Bug#1014517:

[Julian Andres Klode]

On Wed, Jul 26, 2023 at 01:21:58PM -0400, Dillon Amburgey wrote:
> I understand and agree the behavior doesn't quite make sense.
> While I know this code has not recently changed inside apt, I believe
> it must have recently started expressing itself when combined with
> some other change on the mirrors or in the release process.

> 
> I do think this is a regression in a practical sense compared to
> oldstable. I'm currently unable to create new containers for stable
> but am able to for oldstable:

Debian is not a FIPS certified platform, nor has it been tested
on kernels with the FIPS flag enabled. As such, there will be
plenty of bugs like that in a stable release.

If you want to work on a Debian that runs on FIPS kernels, by 
all means, you are free to work on that for future versions. I
do not think however that people will be very agreeable to NSA
cryptoscams.


-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Bug#1014517:

[Dillon Amburgey]

I understand and agree the behavior doesn't quite make sense.
While I know this code has not recently changed inside apt, I believe
it must have recently started expressing itself when combined with
some other change on the mirrors or in the release process.

I do think this is a regression in a practical sense compared to
oldstable. I'm currently unable to create new containers for stable
but am able to for oldstable:
➜  ~ docker run  -it --rm debian:oldstable apt update
Unable to find image 'debian:oldstable' locally
oldstable: Pulling from library/debian
70705a13f194: Pull complete
Digest: sha256:2053cf94aadec2cc167488183a928165313c281b954d042d45ba65cb84459fde
Status: Downloaded newer image for debian:oldstable
Get:1 http://deb.debian.org/debian oldstable InRelease [116 kB]
Get:2 http://deb.debian.org/debian-security oldstable-security
InRelease [48.4 kB]
Get:3 http://deb.debian.org/debian oldstable-updates InRelease [44.1 kB]
Get:4 http://deb.debian.org/debian oldstable/main amd64 Packages [8183 kB]
Get:5 http://deb.debian.org/debian-security oldstable-security/main
amd64 Packages [252 kB]
Get:6 http://deb.debian.org/debian oldstable-updates/main amd64
Packages [14.8 kB]
Fetched 8658 kB in 2s (3764 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.
➜  ~ docker run -it --rm debian:stable apt update
Get:1 http://deb.debian.org/debian stable InRelease [151 kB]
Get:2 http://deb.debian.org/debian stable-updates InRelease [52.1 kB]
Get:3 http://deb.debian.org/debian-security stable-security InRelease [48.0 kB]
Get:4 http://deb.debian.org/debian stable/main amd64 Packages [8906 kB]
Get:5 http://deb.debian.org/debian stable-updates/main amd64 Packages [4732 B]
Get:6 http://deb.debian.org/debian-security stable-security/main amd64
Packages [48.0 kB]
Fetched 9210 kB in 2s (4051 kB/s)
fatal error in libgcrypt, file ../../src/misc.c, line 92, function
_gcry_fatal_error: requested algo not in md context

Fatal error: requested algo not in md context

I was able to reproduce this behavior on a fresh EC2 instance with AMI
ID ami-0f2bfd15cb2cab7e0, so I don't think it should have anything to
do with our particular environment.

Is there any other information I can provide?

On Wed, Jul 26, 2023 at 10:55 AM Julian Andres Klode  wrote:
>
> On Mon, Jul 24, 2023 at 10:35:35PM -0400, Dillon Amburgey wrote:
> > I have seen this as well. This has recently started breaking apt
> > update on bookworm docker images as well as images built off bookworm
> > (e.g. python:3.8)
> >
> > This can be easily reproduced on FIPS-enabled hosts:
> > docker run  -it --rm debian:bookworm apt update
> > Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
> > Get:2 http://deb.debian.org/debian bookworm-updates InRelease [52.1 kB]
> > Get:3 http://deb.debian.org/debian-security bookworm-security
> > InRelease [48.0 kB]
> > Get:4 http://deb.debian.org/debian bookworm/main amd64 Packages [8906 kB]
> > Get:5 http://deb.debian.org/debian bookworm-updates/main amd64 Packages 
> > [4732 B]
> > Get:6 http://deb.debian.org/debian-security bookworm-security/main
> > amd64 Packages [48.0 kB]
> > Fetched 9210 kB in 2s (4169 kB/s)
> > fatal error in libgcrypt, file ../../src/misc.c, line 92, function
> > _gcry_fatal_error: requested algo not in md context
> >
> > Fatal error: requested algo not in md context
> >
> > I also was able to use snapshot.debian.org to isolate when the
> > failures started. 20230722T085252Z was the last good snapshot with
> > 20230722T110049Z being the first failing snapshot.
> > docker run -v .:/etc/apt/sources.list.d/:ro -it --rm debian:bookworm apt 
> > update
> > Get:1 http://snapshot.debian.org/archive/debian/20230722T110049Z
> > bookworm InRelease [151 kB]
> > Get:2 http://snapshot.debian.org/archive/debian/20230722T110049Z
> > bookworm-updates InRelease [52.1 kB]
> > Get:3 http://snapshot.debian.org/archive/debian-security/20230722T110049Z
> > bookworm-security InRelease [48.0 kB]
> > Get:4 http://snapshot.debian.org/archive/debian/20230722T110049Z
> > bookworm/main amd64 Packages [8906 kB]
> > Get:5 http://snapshot.debian.org/archive/debian/20230722T110049Z
> > bookworm-updates/main amd64 Packages [4732 B]
> > Get:6 http://snapshot.debian.org/archive/debian-security/20230722T110049Z
> > bookworm-security/main amd64 Packages [48.0 kB]
> > Fetched 9210 kB in 1min 8s (136 kB/s)
> > fatal error in libgcrypt, file ../../src/misc.c, line 92, function
> > _gcry_fatal_error: requested algo not in md context
> >
> > Fatal error: requested algo not in md context
> >
> > docker run -v .:/etc/apt/sources.list.d/:ro -it --rm debian:bookworm apt 
> > update
> > Get:1 http://snapshot.debian.org/archive/debian/20230722T085252Z
> > bookworm InRelease [147 kB]
> > Get:2 http://snapshot.debian.org/archive/debian/20230722T085252Z
> > bookworm-updates InRelease [52.1 kB]
> > Get:3 http://snapshot.debian.org/archive/debian-security/20230722T085252Z
> > 

Bug#1014517:

[Julian Andres Klode]

On Mon, Jul 24, 2023 at 10:35:35PM -0400, Dillon Amburgey wrote:
> I have seen this as well. This has recently started breaking apt
> update on bookworm docker images as well as images built off bookworm
> (e.g. python:3.8)
> 
> This can be easily reproduced on FIPS-enabled hosts:
> docker run  -it --rm debian:bookworm apt update
> Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
> Get:2 http://deb.debian.org/debian bookworm-updates InRelease [52.1 kB]
> Get:3 http://deb.debian.org/debian-security bookworm-security
> InRelease [48.0 kB]
> Get:4 http://deb.debian.org/debian bookworm/main amd64 Packages [8906 kB]
> Get:5 http://deb.debian.org/debian bookworm-updates/main amd64 Packages [4732 
> B]
> Get:6 http://deb.debian.org/debian-security bookworm-security/main
> amd64 Packages [48.0 kB]
> Fetched 9210 kB in 2s (4169 kB/s)
> fatal error in libgcrypt, file ../../src/misc.c, line 92, function
> _gcry_fatal_error: requested algo not in md context
> 
> Fatal error: requested algo not in md context
> 
> I also was able to use snapshot.debian.org to isolate when the
> failures started. 20230722T085252Z was the last good snapshot with
> 20230722T110049Z being the first failing snapshot.
> docker run -v .:/etc/apt/sources.list.d/:ro -it --rm debian:bookworm apt 
> update
> Get:1 http://snapshot.debian.org/archive/debian/20230722T110049Z
> bookworm InRelease [151 kB]
> Get:2 http://snapshot.debian.org/archive/debian/20230722T110049Z
> bookworm-updates InRelease [52.1 kB]
> Get:3 http://snapshot.debian.org/archive/debian-security/20230722T110049Z
> bookworm-security InRelease [48.0 kB]
> Get:4 http://snapshot.debian.org/archive/debian/20230722T110049Z
> bookworm/main amd64 Packages [8906 kB]
> Get:5 http://snapshot.debian.org/archive/debian/20230722T110049Z
> bookworm-updates/main amd64 Packages [4732 B]
> Get:6 http://snapshot.debian.org/archive/debian-security/20230722T110049Z
> bookworm-security/main amd64 Packages [48.0 kB]
> Fetched 9210 kB in 1min 8s (136 kB/s)
> fatal error in libgcrypt, file ../../src/misc.c, line 92, function
> _gcry_fatal_error: requested algo not in md context
> 
> Fatal error: requested algo not in md context
> 
> docker run -v .:/etc/apt/sources.list.d/:ro -it --rm debian:bookworm apt 
> update
> Get:1 http://snapshot.debian.org/archive/debian/20230722T085252Z
> bookworm InRelease [147 kB]
> Get:2 http://snapshot.debian.org/archive/debian/20230722T085252Z
> bookworm-updates InRelease [52.1 kB]
> Get:3 http://snapshot.debian.org/archive/debian-security/20230722T085252Z
> bookworm-security InRelease [48.0 kB]
> Get:4 http://snapshot.debian.org/archive/debian-debug/20230722T085252Z
> bookworm-debug InRelease [49.8 kB]
> Get:5 http://snapshot.debian.org/archive/debian/20230722T085252Z
> bookworm/main amd64 Packages [8904 kB]
> Ign:5 http://snapshot.debian.org/archive/debian/20230722T085252Z
> bookworm/main amd64 Packages
> Get:6 http://snapshot.debian.org/archive/debian/20230722T085252Z
> bookworm-updates/main amd64 Packages [4732 B]
> Get:7 http://snapshot.debian.org/archive/debian-security/20230722T085252Z
> bookworm-security/main amd64 Packages [48.0 kB]
> Get:8 http://snapshot.debian.org/archive/debian-debug/20230722T085252Z
> bookworm-debug/main amd64 Packages [3564 kB]
> Get:5 http://snapshot.debian.org/archive/debian/20230722T085252Z
> bookworm/main amd64 Packages [8904 kB]
> Ign:5 http://snapshot.debian.org/archive/debian/20230722T085252Z
> bookworm/main amd64 Packages
> Get:5 http://snapshot.debian.org/archive/debian/20230722T085252Z
> bookworm/main amd64 Packages [8904 kB]
> Fetched 11.2 MB in 5min 13s (35.9 kB/s)
> Reading package lists... Done
> Building dependency tree... Done
> Reading state information... Done
> All packages are up to date.
> 

This doesn't make sense, let's be clear about this. MD5 is an integral
part of the archive, it doesn't suddenly pop up, and APT uses any MD5
it can find as an additional (untrusted) hash.

And APT itself has been using libgcrypt for hashing since 1.9.6;
oldstable is shipping 2.2.4.

This is fixed in 2.7.2, fsvo of fixed. I do believe that this is
bullshit and libgcrypt's FIPS mode should be entirely disabled,
as in Ubuntu, as Debian's libgcrypt is not FIPS certified.

As this is not a regression vs oldstable, and we realistically
may be preempting configuration of libgcrypt by applications using
the apt-pkg library, I do not think this is a change that should
be released to a stable update.

I did pick it for unstable and testing, but ultimately we need
to replace libgcrypt with nettle.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Bug#1014517:

[Dillon Amburgey]

I have seen this as well. This has recently started breaking apt
update on bookworm docker images as well as images built off bookworm
(e.g. python:3.8)

This can be easily reproduced on FIPS-enabled hosts:
docker run  -it --rm debian:bookworm apt update
Get:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
Get:2 http://deb.debian.org/debian bookworm-updates InRelease [52.1 kB]
Get:3 http://deb.debian.org/debian-security bookworm-security
InRelease [48.0 kB]
Get:4 http://deb.debian.org/debian bookworm/main amd64 Packages [8906 kB]
Get:5 http://deb.debian.org/debian bookworm-updates/main amd64 Packages [4732 B]
Get:6 http://deb.debian.org/debian-security bookworm-security/main
amd64 Packages [48.0 kB]
Fetched 9210 kB in 2s (4169 kB/s)
fatal error in libgcrypt, file ../../src/misc.c, line 92, function
_gcry_fatal_error: requested algo not in md context

Fatal error: requested algo not in md context

I also was able to use snapshot.debian.org to isolate when the
failures started. 20230722T085252Z was the last good snapshot with
20230722T110049Z being the first failing snapshot.
docker run -v .:/etc/apt/sources.list.d/:ro -it --rm debian:bookworm apt update
Get:1 http://snapshot.debian.org/archive/debian/20230722T110049Z
bookworm InRelease [151 kB]
Get:2 http://snapshot.debian.org/archive/debian/20230722T110049Z
bookworm-updates InRelease [52.1 kB]
Get:3 http://snapshot.debian.org/archive/debian-security/20230722T110049Z
bookworm-security InRelease [48.0 kB]
Get:4 http://snapshot.debian.org/archive/debian/20230722T110049Z
bookworm/main amd64 Packages [8906 kB]
Get:5 http://snapshot.debian.org/archive/debian/20230722T110049Z
bookworm-updates/main amd64 Packages [4732 B]
Get:6 http://snapshot.debian.org/archive/debian-security/20230722T110049Z
bookworm-security/main amd64 Packages [48.0 kB]
Fetched 9210 kB in 1min 8s (136 kB/s)
fatal error in libgcrypt, file ../../src/misc.c, line 92, function
_gcry_fatal_error: requested algo not in md context

Fatal error: requested algo not in md context

docker run -v .:/etc/apt/sources.list.d/:ro -it --rm debian:bookworm apt update
Get:1 http://snapshot.debian.org/archive/debian/20230722T085252Z
bookworm InRelease [147 kB]
Get:2 http://snapshot.debian.org/archive/debian/20230722T085252Z
bookworm-updates InRelease [52.1 kB]
Get:3 http://snapshot.debian.org/archive/debian-security/20230722T085252Z
bookworm-security InRelease [48.0 kB]
Get:4 http://snapshot.debian.org/archive/debian-debug/20230722T085252Z
bookworm-debug InRelease [49.8 kB]
Get:5 http://snapshot.debian.org/archive/debian/20230722T085252Z
bookworm/main amd64 Packages [8904 kB]
Ign:5 http://snapshot.debian.org/archive/debian/20230722T085252Z
bookworm/main amd64 Packages
Get:6 http://snapshot.debian.org/archive/debian/20230722T085252Z
bookworm-updates/main amd64 Packages [4732 B]
Get:7 http://snapshot.debian.org/archive/debian-security/20230722T085252Z
bookworm-security/main amd64 Packages [48.0 kB]
Get:8 http://snapshot.debian.org/archive/debian-debug/20230722T085252Z
bookworm-debug/main amd64 Packages [3564 kB]
Get:5 http://snapshot.debian.org/archive/debian/20230722T085252Z
bookworm/main amd64 Packages [8904 kB]
Ign:5 http://snapshot.debian.org/archive/debian/20230722T085252Z
bookworm/main amd64 Packages
Get:5 http://snapshot.debian.org/archive/debian/20230722T085252Z
bookworm/main amd64 Packages [8904 kB]
Fetched 11.2 MB in 5min 13s (35.9 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.

Bug#1014517: apt - Fails in FIPS mode in libgcrypt

[A. Maitland Bottoms]

So I see in the changes to libgcrypt since bullseye that there have
been some changes in the initialization on systems where FIPS is
enabled.

The attached patch has "works for me" status, and I feel that it is the
correct way to continue to have apt function as expected on a FIPS
enabled system.

I added a GCRYCTL_NO_FIPS_MODE setting in maybeInit() in
apt-pkg/contrib/hashes.cc
And, since the value of the enum GCRYCTL_NO_FIPS_MODE appeared just
before the release of libgcrypt 1.10.0, I added that version dependency
to the debian/control file.

Control: tag -1 patch

-Maitland

enc:
0001-Do-not-fail-on-systems-running-in-FIPSmode.patch

From 4df25d8781f56036e921792fdd48abd5f2084d98 Mon Sep 17 00:00:00 2001
From: "A. Maitland Bottoms" 
Date: Sun, 28 May 2023 15:12:36 -0400
Subject: [PATCH] Do not fail on systems running in FIPSmode.

Initialize using gcrypt's GCRYCTL_NO_FIPS_MODE, available since
gcrypt version 1.10.0, otherwise apt aborts on FIPS enabled systems.
---
 apt-pkg/contrib/hashes.cc | 3 +++
 debian/changelog  | 6 ++
 debian/control| 2 +-
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/apt-pkg/contrib/hashes.cc b/apt-pkg/contrib/hashes.cc
index 313b1d37d..80b9bbf3f 100644
--- a/apt-pkg/contrib/hashes.cc
+++ b/apt-pkg/contrib/hashes.cc
@@ -330,6 +330,9 @@ public:
 	exit(2);
 	 }
 
+	 // It is OK for apt to use MD5.
+	 gcry_control(GCRYCTL_NO_FIPS_MODE, 0);
+
 	 gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
   }
}
diff --git a/debian/changelog b/debian/changelog
index 5961148d2..e279ad0d5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+apt (2.6.2) unstable; urgency=medium
+
+  * Do not fail on systems running in FIPSmode. (Closes: #1014517)
+
+ -- A. Maitland Bottoms   Sun, 28 May 2023 11:28:37 -0400
+
 apt (2.6.1) unstable; urgency=medium
 
   * Restore adduser dependency for bookworm.
diff --git a/debian/control b/debian/control
index 58c6be15e..6f3ceb81e 100644
--- a/debian/control
+++ b/debian/control
@@ -17,7 +17,7 @@ Build-Depends: cmake (>= 3.4),
libbz2-dev,
libdb-dev,
libgnutls28-dev (>= 3.4.6),
-   libgcrypt20-dev,
+   libgcrypt20-dev (>=1.10.0),
liblz4-dev (>= 0.0~r126),
liblzma-dev,
libseccomp-dev (>= 2.4.2) [amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x hppa powerpc powerpcspe ppc64 x32],
-- 
2.39.2

Bug#1014517: apt - Fails in FIPS mode in libgcrypt

[Bastian Blank]

Package: apt
Version: 2.5.1
Severity: normal

"apt update" fails if the system runs in FIPS mode:

| # apt update
| Hit:2 http://deb.debian.org/debian-debug sid InRelease
| fatal error in libgcrypt, file ../../src/misc.c, line 92, function 
_gcry_fatal_error: requested algo not in md context
| 
| Fatal error: requested algo not in md context
| Aborted

The backtrace is:

| #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:49
| #1  0xf78a630c in __GI_abort () at abort.c:79
| #2  0xf75ce110 in _gcry_fatal_error (rc=rc@entry=5, 
text=text@entry=0xf765cb80 "requested algo not in md context") at 
../../src/misc.c:97
| #3  0xf75e65b0 in md_read (algo=, a=, 
a=) at ../../cipher/md.c:1095
| #4  0xf7e435ac in HexDigest (hd=, algo=) at ./apt-pkg/contrib/hashes.cc:429
| #5  0xf7e44a18 in Hashes::GetHashString 
(this=this@entry=0xe6d8, hash=hash@entry=Hashes::MD5SUM) at 
./apt-pkg/contrib/hashes.cc:457
| #6  0xf7e5bfd4 in debListParser::Description_md5 
(this=0xaad9cf10) at ./apt-pkg/deb/deblistparser.cc:295
| #7  0xf7ecc020 in pkgCacheGenerator::MergeListVersion 
(this=this@entry=0xaab31470, List=..., Pkg=..., Version=..., 
OutVer=@0xe8c8: 0x0) at ./apt-pkg/pkgcachegen.cc:490
| #8  0xf7ecdb0c in pkgCacheGenerator::MergeList 
(this=this@entry=0xaab31470, List=..., OutVer=, 
OutVer@entry=0x0) at ./apt-pkg/pkgcachegen.cc:286
| #9  0xf7eb030c in pkgDebianIndexFile::Merge (this=, 
Gen=..., Prog=) at ./apt-pkg/indexfile.cc:348
| #10 0xf7ec8ef4 in operator() 
(__closure=__closure@entry=0xebc0, I=0xaab0a340) at 
./apt-pkg/pkgcachegen.cc:1557
| #11 0xf7ecedb4 in 
std::for_each<__gnu_cxx::__normal_iterator >, BuildCache(pkgCacheGenerator&, OpProgress*, 
map_filesize_t&, map_filesize_t, const pkgSourceList*, FileIterator, 
FileIterator):: > (__f=..., __last=0x0, 
__first=0xaab0a340) at /usr/include/c++/11/bits/stl_algo.h:3820
| #12 BuildCache (Gen=..., Progress=, 
Progress@entry=0xf280, CurrentSize=@0xecf0: 100043188, 
TotalSize=, TotalSize@entry=100043188, 
| List=List@entry=0x0, Start=..., End=...) at ./apt-pkg/pkgcachegen.cc:1586
| #13 0xf7ed0994 in pkgCacheGenerator::MakeStatusCache (List=..., 
Progress=Progress@entry=0xf280, OutMap=OutMap@entry=0xef18, 
OutCache=OutCache@entry=0xef20)
| at /usr/include/c++/11/bits/stl_iterator.h:1026
| #14 0xf7e0b2dc in pkgCacheFile::BuildCaches (this=0xf0c0, 
Progress=0xf280, WithLock=) at ./apt-pkg/cachefile.cc:127
| #15 0xf7f9e6fc in DoUpdate(CommandLine&) () from 
/lib/aarch64-linux-gnu/libapt-private.so.0.0
| #16 0xf7e27d20 in CommandLine::DispatchArg (this=0xf448, 
Map=, NoMatch=true) at ./apt-pkg/contrib/cmndline.cc:369
| #17 0xf7f633f4 in DispatchCommandLine(CommandLine&, 
std::vector > 
const&) ()
|from /lib/aarch64-linux-gnu/libapt-private.so.0.0
| #18 0x1898 in ?? ()
| #19 0xf78a6614 in __libc_start_main (main=0x17c0, argc=2, 
argv=0xf5d8, init=, fini=, 
rtld_fini=, 
| stack_end=) at ../csu/libc-start.c:332
| #20 0x19b8 in ?? ()

In FIPS mode MD5 is not allowed, so every usage results in a fatal error.

One workarounds would be:
Check for FIPS mode with gcry_fips_mode_active and don't try to use it
then.

Bastian

-- Package-specific info:

-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.18.0-2-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

-- no debconf information