0, invec=invec@entry=0x7fffffffdd70, numiov=numiov@entry=1, output=output@entry=0x55555559e708,                           
    outputlen=outputlen@entry=0x7fffffffdda4) at ../../lib/common.c:582                                                                                                                        
#5  0x00007ffff7f361d0 in sasl_encode (conn=0x555555586cf0, input=<optimized out>, inputlen=<optimized out>, output=output@entry=0x55555559e708, outputlen=outputlen@entry=0x7fffffffdda4)     
    at ../../lib/common.c:304                                                                                                                                                                  
#6  0x00007ffff7f665ba in sb_sasl_cyrus_encode (p=0x55555559e680, buf=<optimized out>, len=<optimized out>, dst=0x55555559e6f0) at ../../../../libraries/libldap/cyrus.c:134                   
#7  0x00007ffff7f66b90 in sb_sasl_generic_write (sbiod=0x555555585a30, buf=0x5555555c8d50, len=<optimized out>) at ../../../../libraries/libldap/sasl.c:783                                    
#8  0x00007ffff7f4ad3c in sb_debug_write (sbiod=0x555555586aa0, buf=0x5555555c8d50, len=32) at ../../../../libraries/liblber/sockbuf.c:854                                                     
#9  0x00007ffff7f50105 in ber_int_sb_write (sb=sb@entry=0x555555585900, buf=0x5555555c8d50, len=len@entry=32) at ../../../../libraries/liblber/sockbuf.c:445                                   
#10 0x00007ffff7f5027b in ber_flush2 (sb=0x555555585900, ber=0x5555555c7c90, freeit=freeit@entry=0) at ../../../../libraries/liblber/io.c:249                                                  
#11 0x00007ffff7f7e0a7 in ldap_int_flush_request (ld=ld@entry=0x5555555834e0, lr=lr@entry=0x5555555c6cb0) at ../../../../libraries/libldap/request.c:186                                       
#12 0x00007ffff7f8001f in ldap_send_server_request (ld=ld@entry=0x5555555834e0, ber=ber@entry=0x5555555c7c90, msgid=msgid@entry=4, parentreq=parentreq@entry=0x0, srvlist=srvlist@entry=0x0,   
    lc=<optimized out>, lc@entry=0x0, bind=0x0, m_noconn=0, m_res=0) at ../../../../libraries/libldap/request.c:412                                                                            
#13 0x00007ffff7f80415 in ldap_send_initial_request (ld=0x5555555834e0, msgtype=<optimized out>, dn=<optimized out>, ber=0x5555555c7c90, msgid=4)                                              
    at ../../../../libraries/libldap/request.c:169                                                                                                                                             
#14 0x00007ffff7f6fa25 in ldap_extended_operation (ld=ld@entry=0x5555555834e0, reqoid=reqoid@entry=0x7ffff7f9f9f0 "1.3.6.1.4.1.4203.1.11.3", reqdata=reqdata@entry=0x0,                        
    sctrls=sctrls@entry=0x0, cctrls=cctrls@entry=0x0, msgidp=msgidp@entry=0x7fffffffe168) at ../../../../libraries/libldap/extended.c:127                                                      
#15 0x00007ffff7f70267 in ldap_whoami (ld=ld@entry=0x5555555834e0, sctrls=sctrls@entry=0x0, cctrls=cctrls@entry=0x0, msgidp=msgidp@entry=0x7fffffffe168)                                       
    at ../../../../libraries/libldap/whoami.c:71                                                                                                                                               
#16 0x0000555555558c6e in main (argc=<optimized out>, argv=<optimized out>) at ../../../../clients/tools/ldapwhoami.c:142

Still gathering more details.

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-05-17:

#3

https://github.com/cyrusimap/cyrus-sasl/pull/668

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-05-17:

#4

https://github.com/cyrusimap/cyrus-sasl/pull/653

https://github.com/cyrusimap/cyrus-sasl/issues/665

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-05-18:

#5

Submitted python-bonsai DEP8 fixes to Debian via https://salsa.debian.org/python-team/packages/python-bonsai/-/merge_requests/1

Bug Watch Updater (bug-watch-updater) on 2022-05-18

Changed in cyrus-sasl2 (Debian):
status:	Unknown → New

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-05-19:

#6

Submitted the cyrus-sasl2 fix to Debian via https://salsa.debian.org/debian/cyrus-sasl2/-/merge_requests/11

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-05-19:

#7

Bileto is green: https://bileto.ubuntu.com/#/ticket/4852

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-05-20:

#8

A fixed cyrus-sasl2 is in kinetic-proposed.

Bug Watch Updater (bug-watch-updater) on 2022-05-22

Changed in cyrus-sasl2 (Debian):
status:	New → Fix Released

Revision history for this message

Andreas Hasenack (ahasenack) wrote on 2022-05-23:

#9

Fixed in https://launchpad.net/ubuntu/+source/cyrus-sasl2/2.1.28+dfsg-6

Changed in cyrus-sasl2 (Ubuntu):
status:	In Progress → Fix Released

Affects		Status	Importance	Assigned to	Milestone
	cyrus-sasl2 (Debian)	Fix Released	Unknown	debbugs #1011249
	cyrus-sasl2 (Ubuntu)	Fix Released	High	Andreas Hasenack

Ubuntu
cyrus-sasl2 package

Crash when using DIGEST-MD5 with SSF>=128

Bug Description

Other bug subscribers

Remote bug watches

Ubuntucyrus-sasl2 package

Crash when using DIGEST-MD5 with SSF>=128

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
cyrus-sasl2 package