Public bug reported:
Hi, I found a possible bug in the `openssl rehash` command: it won't do
anything while running inside a armhf chroot with an amd64 host
architecture.
How to reproduce (confirmed on focal and hirsute):
1. Build a armhf chroot environment: `debootstrap --arch armhf --foreign focal
<dir>`
2. Go inside chroot (using systemd-nspawn): `systemd-nspawn -D <dir>`
3. Complete debootstrap second stage: `/debootstrap/debootstrap --second-stage`
4. Run rehash in system certs dir: `openssl rehash -n -v /etc/ssl/certs`
5. Rehash shows nothing was done
```
root@ubuntuarm:~# openssl rehash -n -v /etc/ssl/certs
Doing /etc/ssl/certs
root@ubuntuarm:~#
```
In jammy there is no problem (openssl 3.0.2).
$ lsb_release -rd
Description: Ubuntu 20.04.4 LTS
Release: 20.04
$ apt-cache policy openssl
openssl:
Installed: 1.1.1f-1ubuntu2.16
Candidate: 1.1.1f-1ubuntu2.16
Version table:
*** 1.1.1f-1ubuntu2.16 500
500 http://co.archive.ubuntu.com/ubuntu focal-updates/main amd64
Packages
500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages
100 /var/lib/dpkg/status
1.1.1f-1ubuntu2 500
500 http://co.archive.ubuntu.com/ubuntu focal/main amd64 Packages
Full console session (on an armhf chroot, arm64 host arch):
root@ubuntuarm:~# openssl rehash -n -v /etc/ssl/certs
Doing /etc/ssl/certs
root@ubuntuarm:~# openssl version -a
OpenSSL 1.1.1f 31 Mar 2020
built on: Mon Apr 20 11:53:50 2020 UTC
platform: debian-armhf
options: bn(64,32) rc4(char) des(long) blowfish(ptr)
compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2
-fdebug-prefix-map=/build/openssl-uC90dH/openssl-1.1.1f=.
-fstack-protector-strong -Wformat -Werror=format-security
-DOPENSSL_TLS_SECURITY_LEVEL=2 -DOPENSSL_USE_NODELETE -DOPENSSL_PIC
-DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM
-DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM
-DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/arm-linux-gnueabihf/engines-1.1"
Seeding source: os-specifi
root@ubuntuarm:~# uname -a
Linux ubuntuarm 5.4.0-117-generic #132-Ubuntu SMP Thu Jun 2 00:39:06 UTC 2022
armv7l armv7l armv7l GNU/Linux
** Affects: openssl (Ubuntu)
Importance: Undecided
Status: New
** Tags: armhf chroot rehash
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1981362
Title:
rehash command not working on armhf architecture inside chroot
Status in openssl package in Ubuntu:
New
Bug description:
Hi, I found a possible bug in the `openssl rehash` command: it won't
do anything while running inside a armhf chroot with an amd64 host
architecture.
How to reproduce (confirmed on focal and hirsute):
1. Build a armhf chroot environment: `debootstrap --arch armhf --foreign
focal <dir>`
2. Go inside chroot (using systemd-nspawn): `systemd-nspawn -D <dir>`
3. Complete debootstrap second stage: `/debootstrap/debootstrap
--second-stage`
4. Run rehash in system certs dir: `openssl rehash -n -v /etc/ssl/certs`
5. Rehash shows nothing was done
```
root@ubuntuarm:~# openssl rehash -n -v /etc/ssl/certs
Doing /etc/ssl/certs
root@ubuntuarm:~#
```
In jammy there is no problem (openssl 3.0.2).
$ lsb_release -rd
Description: Ubuntu 20.04.4 LTS
Release: 20.04
$ apt-cache policy openssl
openssl:
Installed: 1.1.1f-1ubuntu2.16
Candidate: 1.1.1f-1ubuntu2.16
Version table:
*** 1.1.1f-1ubuntu2.16 500
500 http://co.archive.ubuntu.com/ubuntu focal-updates/main amd64
Packages
500 http://security.ubuntu.com/ubuntu focal-security/main amd64
Packages
100 /var/lib/dpkg/status
1.1.1f-1ubuntu2 500
500 http://co.archive.ubuntu.com/ubuntu focal/main amd64 Packages
Full console session (on an armhf chroot, arm64 host arch):
root@ubuntuarm:~# openssl rehash -n -v /etc/ssl/certs
Doing /etc/ssl/certs
root@ubuntuarm:~# openssl version -a
OpenSSL 1.1.1f 31 Mar 2020
built on: Mon Apr 20 11:53:50 2020 UTC
platform: debian-armhf
options: bn(64,32) rc4(char) des(long) blowfish(ptr)
compiler: gcc -fPIC -pthread -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2
-fdebug-prefix-map=/build/openssl-uC90dH/openssl-1.1.1f=.
-fstack-protector-strong -Wformat -Werror=format-security
-DOPENSSL_TLS_SECURITY_LEVEL=2 -DOPENSSL_USE_NODELETE -DOPENSSL_PIC
-DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM
-DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM
-DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/arm-linux-gnueabihf/engines-1.1"
Seeding source: os-specifi
root@ubuntuarm:~# uname -a
Linux ubuntuarm 5.4.0-117-generic #132-Ubuntu SMP Thu Jun 2 00:39:06 UTC 2022
armv7l armv7l armv7l GNU/Linux
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1981362/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
