[Group.of.nepali.translators] [Bug 1698758] Re: Encrypted password causes segmentation fault

[Bug Watch Updater]

** Changed in: libapache2-mod-auth-pgsql (Debian)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1698758

Title:
  Encrypted password causes segmentation fault

Status in libapache2-mod-auth-pgsql package in Ubuntu:
  Fix Released
Status in libapache2-mod-auth-pgsql source package in Trusty:
  Fix Released
Status in libapache2-mod-auth-pgsql source package in Xenial:
  Fix Released
Status in libapache2-mod-auth-pgsql source package in Zesty:
  Fix Released
Status in libapache2-mod-auth-pgsql package in Debian:
  Fix Released

Bug description:
  [Impact]
  The libapache2-mod-auth-pgsql module will cause a segfault error in apache if 
its encrypted support is enabled ("Auth_PG_encrypted on") and a hash format not 
supported by crypt(3) is used.

  Since this is an apache module, users might be tempted to use
  htpasswd(1) to generate such hashes. The option to generate SHA hashes
  (-s) in particular will generate a hash incompatible with crypt(3),
  which will then return NULL and cause the segfault in unpatched
  versions of this apache module.

  The fix catches the situation when crypt(3) returns NULL and logs the
  event as an unsupported hash type being found, and denies the login.

  [Test Case]

  * install the packages on the Ubuntu release you are testing:
  $ sudo apt install apache2 libapache2-mod-auth-pgsql postgresql

  * create the database and populate it with the test users from the attached 
test-users.sql file:
  $ sudo -u postgres -H createdb userdb
  $ sudo -u postgres -H psql userdb -f test-users.sql

  * Create the DB user we will use:
  $ sudo -u postgres -H psql postgres -c "CREATE ROLE www UNENCRYPTED PASSWORD 
'password' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"

  * Grant access:
  $ sudo -u postgres -H psql userdb -c "GRANT SELECT ON TABLE userlogin TO www;"

  * Create the /var/www/html/.htaccess file with this content:
  AuthType basic
  AuthName "My Auth"
  Require valid-user
  AuthBasicProvider pgsql
  Auth_PG_authoritative On
  Auth_PG_host 127.0.0.1
  Auth_PG_port 5432
  Auth_PG_user www
  Auth_PG_pwd password
  Auth_PG_database userdb
  Auth_PG_encrypted on
  Auth_PG_pwd_table UserLogin
  Auth_PG_uid_field Username
  Auth_PG_pwd_field ApachePassword

  * Setup access in apache by editing /etc/apache2/sites-
  enabled/000-default.conf and adding these lines somewhere inside the
   section:

  
  AllowOverride AuthConfig
  

  * Enable the mod-auth-pgsql module:
  $ sudo a2enmod 000_auth_pgsql

  * Restart apache:
  $ sudo service apache2 restart

  To try each test login, use a loop like this:

  $ for u in ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 
ubuntu-des; do echo -n "Testing $u... "; curl -f http://$u:secret@localhost/ -o 
/dev/null -s; echo $?; done
  Testing ubuntu-invalidhash... 52
  Testing ubuntu-md5... 0
  Testing ubuntu-sha256... 0
  Testing ubuntu-sha512... 0
  Testing ubuntu-des... 0

  Error 52 means "empty reply from server". That's when apache segfaulted:
  [Wed Jul 19 19:28:13.808711 2017] [core:notice] [pid 9499:tid 
140330145511296] AH00051: child pid 9677 exit signal Segmentation fault (11), 
possible coredump in /etc/apache2

  With the fixed version of libapache2-mod-auth-pgsql, the test loop
  will just record a normal authentication problem for the ubuntu-
  invalidhash user (since the hash is not supported) instead of an
  "empty reply from server":

  $ for u in ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 
ubuntu-des; do echo -n "Testing $u... "; curl -f http://$u:secret@localhost/ -o 
/dev/null -s; echo $?; done
  Testing ubuntu-invalidhash... 22
  Testing ubuntu-md5... 0
  Testing ubuntu-sha256... 0
  Testing ubuntu-sha512... 0
  Testing ubuntu-des... 0

  And we get this fact logged:
  [Wed Jul 19 19:38:56.547337 2017] [auth_pgsql:error] [pid 10035:tid 
140550732678912] [client 127.0.0.1:56946] [mod_auth_pgsql.c] - ERROR - PG user 
ubuntu-invalidhash: unsupported CRYPT format

  [Regression Potential]
  The patch seems pretty straight forward and uses a well documented crypt(3) 
return value in the case of errors.

  This is a very old module that hasn't been built in a while (see
  [other info] below. It's possible that just by rebuilding it with the
  new environment available in each ubuntu release since vivid could
  introduce unknowns. Hopefully, if that happens, it will be immediately
  noticed by the people who use it and will test this SRU.

  [Other Info]

  Upstream doesn't have a bugtracker or public code hosting that I could
  find, so I forwarded the patch via email. No response so far.

  This module hasn't been rebuilt since vivid and seems unmaintained, being at 
version 2.0.3 since the precise days:
   libapache2-mod-auth-pgsql | 2.0.3-5build2| precise
   libapache2-mod-auth-pgsql | 2.0.3-6 

[Group.of.nepali.translators] [Bug 1698758] Re: Encrypted password causes segmentation fault

[Launchpad Bug Tracker]

This bug was fixed in the package libapache2-mod-auth-pgsql -
2.0.3-6ubuntu0.1

---
libapache2-mod-auth-pgsql (2.0.3-6ubuntu0.1) trusty; urgency=medium

  * d/p/fixdoublefree.patch: set freed pointers to NULL before subsequent
checks against NULL. (LP: #1272857)
  * d/p/crypt-check-null-1698758.patch: check for a NULL return from crypt(3)
(LP: #1698758)

 -- Andreas Hasenack   Thu, 22 Jun 2017 16:54:09
-0300

** Changed in: libapache2-mod-auth-pgsql (Ubuntu Trusty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1698758

Title:
  Encrypted password causes segmentation fault

Status in libapache2-mod-auth-pgsql package in Ubuntu:
  Fix Released
Status in libapache2-mod-auth-pgsql source package in Trusty:
  Fix Released
Status in libapache2-mod-auth-pgsql source package in Xenial:
  Fix Released
Status in libapache2-mod-auth-pgsql source package in Zesty:
  Fix Released
Status in libapache2-mod-auth-pgsql package in Debian:
  New

Bug description:
  [Impact]
  The libapache2-mod-auth-pgsql module will cause a segfault error in apache if 
its encrypted support is enabled ("Auth_PG_encrypted on") and a hash format not 
supported by crypt(3) is used.

  Since this is an apache module, users might be tempted to use
  htpasswd(1) to generate such hashes. The option to generate SHA hashes
  (-s) in particular will generate a hash incompatible with crypt(3),
  which will then return NULL and cause the segfault in unpatched
  versions of this apache module.

  The fix catches the situation when crypt(3) returns NULL and logs the
  event as an unsupported hash type being found, and denies the login.

  [Test Case]

  * install the packages on the Ubuntu release you are testing:
  $ sudo apt install apache2 libapache2-mod-auth-pgsql postgresql

  * create the database and populate it with the test users from the attached 
test-users.sql file:
  $ sudo -u postgres -H createdb userdb
  $ sudo -u postgres -H psql userdb -f test-users.sql

  * Create the DB user we will use:
  $ sudo -u postgres -H psql postgres -c "CREATE ROLE www UNENCRYPTED PASSWORD 
'password' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"

  * Grant access:
  $ sudo -u postgres -H psql userdb -c "GRANT SELECT ON TABLE userlogin TO www;"

  * Create the /var/www/html/.htaccess file with this content:
  AuthType basic
  AuthName "My Auth"
  Require valid-user
  AuthBasicProvider pgsql
  Auth_PG_authoritative On
  Auth_PG_host 127.0.0.1
  Auth_PG_port 5432
  Auth_PG_user www
  Auth_PG_pwd password
  Auth_PG_database userdb
  Auth_PG_encrypted on
  Auth_PG_pwd_table UserLogin
  Auth_PG_uid_field Username
  Auth_PG_pwd_field ApachePassword

  * Setup access in apache by editing /etc/apache2/sites-
  enabled/000-default.conf and adding these lines somewhere inside the
   section:

  
  AllowOverride AuthConfig
  

  * Enable the mod-auth-pgsql module:
  $ sudo a2enmod 000_auth_pgsql

  * Restart apache:
  $ sudo service apache2 restart

  To try each test login, use a loop like this:

  $ for u in ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 
ubuntu-des; do echo -n "Testing $u... "; curl -f http://$u:secret@localhost/ -o 
/dev/null -s; echo $?; done
  Testing ubuntu-invalidhash... 52
  Testing ubuntu-md5... 0
  Testing ubuntu-sha256... 0
  Testing ubuntu-sha512... 0
  Testing ubuntu-des... 0

  Error 52 means "empty reply from server". That's when apache segfaulted:
  [Wed Jul 19 19:28:13.808711 2017] [core:notice] [pid 9499:tid 
140330145511296] AH00051: child pid 9677 exit signal Segmentation fault (11), 
possible coredump in /etc/apache2

  With the fixed version of libapache2-mod-auth-pgsql, the test loop
  will just record a normal authentication problem for the ubuntu-
  invalidhash user (since the hash is not supported) instead of an
  "empty reply from server":

  $ for u in ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 
ubuntu-des; do echo -n "Testing $u... "; curl -f http://$u:secret@localhost/ -o 
/dev/null -s; echo $?; done
  Testing ubuntu-invalidhash... 22
  Testing ubuntu-md5... 0
  Testing ubuntu-sha256... 0
  Testing ubuntu-sha512... 0
  Testing ubuntu-des... 0

  And we get this fact logged:
  [Wed Jul 19 19:38:56.547337 2017] [auth_pgsql:error] [pid 10035:tid 
140550732678912] [client 127.0.0.1:56946] [mod_auth_pgsql.c] - ERROR - PG user 
ubuntu-invalidhash: unsupported CRYPT format

  [Regression Potential]
  The patch seems pretty straight forward and uses a well documented crypt(3) 
return value in the case of errors.

  This is a very old module that hasn't been built in a while (see
  [other info] below. It's possible that just by rebuilding it with the
  new environment available in each ubuntu release since vivid could
  introduce unknowns. Hopefully, if 

[Group.of.nepali.translators] [Bug 1698758] Re: Encrypted password causes segmentation fault

[Launchpad Bug Tracker]

This bug was fixed in the package libapache2-mod-auth-pgsql -
2.0.3-6.1ubuntu0.16.04.1

---
libapache2-mod-auth-pgsql (2.0.3-6.1ubuntu0.16.04.1) xenial; urgency=medium

  * d/p/crypt-check-null-1698758.patch: check for a NULL return from crypt(3)
(LP: #1698758)

 -- Andreas Hasenack   Thu, 22 Jun 2017 16:35:37
-0300

** Changed in: libapache2-mod-auth-pgsql (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

** Changed in: libapache2-mod-auth-pgsql (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1698758

Title:
  Encrypted password causes segmentation fault

Status in libapache2-mod-auth-pgsql package in Ubuntu:
  Fix Released
Status in libapache2-mod-auth-pgsql source package in Trusty:
  Fix Released
Status in libapache2-mod-auth-pgsql source package in Xenial:
  Fix Released
Status in libapache2-mod-auth-pgsql source package in Zesty:
  Fix Released
Status in libapache2-mod-auth-pgsql package in Debian:
  New

Bug description:
  [Impact]
  The libapache2-mod-auth-pgsql module will cause a segfault error in apache if 
its encrypted support is enabled ("Auth_PG_encrypted on") and a hash format not 
supported by crypt(3) is used.

  Since this is an apache module, users might be tempted to use
  htpasswd(1) to generate such hashes. The option to generate SHA hashes
  (-s) in particular will generate a hash incompatible with crypt(3),
  which will then return NULL and cause the segfault in unpatched
  versions of this apache module.

  The fix catches the situation when crypt(3) returns NULL and logs the
  event as an unsupported hash type being found, and denies the login.

  [Test Case]

  * install the packages on the Ubuntu release you are testing:
  $ sudo apt install apache2 libapache2-mod-auth-pgsql postgresql

  * create the database and populate it with the test users from the attached 
test-users.sql file:
  $ sudo -u postgres -H createdb userdb
  $ sudo -u postgres -H psql userdb -f test-users.sql

  * Create the DB user we will use:
  $ sudo -u postgres -H psql postgres -c "CREATE ROLE www UNENCRYPTED PASSWORD 
'password' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"

  * Grant access:
  $ sudo -u postgres -H psql userdb -c "GRANT SELECT ON TABLE userlogin TO www;"

  * Create the /var/www/html/.htaccess file with this content:
  AuthType basic
  AuthName "My Auth"
  Require valid-user
  AuthBasicProvider pgsql
  Auth_PG_authoritative On
  Auth_PG_host 127.0.0.1
  Auth_PG_port 5432
  Auth_PG_user www
  Auth_PG_pwd password
  Auth_PG_database userdb
  Auth_PG_encrypted on
  Auth_PG_pwd_table UserLogin
  Auth_PG_uid_field Username
  Auth_PG_pwd_field ApachePassword

  * Setup access in apache by editing /etc/apache2/sites-
  enabled/000-default.conf and adding these lines somewhere inside the
   section:

  
  AllowOverride AuthConfig
  

  * Enable the mod-auth-pgsql module:
  $ sudo a2enmod 000_auth_pgsql

  * Restart apache:
  $ sudo service apache2 restart

  To try each test login, use a loop like this:

  $ for u in ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 
ubuntu-des; do echo -n "Testing $u... "; curl -f http://$u:secret@localhost/ -o 
/dev/null -s; echo $?; done
  Testing ubuntu-invalidhash... 52
  Testing ubuntu-md5... 0
  Testing ubuntu-sha256... 0
  Testing ubuntu-sha512... 0
  Testing ubuntu-des... 0

  Error 52 means "empty reply from server". That's when apache segfaulted:
  [Wed Jul 19 19:28:13.808711 2017] [core:notice] [pid 9499:tid 
140330145511296] AH00051: child pid 9677 exit signal Segmentation fault (11), 
possible coredump in /etc/apache2

  With the fixed version of libapache2-mod-auth-pgsql, the test loop
  will just record a normal authentication problem for the ubuntu-
  invalidhash user (since the hash is not supported) instead of an
  "empty reply from server":

  $ for u in ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 
ubuntu-des; do echo -n "Testing $u... "; curl -f http://$u:secret@localhost/ -o 
/dev/null -s; echo $?; done
  Testing ubuntu-invalidhash... 22
  Testing ubuntu-md5... 0
  Testing ubuntu-sha256... 0
  Testing ubuntu-sha512... 0
  Testing ubuntu-des... 0

  And we get this fact logged:
  [Wed Jul 19 19:38:56.547337 2017] [auth_pgsql:error] [pid 10035:tid 
140550732678912] [client 127.0.0.1:56946] [mod_auth_pgsql.c] - ERROR - PG user 
ubuntu-invalidhash: unsupported CRYPT format

  [Regression Potential]
  The patch seems pretty straight forward and uses a well documented crypt(3) 
return value in the case of errors.

  This is a very old module that hasn't been built in a while (see
  [other info] below. It's possible that just by rebuilding it with the
  new environment available in each ubuntu release since vivid could
  introduce unknowns. Hopefully, 

[Group.of.nepali.translators] [Bug 1698758] Re: Encrypted password causes segmentation fault

[Robie Basak]

** Also affects: libapache2-mod-auth-pgsql (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Also affects: libapache2-mod-auth-pgsql (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: libapache2-mod-auth-pgsql (Ubuntu Zesty)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1698758

Title:
  Encrypted password causes segmentation fault

Status in libapache2-mod-auth-pgsql package in Ubuntu:
  Fix Released
Status in libapache2-mod-auth-pgsql source package in Trusty:
  New
Status in libapache2-mod-auth-pgsql source package in Xenial:
  New
Status in libapache2-mod-auth-pgsql source package in Zesty:
  New
Status in libapache2-mod-auth-pgsql package in Debian:
  New

Bug description:
  I have configured a .htaccess to use libapache2-mod-auth-pgsql to
  authenticate a user against a postgres database. The settings are as
  follows:

  AuthType basic
  AuthName "My Auth"
  Require valid-user
  AuthBasicProvider pgsql
  Auth_PG_authoritative On
  Auth_PG_host 127.0.0.1
  Auth_PG_port 5432
  Auth_PG_user www
  Auth_PG_pwd password
  Auth_PG_database userdb
  Auth_PG_encrypted off
  Auth_PG_pwd_table UserLogin
  Auth_PG_uid_field Username
  Auth_PG_pwd_field ApachePassword

  If I set Auth_PG_encrypted to off, then authentication works but the
  downside is that I have to save plain unencrypted password on the
  database. If I set Auth_PG_encrypted to on, a segmentation fault
  occurs. A typical password to be contained in ApachePassword field is
  the following (for password "password"):
  "{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=" - This matches exactly to what
  would be generated by htpasswd -s.

  Here is the error log entry I get:
  [pid 9662] AH00052: child pid 9670 exit signal Segmentation fault (11)

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: apache2 2.4.18-2ubuntu3.2
  ProcVersionSignature: Ubuntu 4.4.0-79.100-generic 4.4.67
  Uname: Linux 4.4.0-79-generic x86_64
  Apache2ConfdDirListing: False
  Apache2Modules:
   Error: command ['/usr/sbin/apachectl', '-D DUMP_MODULES'] failed with exit 
code 1: [Mon Jun 19 09:48:04.146971 2017] [so:warn] [pid 8403] AH01574: module 
dav_module is already loaded, skipping
   apache2: Syntax error on line 140 of /etc/apache2/apache2.conf: Syntax error 
on line 2 of /etc/apache2/mods-enabled/session_dbd.load: Cannot load 
/usr/lib/apache2/modules/mod_session_dbd.so into server: 
/usr/lib/apache2/modules/mod_session_dbd.so: undefined symbol: 
ap_hook_session_save
   Action '-D DUMP_MODULES' failed.
   The Apache error log may have more information.
  ApportVersion: 2.20.1-0ubuntu2.6
  Architecture: amd64
  Date: Mon Jun 19 09:47:34 2017
  SourcePackage: apache2
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.apache2.apache2.conf: [modified]
  modified.conffile..etc.apache2.mods-available.dav.load: [modified]
  modified.conffile..etc.apache2.sites-available.000-default.conf: [modified]
  mtime.conffile..etc.apache2.apache2.conf: 2017-06-03T16:27:12.439856
  mtime.conffile..etc.apache2.mods-available.dav.load: 
2017-06-03T16:31:51.028040
  mtime.conffile..etc.apache2.sites-available.000-default.conf: 
2016-11-11T14:57:50

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libapache2-mod-auth-pgsql/+bug/1698758/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp