Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
Hi, noob speaking... so we're upgrading our VM build/test environmend, and have added an 11.3 VM (based on the "Oracle Solaris 11.3 VM Template for Oracle VM VirtualBox" nicely provided by Oracle). Of course, GCM modes now core dump (= good to test :-) )... On Wed, Sep 20, 2017 at 12:59:24PM +0200, casper@oracle.com wrote: > The fix was also delivered in Solaris 11.3 SRU 24 which was released > somewhere in the last week. > > # pkg list -H entire openssl > entire0.5.11-0.175.3.24.0.4.0 > i-- > library/security/openssl 1.0.2.11-0.175.3.24.0.4.0 > i-- What I have after what I thought would do the updating ("pkg install entire") is: vagrant@solaris113:/tmp/openvpn$ pkg list -H entire openssl entire0.5.11-0.175.3.1.0.5.2 i-- library/security/openssl 1.0.1.16-0.175.3.0.0.30.0 i-- ... so is there a way to get from there to "11.3 SRU 24" from the inside of the VM? Or do you need to download something manually, have a maintenance contract, etc.? (Too many things changed in the organizational structure since I used an "original Solaris" last time - that was OpenSolaris 10...) thanks, gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de signature.asc Description: PGP signature -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
>Hello. > >Spent a day debugging this issue on OpenIndiana. >If anyone steps on this once again... >It seems the issue was caused OI/Solaris OpenSSL specific patches, in >particular by >https://github.com/OpenIndiana/oi-userland/blob/oi/hipster/components/library/openssl/openssl-1.0. 2/patches/036-evp_leak.patch >. It was fixed in solaris-userland in this commit - >https://github.com/oracle/solaris-userland/commit/05790938481cdceaedb2a9aee700bcec6fca7e34 > > . Yes I had bug 26336744 filed for this and figured out what was causing it; as a result it has been fixed in Solaris userland (in both branches). The fix was also delivered in Solaris 11.3 SRU 24 which was released somewhere in the last week. # pkg list -H entire openssl entire0.5.11-0.175.3.24.0.4.0i-- library/security/openssl 1.0.2.11-0.175.3.24.0.4.0 i-- (the weird numbers are historic and should be changed to a more easily understandable numbers in 11.4) Casper -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
Hello. Spent a day debugging this issue on OpenIndiana. If anyone steps on this once again... It seems the issue was caused OI/Solaris OpenSSL specific patches, in particular by https://github.com/OpenIndiana/oi-userland/blob/oi/hipster/components/library/openssl/openssl-1.0.2/patches/036-evp_leak.patch . It was fixed in solaris-userland in this commit - https://github.com/oracle/solaris-userland/commit/05790938481cdceaedb2a9aee700bcec6fca7e34 . -- Best regards, Alexander Pyhalov, system administrator of Southern Federal University IT department -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
>Am 30.08.17 um 10:39 schrieb casper@oracle.com: >> >> After I figured out where we went wrong, I filed: 26336744 Solaris specific cleanup code breaks gcm_aes for, e.g., openvpn which has now been fixed in oracle solaris-userland on git hub https://github.com/oracle/solaris-userland/tree/master/components/openssl >>> >>> Cool, thanks a lot! >>> It cannot say exactly when it will be in Solaris 11.3 SRU (patch) release. Current workaround is disabling AES-GCM for openvpn but that should not be needed in the future. >>> >>> Is there a way to reliably detect this issue from a test program (or by >>> looking at system versions, like "uname")? It might be worth adding a >>> configure test so users won't run into it ("AES-GCM disabled due to >>> bug 26336744 in Solaris OpenSSL"). >> >> Well, t_lpback would fail but that is late as then you would have >> configured and compiled openvpn. >> > >Does it fail reliable? If yes we could just run a quick version of >failing and if this fails disable AES support, especially disabling >cipher negoiation. Yes, very reliable (NULL pointer dereference) Casper -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
Am 30.08.17 um 10:39 schrieb casper@oracle.com: > > >>> After I figured out where we went wrong, I filed: >>> 26336744 Solaris specific cleanup code breaks gcm_aes for, e.g., openvpn >>> which has now been fixed in oracle solaris-userland on git hub >>> https://github.com/oracle/solaris-userland/tree/master/components/openssl >> >> Cool, thanks a lot! >> >>> It cannot say exactly when it will be in Solaris 11.3 SRU (patch) release. >>> Current workaround is disabling AES-GCM for openvpn but that should not be >>> needed in the future. >> >> Is there a way to reliably detect this issue from a test program (or by >> looking at system versions, like "uname")? It might be worth adding a >> configure test so users won't run into it ("AES-GCM disabled due to >> bug 26336744 in Solaris OpenSSL"). > > Well, t_lpback would fail but that is late as then you would have > configured and compiled openvpn. > Does it fail reliable? If yes we could just run a quick version of failing and if this fails disable AES support, especially disabling cipher negoiation. Arne -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
>> After I figured out where we went wrong, I filed: >> 26336744 Solaris specific cleanup code breaks gcm_aes for, e.g., openvpn >> which has now been fixed in oracle solaris-userland on git hub >> https://github.com/oracle/solaris-userland/tree/master/components/openssl > >Cool, thanks a lot! > >> It cannot say exactly when it will be in Solaris 11.3 SRU (patch) release. >> Current workaround is disabling AES-GCM for openvpn but that should not be >> needed in the future. > >Is there a way to reliably detect this issue from a test program (or by >looking at system versions, like "uname")? It might be worth adding a >configure test so users won't run into it ("AES-GCM disabled due to >bug 26336744 in Solaris OpenSSL"). Well, t_lpback would fail but that is late as then you would have configured and compiled openvpn. This bug exists in Solaris 11.2 FCS. Older versions, as you have seen, do not have GCM support so you would not find the bug. The best way to find the install Solaris version in Solaris 11 and later is "pkg list entire"; this will print: NAME (PUBLISHER) VERSIONIFO entire0.5.11-0.175.3.22.0.3.0i-- The actual string is pretty much an "historical accident" but the important bits are: 0.5.11-0.175.*3*.*22*.0.3.0 The first three is the minor version (11.*3*) and the *22* is the installed SRU. For now, I think for Solaris 11+ we should disable gcm which I currently do by hand by changing #define HAVE_AEAD_CIPHER_MODES 1 to #undef HAVE_AEAD_CIPHER_MODES Casper -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
Hi Casper, On Tue, Aug 29, 2017 at 03:22:38PM +0200, casper@oracle.com wrote: > I recently run into the same problem as Jens Neuhalfen has reported > more than a year ago in this mailing list. > > As I was somewhat confused why the shipped Solaris openssl version failed, > I looked into that issue as I also wanted to run a recent > openvpn on Solaris 11.x. Oh. That's the bit I missed - I tried reproducing it with various openssl versions, but my OpenSolaris test VM is so old that the *shipped* version didn't have GCM support yet... > After I figured out where we went wrong, I filed: > > 26336744 Solaris specific cleanup code breaks gcm_aes for, e.g., openvpn > > which has now been fixed in oracle solaris-userland on git hub > > https://github.com/oracle/solaris-userland/tree/master/components/openssl Cool, thanks a lot! > It cannot say exactly when it will be in Solaris 11.3 SRU (patch) release. > > Current workaround is disabling AES-GCM for openvpn but that should not be > needed in the future. Is there a way to reliably detect this issue from a test program (or by looking at system versions, like "uname")? It might be worth adding a configure test so users won't run into it ("AES-GCM disabled due to bug 26336744 in Solaris OpenSSL"). gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de signature.asc Description: PGP signature -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
I recently run into the same problem as Jens Neuhalfen has reported more than a year ago in this mailing list. As I was somewhat confused why the shipped Solaris openssl version failed, I looked into that issue as I also wanted to run a recent openvpn on Solaris 11.x. After I figured out where we went wrong, I filed: 26336744 Solaris specific cleanup code breaks gcm_aes for, e.g., openvpn which has now been fixed in oracle solaris-userland on git hub https://github.com/oracle/solaris-userland/tree/master/components/openssl It cannot say exactly when it will be in Solaris 11.3 SRU (patch) release. Current workaround is disabling AES-GCM for openvpn but that should not be needed in the future. Casper -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
Hi, On Sun, May 22, 2016 at 10:44:41AM +0200, Jens Neuhalfen wrote: > A broken ssl library and openvpn - What could possibly go wrong? We could recommend building with mbedtls... :-) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de signature.asc Description: PGP signature
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
Hi Gert, openssl is a joy to work with :-/ [snip] > Ceterum censeo: I acknowledge that something is funny here, but I do not > think it's OpenVPN's fault (otherwise it should show up for me), so not > much we can do about it. A broken ssl library and openvpn - What could possibly go wrong? But I agree, we should ignore that as out of scope for openvpn. Not much we can do for Oracle. Jens
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
Hi, On Sat, May 21, 2016 at 11:32:40PM +0200, Jens Neuhalfen wrote: > This is > * Solaris 11.3 on Intel 64 bit (isainfo -k ???> amd64), fresh from > Sun^H^H^HOracle > > * OpenSSL 1.0.1p. openssl is compiled as 32 bit library (file > /lib/libcrypto.so.1.0.0 ???> /lib/libcrypto.so.1.0.0:ELF 32-bit LSB > dynamic lib 80386 Version 1 [SSE2 SSE MMX CMOV FPU], dynamically linked, not > stripped). Tried building with 1.0.1p (using gcc), and the first thing to notice is that *openssl* fails its own "make test" run (something in the RSA key test aborts with "keys do not match"). So something is fishy with that version. Interesting enough, our "make check" *still* works nicely for me... -n Testing cipher AES-128-GCM... OK -n Testing cipher AES-192-GCM... OK -n Testing cipher AES-256-GCM... OK ... All 2 tests passed So it does look like that 1.0.1p and Solaris do not get along well, but it might depend on compiler used (I use gcc, Oracle surely does not). The most recent version is 1.0.1t, which interestingly enough, has the same self test error... CMS consistency test /opt/csw/bin/perl cms-test.pl CMS => PKCS#7 compatibility tests signed content DER format, RSA key: verify error make[1]: *** [test_cms] Error 1 (this works in 1.0.2, so I think it's not my local system that is funny) Ceterum censeo: I acknowledge that something is funny here, but I do not think it's OpenVPN's fault (otherwise it should show up for me), so not much we can do about it. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de signature.asc Description: PGP signature
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
Hi Gert, > Hi, > > On Sat, May 21, 2016 at 07:05:01PM +0200, Jens Neuhalfen wrote: >> ./t_lpback.sh fails with AES-GCM mode on Solaris 11. CRYPTO_gcm128_setiv >> from libcrypto seems to jump into NULL pointer country. > > Oh, interesting. My OpenSSL on the OpenSolaris box is so old that it does > not have the AES-GCM modes, so I never tested this (and, of course, "all > tests pass"). > > Is this Sparc or Intel Solaris? Which version of OpenSSL? 32 or 64 bit? This is * Solaris 11.3 on Intel 64 bit (isainfo -k —> amd64), fresh from Sun^H^H^HOracle * OpenSSL 1.0.1p. openssl is compiled as 32 bit library (file /lib/libcrypto.so.1.0.0 —> /lib/libcrypto.so.1.0.0:ELF 32-bit LSB dynamic lib 80386 Version 1 [SSE2 SSE MMX CMOV FPU], dynamically linked, not stripped). pkg info openssl Name: library/security/openssl Summary: OpenSSL - a Toolkit for Secure Sockets Layer (SSL v2/v3) and Transport Layer (TLS v1) protocols and general purpose cryptographic library Description: OpenSSL is a full-featured toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. Category: System/Security State: Installed Publisher: solaris Version: 1.0.1.16 (1.0.1p) Build Release: 5.11 Branch: 0.175.3.0.0.30.0 Packaging Date: August 21, 2015 05:11:12 PM Size: 13.26 MB FMRI: pkg://solaris/library/security/openssl@1.0.1.16,5.11-0.175.3.0.0.30.0:20150821T171112Z Cheers Jens
Re: [Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
Hi, On Sat, May 21, 2016 at 07:05:01PM +0200, Jens Neuhalfen wrote: > ./t_lpback.sh fails with AES-GCM mode on Solaris 11. CRYPTO_gcm128_setiv from > libcrypto seems to jump into NULL pointer country. Oh, interesting. My OpenSSL on the OpenSolaris box is so old that it does not have the AES-GCM modes, so I never tested this (and, of course, "all tests pass"). Is this Sparc or Intel Solaris? Which version of OpenSSL? 32 or 64 bit? I tried building with 1.0.2g (static libraries, 32 bit) and that actually passes GCM tests for me... -n Testing cipher AES-128-CBC... OK -n Testing cipher AES-128-CFB... OK -n Testing cipher AES-128-CFB1... OK -n Testing cipher AES-128-CFB8... OK -n Testing cipher AES-128-GCM... OK ... OK -n Testing cipher AES-256-CFB8... OK -n Testing cipher AES-256-GCM... OK -n Testing cipher AES-256-OFB... OK ... == All 2 tests passed (1 tests were not run) == OpenVPN 2.PRODUCT_VERSION_MINORPRODUCT_VERSION_PATCH [git:master/a9faebe7d4234cdf+] i386-pc-solaris2.11 [SSL (OpenSSL)] [LZO] [LZ4] [IPv6] built on May 21 2016 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.03 ... so at this point, it's hard to say... gert PS: and yes, our test scripts and Solaris' "echo" function do not like each other very much. And neither does the script that builds the version number from git :-) -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de signature.asc Description: PGP signature
[Openvpn-devel] Solaris 11: t_lpback.sh coredump on AES-GCM
Hi, ./t_lpback.sh fails with AES-GCM mode on Solaris 11. CRYPTO_gcm128_setiv from libcrypto seems to jump into NULL pointer country. This is currently no issue for me, but in case anyone cares I put the coredump on https://www.neuhalfen.name/__downloads__/openvpn/core_solaris11_aes-gcm_crash . cheers Jens ./t_lpback.sh -n Testing cipher AES-128-CBC... OK -n Testing cipher AES-128-CFB... OK -n Testing cipher AES-128-CFB1... OK -n Testing cipher AES-128-CFB8... OK -n Testing cipher AES-128-GCM... FAILED Sat May 21 19:01:09 2016 OpenVPN 2.3_git [git:master/b207d8ae9a6b0e99] i386-pc-solaris2.11 [SSL (OpenSSL)] [IPv6] built on May 21 2016 Sat May 21 19:01:09 2016 library versions: OpenSSL 1.0.1p 9 Jul 2015 Sat May 21 19:01:09 2016 OpenVPN 2.3_git [git:master/b207d8ae9a6b0e99] i386-pc-solaris2.11 [SSL (OpenSSL)] [IPv6] built on May 21 2016 Sat May 21 19:01:09 2016 Entering OpenVPN crypto self-test mode. Sat May 21 19:01:09 2016 TESTING ENCRYPT/DECRYPT of packet length=1 Sat May 21 19:01:09 2016 TESTING ENCRYPT/DECRYPT of packet length=2 ./t_lpback.sh: line 48: 19049: Memory fault(coredump) ——— gdb ../src/openvpn/openvpn core ... Reading symbols from /export/home/jens/openvpn/src/openvpn/openvpn...done. [New LWP 1] [New LWP 1] [Thread debugging using libthread_db enabled] [New Thread 1 (LWP 1)] Core was generated by `../src/openvpn/openvpn --test-crypto --secret key.19038 --cipher AES-256-GCM'. Program terminated with signal 11, Segmentation fault. #0 0x in ?? () (gdb) bt #0 0x in ?? () #1 0x07505972 in CRYPTO_gcm128_setiv () from /lib/libcrypto.so.1.0.0 #2 0x075402af in aesni_gcm_init_key () from /lib/libcrypto.so.1.0.0 #3 0x0753cc50 in EVP_CipherInit_ex () from /lib/libcrypto.so.1.0.0 #4 0x0753c968 in EVP_CipherInit () from /lib/libcrypto.so.1.0.0 #5 0x0808bc10 in cipher_ctx_reset (ctx=0x811b808, iv_buf=iv_buf@entry=0xfeffd930 "") at crypto_openssl.c:623 #6 0x0808985d in openvpn_encrypt_aead (opt=0xfeffe144, work=..., buf=0xfeffd9f0) at crypto.c:130 #7 openvpn_encrypt (buf=buf@entry=0xfeffd9f0, work=..., opt=opt@entry=0xfeffe144) at crypto.c:340 #8 0x0808ab02 in test_crypto (co=co@entry=0xfeffe144, frame=frame@entry=0xfeffe00c) at crypto.c:1078 #9 0x0809a4eb in test_crypto_thread (arg=0xfeffda38) at init.c:3921 #10 do_test_crypto (o=o@entry=0xfeffe358) at init.c:3947 #11 0x080b1f05 in openvpn_main (argc=argc@entry=6, argv=argv@entry=0xfeffec88) at openvpn.c:232 #12 0x080ee9c1 in main (argc=6, argv=0xfeffec88) at openvpn.c:345 (gdb) frame 1 #1 0x07505972 in CRYPTO_gcm128_setiv () from /lib/libcrypto.so.1.0.0 (gdb) info args No symbol table info available. (gdb) info local No symbol table info available. (gdb) info locals ...