Hi OpenSSL Dev, Is there any investigation progress of this isse? Thank you!
> Subject: [openssl.org #1682] AutoReply: BIO_snprintf can NOT work properly on > HPUX 11.23 IA for 32bits mode > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Date: Thu, 29 May 2008 09:30:40 +0200 > > > Greetings, > > This message has been automatically generated in response to the > creation of a trouble ticket regarding: > 'BIO_snprintf can NOT work properly on HPUX 11.23 IA for 32bits mode', > a summary of which appears below. > > There is no need to reply to this message right now. Your ticket has been > assigned an ID of [openssl.org #1682]. > > Please include the string: > > [openssl.org #1682] > > in the subject line of all future correspondence about this issue. To do so, > you may reply to this message. > > Thank you, > [EMAIL PROTECTED] > > ------------------------------------------------------------------------- > > Hi OpenSSL Dev, > > I may find one bug of OpenSSL. > The machine I used is HPUX 11.23 IA box. > # uname -a > HP-UX sshia1 B.11.23 U ia64 3432702471 unlimited-user license > > The issue I met is described in detail as follows. > > Step1 > I download openssl-0.9.7m.tar.gz and openssl-fips-1.1.2.tar.gz from official > openssl site. > Step2 > I try to build FIPS Capable OpenSSL according to the openssl FIPS 140-2 User > Guide. > It works fine. > Step3 > I download openssh-5.0p1.tar.gz from http://www.openssh.org/ site and use > fipsld to link ssh with the previous generated FIPS Capable OpenSSL > libcrypto.a according to FIPS 140-2 User Guide. > Everything is fine. > Step4 > One odd issue happens. > I can 'ssh -1 localhost' (use ssh protocol 1) to connect sshd server for the > first time. But for the next time, 'ssh -1 localhost' gives message: > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > Someone could be eavesdropping on you right now (man-in-the-middle attack)! > It is also possible that the RSA1 host key has just been changed. > The fingerprint for the RSA1 key sent by the remote host is > ed:93:9a:6b:b8:ee:9f:4b:ed:87:eb:07:c8:d4:5d:5d. > Please contact your system administrator. > Add correct host key in /.ssh/known_hosts to get rid of this message. > Offending key in /.ssh/known_hosts:3 > RSA1 host key for localhost has changed and you have requested strict > checking. > Host key verification failed. > > After investigation, I find the problem is due to the below function from > ssh, which writes the host key to ~/.ssh/known_hosts file for the first > connection to sshd server. (It writes the wrong host key to file!) > > static int > write_bignum(FILE *f, BIGNUM *num) > { > char *buf = BN_bn2dec(num); > if (buf == NULL) { > error('write_bignum: BN_bn2dec() failed'); > return 0; > } > fprintf(f, ' %s', buf); > OPENSSL_free(buf); > return 1; > } > > The BN_bn2dec function is from fips module fipscanister.o > (crypto/bn/bn_print.c). > # nm -g fipscanister.o|grep BN_bn2dec > [889] | 420320| 1840|FUNC |GLOB |0| .text|BN_bn2dec > > char *BN_bn2dec(const BIGNUM *a) > { > int i=0,num; > char *buf=NULL; > char *p; > BIGNUM *t=NULL; > BN_ULONG *bn_data=NULL,*lp; > > i=BN_num_bits(a)*3; > num=(i/10+i/1000+3)+1; > bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); > buf=(char *)OPENSSL_malloc(num+3); > if ((buf == NULL) || (bn_data == NULL)) > { > BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE); > goto err; > } > if ((t=BN_dup(a)) == NULL) goto err; > > #define BUF_REMAIN (num+3 - (size_t)(p - buf)) > p=buf; > lp=bn_data; > if (t->neg) *(p++)='-'; > if (t->top == 0) > { > *(p++)='0'; > *(p++)='\0'; > } > else > { > i=0; > while (!BN_is_zero(t)) > { > *lp=BN_div_word(t,BN_DEC_CONV); > lp++; > } > lp--; > /* We now have a series of blocks, BN_DEC_NUM chars > * in length, where the last one needs truncation. > * The blocks need to be reversed in order. */ > BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT1,*lp); > while (*p) p++; > while (lp != bn_data) > { > lp--; > BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT2,*lp); > while (*p) p++; > } > } > err: > if (bn_data != NULL) OPENSSL_free(bn_data); > if (t != NULL) BN_free(t); > return(buf); > } > > Then I track to BIO_snprintf function.(crypto/bio/b_print.c) > > /* As snprintf is not available everywhere, we provide our own implementation. > * This function has nothing to do with BIOs, but it's closely related > * to BIO_printf, and we need *some* name prefix ... > * (XXX the function should be renamed, but to what?) */ > int BIO_snprintf(char *buf, size_t n, const char *format, ...) > { > va_list args; > int ret; > > va_start(args, format); > > ret = BIO_vsnprintf(buf, n, format, args); > > va_end(args); > return(ret); > } > > I doubt the BIO_snprintf is not fit for my box. > So I replace BIO_snprintf with snprintf in BN_bn2dec function. > After such modificatoin, 'ssh -1 localhost' works fine. > > In fact, both openssl-0.9.7m.tar.gz and openssl-fips-1.1.2.tar.gz have such > problem on HPUX 11.23 IA for 32bits mode. (I've run into the same problem > when I used 32bits mode libcrypto.a generated by openssl-0.9.7m.tar.gz > before.) > > Again, the box I use is > # uname -a > HP-UX sshia1 B.11.23 U ia64 3432702471 unlimited-user license > > Could you investigate? > Thank you! > > Best Regards > > _________________________________________________________________ > 多个邮箱同步管理,live mail客户端万人抢用中 > http://get.live.cn/product/mail.html > _________________________________________________________________ MSN 中文网,最新时尚生活资讯,白领聚集门户。 http://cn.msn.com
|
Hi OpenSSL Dev, Is there any investigation progress of this isse? Thank you! > Subject: [openssl.org #1682] AutoReply: BIO_snprintf can NOT work properly on HPUX 11.23 IA for 32bits mode > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Date: Thu, 29 May 2008 09:30:40 +0200 > > > Greetings, > > This message has been automatically generated in response to the > creation of a trouble ticket regarding: > 'BIO_snprintf can NOT work properly on HPUX 11.23 IA for 32bits mode', > a summary of which appears below. > > There is no need to reply to this message right now. Your ticket has been > assigned an ID of [openssl.org #1682]. > > Please include the string: > > [openssl.org #1682] > > in the subject line of all future correspondence about this issue. To do so, > you may reply to this message. > > Thank you, > [EMAIL PROTECTED] > > ------------------------------------------------------------------------- > > Hi OpenSSL Dev, > > I may find one bug of OpenSSL. > The machine I used is HPUX 11.23 IA box. > # uname -a > HP-UX sshia1 B.11.23 U ia64 3432702471 unlimited-user license > > The issue I met is described in detail as follows. > > Step1 > I download openssl-0.9.7m.tar.gz and openssl-fips-1.1.2.tar.gz from official openssl site. > Step2 > I try to build FIPS Capable OpenSSL according to the openssl FIPS 140-2 User Guide. > It works fine. > Step3 > I download openssh-5.0p1.tar.gz from http://www.openssh.org/ site and use fipsld to link ssh with the previous generated FIPS Capable OpenSSL libcrypto.a according to FIPS 140-2 User Guide. > Everything is fine. > Step4 > One odd issue happens. > I can 'ssh -1 localhost' (use ssh protocol 1) to connect sshd server for the first time. But for the next time, 'ssh -1 localhost' gives message: > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > Someone could be eavesdropping on you right now (man-in-the-middle attack)! > It is also possible that the RSA1 host key has just been changed. > The fingerprint for the RSA1 key sent by the remote host is > ed:93:9a:6b:b8:ee:9f:4b:ed:87:eb:07:c8:d4:5d:5d. > Please contact your system administrator. > Add correct host key in /.ssh/known_hosts to get rid of this message. > Offending key in /.ssh/known_hosts:3 > RSA1 host key for localhost has changed and you have requested strict checking. > Host key verification failed. > > After investigation, I find the problem is due to the below function from ssh, which writes the host key to ~/.ssh/known_hosts file for the first connection to sshd server. (It writes the wrong host key to file!) > > static int > write_bignum(FILE *f, BIGNUM *num) > { > char *buf = BN_bn2dec(num); > if (buf == NULL) { > error('write_bignum: BN_bn2dec() failed'); > return 0; > } > fprintf(f, ' %s', buf); > OPENSSL_free(buf); > return 1; > } > > The BN_bn2dec function is from fips module fipscanister.o (crypto/bn/bn_print.c). > # nm -g fipscanister.o|grep BN_bn2dec > [889] | 420320| 1840|FUNC |GLOB |0| .text|BN_bn2dec > > char *BN_bn2dec(const BIGNUM *a) > { > int i=0,num; > char *buf=NULL; > char *p; > BIGNUM *t=NULL; > BN_ULONG *bn_data=NULL,*lp; > > i=BN_num_bits(a)*3; > num=(i/10+i/1000+3)+1; > bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); > buf=(char *)OPENSSL_malloc(num+3); > if ((buf == NULL) || (bn_data == NULL)) > { > BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE); > goto err; > } > if ((t=BN_dup(a)) == NULL) goto err; > > #define BUF_REMAIN (num+3 - (size_t)(p - buf)) > p=buf; > lp=bn_data; > if (t->neg) *(p++)='-'; > if (t->top == 0) > { > *(p++)='0'; > *(p++)='\0'; > } > else > { > i=0; > while (!BN_is_zero(t)) > { > *lp=BN_div_word(t,BN_DEC_CONV); > lp++; > } > lp--; > /* We now have a series of blocks, BN_DEC_NUM chars > * in length, where the last one needs truncation. > * The blocks need to be reversed in order. */ > BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT1,*lp); > while (*p) p++; > while (lp != bn_data) > { > lp--; > BIO_snprintf(p,BUF_REMAIN,BN_DEC_FMT2,*lp); > while (*p) p++; > } > } > err: > if (bn_data != NULL) OPENSSL_free(bn_data); > if (t != NULL) BN_free(t); > return(buf); > } > > Then I track to BIO_snprintf function.(crypto/bio/b_print.c) > > /* As snprintf is not available everywhere, we provide our own implementation. > * This function has nothing to do with BIOs, but it's closely related > * to BIO_printf, and we need *some* name prefix ... > * (XXX the function should be renamed, but to what?) */ > int BIO_snprintf(char *buf, size_t n, const char *format, ...) > { > va_list args; > int ret; > > va_start(args, format); > > ret = BIO_vsnprintf(buf, n, format, args); > > va_end(args); > return(ret); > } > > I doubt the BIO_snprintf is not fit for my box. > So I replace BIO_snprintf with snprintf in BN_bn2dec function. > After such modificatoin, 'ssh -1 localhost' works fine. > > In fact, both openssl-0.9.7m.tar.gz and openssl-fips-1.1.2.tar.gz have such problem on HPUX 11.23 IA for 32bits mode. (I've run into the same problem when I used 32bits mode libcrypto.a generated by openssl-0.9.7m.tar.gz before.) > > Again, the box I use is > # uname -a > HP-UX sshia1 B.11.23 U ia64 3432702471 unlimited-user license > > Could you investigate? > Thank you! > > Best Regards > > _________________________________________________________________ > 多个邮箱同步管理,live mail客户端万人抢用中 > http://get.live.cn/product/mail.html > 轻松把Hotmail下载到本地,试试 Windows Live Mail。 立即尝试! |
