On Wed, Aug 22, 2012, Ralf Horstmann wrote:
> Hi,
>
> when using OpenSSL 1.0.1c together with a chrooted bind 9.7.3
> on Red Hat 6 x86_64, I got reproducible crashes within OpenSSL:
>
> Program received signal SIGSEGV, Segmentation fault.
> OPENSSL_cleanse () at x86_64cpuid.s:181
> 181 movq %rax,(%rdi)
> (gdb) bt
> #0 OPENSSL_cleanse () at x86_64cpuid.s:181
> #1 0x00007ffff6ee076f in drbg_free_entropy (ctx=<value optimized out>,
> out=0x0, olen=<value optimized out>) at rand_lib.c:213
> #2 0x00007ffff6e699b4 in FIPS_drbg_instantiate () from /lib64/libcrypto.so.10
> #3 0x00007ffff6ee0b90 in RAND_init_fips () at rand_lib.c:286
> #4 0x00007ffff6e74b31 in CRYPTO_set_mem_functions (m=0x7ffff7973780
> <mem_alloc>, r=0x7ffff7973730 <mem_realloc>,
> f=0x7ffff79734d0 <mem_free>) at mem.c:128
> #5 0x00007ffff79737f8 in dst__openssl_init (engine=0x0) at openssl_link.c:174
> #6 0x00007ffff797a888 in dst_lib_init2 (mctx=<value optimized out>,
> ectx=0x7ffff7fa7280, engine=0x0, eflags=1) at dst_api.c:210
> #7 0x0000555555589493 in ns_server_create (mctx=<value optimized out>,
> serverp=0x5555557c9eb0) at server.c:4934
> #8 0x0000555555579199 in setup (argc=<value optimized out>,
> argv=0x7fffffffe698) at ./main.c:856
> #9 main (argc=<value optimized out>, argv=0x7fffffffe698) at ./main.c:1026
>
> The strace fragment shows what is going on before the segfault:
>
> 26734 open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = -1 ENOENT (No such
> file or directory)
> 26734 open("/dev/random", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 9
> 26734 fstat(9, {st_mode=S_IFCHR|0644, st_rdev=makedev(1, 8), ...}) = 0
> 26734 poll([{fd=9, events=POLLIN}], 1, 10) = 1 ([{fd=9, revents=POLLIN}])
> 26734 read(9, "\254j\357\235t\36\273\306\26261\0\352A\221\321", 32) = 16
> 26734 close(9) = 0
> 26734 open("/dev/srandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = -1 ENOENT (No such
> file or directory)
> 26734 socket(PF_FILE, SOCK_STREAM, 0) = 9
> 26734 connect(9, {sa_family=AF_FILE, path="/var/run/egd-pool"}, 19) = -1
> ENOENT (No such file or directory)
> 26734 close(9) = 0
> 26734 socket(PF_FILE, SOCK_STREAM, 0) = 9
> 26734 connect(9, {sa_family=AF_FILE, path="/dev/egd-pool"}, 15) = -1 ENOENT
> (No such file or directory)
> 26734 close(9) = 0
> 26734 socket(PF_FILE, SOCK_STREAM, 0) = 9
> 26734 connect(9, {sa_family=AF_FILE, path="/etc/egd-pool"}, 15) = -1 ENOENT
> (No such file or directory)
> 26734 close(9) = 0
> 26734 socket(PF_FILE, SOCK_STREAM, 0) = 9
> 26734 connect(9, {sa_family=AF_FILE, path="/etc/entropy"}, 14) = -1 EACCES
> (Permission denied)
> 26734 close(9) = 0
> 26734 getuid() = 25
> 26734 time(NULL) = 1345561606
> 26734 --- SIGSEGV (Segmentation fault) @ 0 (0) ---
>
> So the init code doesn't get enough bytes from /dev/random,
> which then later triggers the bug.
>
> The patch below fixes the issue. Creating /dev/urandom within the
> chroot helps as well.
>
Since changing the fips module is not easy an alternative is to change the FIPS
capable OpenSSL. Try this patch:
http://cvs.openssl.org/chngview?cn=22772
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
