Binary compatibility between 0.9.7g and 0.9.7h?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

Binary compatibility between 0.9.7g and 0.9.7h?

Andreas Haumer
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi!

I just tried to upgrade from openssl-0.9.7g to 0.9.7h
and noticed that my openssh-4.2p1 server and clients now
crash with segfault with the new openssl shared library!
I tested this on two installations and both had this problem.

Re-compiling the openssh sources against the new openssl
library headers seems to cure the problem, but still this
is an unfortunate situation as a lot of other packages
depend on the openssl libraries. I don't want to risk
system stability by installing security updates... ;-)

I did a quick test with some other major packages (squid,
sendmail, bind, apache, cyrus-imapd), but only openssh
seems to be affected so far.

This is under linux with glibc-2.3.5

Is this expected behaviour?
I haven't found any obvious hint in the README or CHANGES
files...

- - andreas

- --
Andreas Haumer                     | mailto:[hidden email]
*x Software + Systeme              | http://www.xss.co.at/
Karmarschgasse 51/2/20             | Tel: +43-1-6060114-0
A-1100 Vienna, Austria             | Fax: +43-1-6060114-71
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDS8DtxJmyeGcXPhERAkVdAKCSjTigfmcI/l8mPER82MMHkLxb9QCbBdB8
aHB+XFTjVuu5ZlUWNaJNA3E=
=4WuY
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Binary compatibility between 0.9.7g and 0.9.7h?

Jorey Bump
Andreas Haumer wrote:

> I just tried to upgrade from openssl-0.9.7g to 0.9.7h
> and noticed that my openssh-4.2p1 server and clients now
> crash with segfault with the new openssl shared library!
> I tested this on two installations and both had this problem.
>
> Re-compiling the openssh sources against the new openssl
> library headers seems to cure the problem, but still this
> is an unfortunate situation as a lot of other packages
> depend on the openssl libraries. I don't want to risk
> system stability by installing security updates... ;-)
>
> I did a quick test with some other major packages (squid,
> sendmail, bind, apache, cyrus-imapd), but only openssh
> seems to be affected so far.
>
> This is under linux with glibc-2.3.5

What distribution of Linux are you using? openssl is one of those
packages you might not want to replace if you want to stay in sync with
your distribution's security/bugfix updates. In many cases, you should
ignore the version of a package because the maintainers will backport
security fixes without updating the version string. This is very common
with openssl.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Binary compatibility between 0.9.7g and 0.9.7h?

Andreas Haumer
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi!

Jorey Bump schrieb:
[...]
>
> What distribution of Linux are you using? openssl is one of those
> packages you might not want to replace if you want to stay in sync with
> your distribution's security/bugfix updates. In many cases, you should
> ignore the version of a package because the maintainers will backport
> security fixes without updating the version string. This is very common
> with openssl.

This is our own Linux distribution and _I_ am the maintainer
of it, so _I_ have to check for security fixes and updates!
I do this for about ten years now, so I'm quite used to the
procedure... ;-)

This is the first time I saw a binary incompatibility
problem between minor updates with the openssl libraries,
so I figured I'd rather report it...

- - andreas

- --
Andreas Haumer                     | mailto:[hidden email]
*x Software + Systeme              | http://www.xss.co.at/
Karmarschgasse 51/2/20             | Tel: +43-1-6060114-0
A-1100 Vienna, Austria             | Fax: +43-1-6060114-71
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDS9eTxJmyeGcXPhERAm2UAJ99njDWOa+pJ1vPm9t2FhDFD8ToDACglsUS
F0f2KTMdw2WbHSzv5IL5k/g=
=6FkZ
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Binary compatibility between 0.9.7g and 0.9.7h?

Dawn Keenan
In reply to this post by Andreas Haumer
> I just tried to upgrade from openssl-0.9.7g to 0.9.7h
> and noticed that my openssh-4.2p1 server and clients now
> crash with segfault with the new openssl shared library!
> I tested this on two installations and both had this problem.

We are experiencing the same problem with the 0.9.7g to 0.9.7h
upgrade on a Solaris 8 system, using OpenSSH 4.0p1 with shared
libraries.  An OpenSSH rebuild to fix the problem is in progress.

--
Dawn Keenan
Information Systems and Technology, University of Waterloo
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Binary compatibility between 0.9.7g and 0.9.7h?

Thomas J. Hruska
Dawn Keenan wrote:

>>I just tried to upgrade from openssl-0.9.7g to 0.9.7h
>>and noticed that my openssh-4.2p1 server and clients now
>>crash with segfault with the new openssl shared library!
>>I tested this on two installations and both had this problem.
>
>
> We are experiencing the same problem with the 0.9.7g to 0.9.7h
> upgrade on a Solaris 8 system, using OpenSSH 4.0p1 with shared
> libraries.  An OpenSSH rebuild to fix the problem is in progress.
>
> --
> Dawn Keenan
> Information Systems and Technology, University of Waterloo

I was going to build Win32 OpenSSL 0.9.7h (Installation Project) and
release it later today, but since people are experiencing binary
compatability issues, I'll hold off until Richard or someone can verify
that I'm not going to be deluged with "Your upgrade broke my software"
requests.  I'll download the source later and look at the CHANGELOG and
diff the source to see what might have broken things, but a security fix
shouldn't be breaking binary compatability.  It will probably be several
days before this gets sorted out.  Apologies for any inconvienence.

--
Thomas Hruska
Shining Light Productions

Home of BMP2AVI, Nuclear Vision, ProtoNova, and Win32 OpenSSL.
http://www.slproweb.com/

Ask me about discounts on any Shining Light Productions product!

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Binary compatibility between 0.9.7g and 0.9.7h?

JoelKatz
In reply to this post by Andreas Haumer

> I just tried to upgrade from openssl-0.9.7g to 0.9.7h
> and noticed that my openssh-4.2p1 server and clients now
> crash with segfault with the new openssl shared library!
> I tested this on two installations and both had this problem.

        We discovered similar problems caused by a change in the size of the
EVP_MD_CTX structure. We fixed it by changing code like:

EVP_MD_CTX ctx;

        to

EVP_MD_CTX *ctx=EVP_MD_CTX_create();
...
EVP_MD_CTX_destroy(ctx);

        DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Binary compatibility between 0.9.7g and 0.9.7h?

Andy Polyakov
>>I just tried to upgrade from openssl-0.9.7g to 0.9.7h
>>and noticed that my openssh-4.2p1 server and clients now
>>crash with segfault with the new openssl shared library!
>>I tested this on two installations and both had this problem.
>
> We discovered similar problems caused by a change in the size of the
> EVP_MD_CTX structure.

Double-check that http://cvs.openssl.org/chngview?cn=14514 fixes the
problem.

> We fixed it by changing code like:
>
> EVP_MD_CTX ctx;
>
> to
>
> EVP_MD_CTX *ctx=EVP_MD_CTX_create();
> ...
> EVP_MD_CTX_destroy(ctx);

Admirable attitute and proper solution. A.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Binary compatibility between 0.9.7g and 0.9.7h?

Richard Levitte - VMS Whacker-2
In reply to this post by JoelKatz
In message <[hidden email]> on Tue, 11 Oct 2005 10:22:00 -0700, "David Schwartz" <[hidden email]> said:

davids> > I just tried to upgrade from openssl-0.9.7g to 0.9.7h
davids> > and noticed that my openssh-4.2p1 server and clients now
davids> > crash with segfault with the new openssl shared library!
davids> > I tested this on two installations and both had this
davids> > problem.
davids>
davids> We discovered similar problems caused by a change in the size
davids> of the EVP_MD_CTX structure. We fixed it by changing code
davids> like:
davids>
davids> EVP_MD_CTX ctx;
davids>
davids> to
davids>
davids> EVP_MD_CTX *ctx=EVP_MD_CTX_create();
davids> ...
davids> EVP_MD_CTX_destroy(ctx);

Correct analysis.

What's happened is that the FIPS functions for SHA224, SHA256, SHA384
and SHA512 were added.  They require a larger EVP_MAX_MD_SIZE.  The
functions were wrapped with an #ifdef OPENSSL_FIPS, while
EVP_MAX_MD_SIZE was forgotten in that process.

To say it straight out, we fucked up!

The patch to correct the problem is quite easy, though, and you can
find it attached to this letter.

My recommendation is to apply that patch unconditionally.  The
security issue that caused the release of 0.9.7h is serious enough not
to disregard this release and instead go through the hoops of applying
an extra patch.

Cheers,
Richard

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte         [hidden email]
OpenSSL Project         http://www.openssl.org/~levitte/



Index: crypto/evp/evp.h
===================================================================
RCS file: /e/openssl/cvs/openssl/crypto/evp/evp.h,v
retrieving revision 1.86.2.19
diff -u -r1.86.2.19 evp.h
--- crypto/evp/evp.h 17 May 2005 19:48:42 -0000 1.86.2.19
+++ crypto/evp/evp.h 11 Oct 2005 19:51:13 -0000
@@ -132,7 +132,11 @@
 #define EVP_CAST5_KEY_SIZE 16
 #define EVP_RC5_32_12_16_KEY_SIZE 16
 */
+#ifdef OPENSSL_FIPS
 #define EVP_MAX_MD_SIZE 64 /* longest known SHA512 */
+#else
+#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
+#endif
 #define EVP_MAX_KEY_LENGTH 32
 #define EVP_MAX_IV_LENGTH 16
 #define EVP_MAX_BLOCK_LENGTH 32
Reply | Threaded
Open this post in threaded view
|

Re: Binary compatibility between 0.9.7g and 0.9.7h?

Richard Levitte - VMS Whacker
In message <[hidden email]> on Tue, 11 Oct 2005 21:53:23 +0200 (CEST), Richard Levitte - VMS Whacker <[hidden email]> said:

levitte> The patch to correct the problem is quite easy, though, and
levitte> you can find it attached to this letter.

That patch isn't enough, apparently.  Follow Andy's directions
instead.

Cheers,
Richard

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte                         [hidden email]
                                        http://richard.levitte.org/

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Binary compatibility between 0.9.7g and 0.9.7h?

Matthias Buecher / Germany
In reply to this post by Richard Levitte - VMS Whacker-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Do I have to apply this to 0.9.8a too?

Matthias "Maddes" B├╝cher


On 11.10.2005 21:53, Richard Levitte - VMS Whacker wrote:

> Correct analysis.
>
> What's happened is that the FIPS functions for SHA224, SHA256,
> SHA384 and SHA512 were added. They require a larger
> EVP_MAX_MD_SIZE. The functions were wrapped with an #ifdef
> OPENSSL_FIPS, while EVP_MAX_MD_SIZE was forgotten in that process.
>
> The patch to correct the problem is quite easy, though, and you can
> find it attached to this letter.
>
> My recommendation is to apply that patch unconditionally. The
> security issue that caused the release of 0.9.7h is serious enough
> not to disregard this release and instead go through the hoops of
> applying an extra patch.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
 
iD8DBQFDTBvDUXXT+9wZdbURAsuxAKCbwRrZWtuM/hST7JJQW7qQKIo+2gCg0WOY
awCBYQk+Q9dQwg/haRemcrk=
=aqtv
-----END PGP SIGNATURE-----



--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.11.14/128 - Release Date: 10.10.2005

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Binary compatibility between 0.9.7g and 0.9.7h?

Richard Levitte - VMS Whacker
In message <[hidden email]> on Tue, 11 Oct 2005 22:08:35 +0200, "Matthias Buecher / Germany" <[hidden email]> said:

maddes.b> Do I have to apply this to 0.9.8a too?

No, this is a 0.9.7h issue only.

Cheers,
Richard

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte                         [hidden email]
                                        http://richard.levitte.org/

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Binary compatibility between 0.9.7g and 0.9.7h?

Andy Polyakov
In reply to this post by Matthias Buecher / Germany
> Do I have to apply this to 0.9.8a too?

NO. A.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]