** Tags removed: server-next
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1698758
Title:
Encrypted password causes segmentation fault
To manage notifications about this bug go to:
This bug was fixed in the package libapache2-mod-auth-pgsql -
2.0.3-6.1ubuntu0.16.04.1
---
libapache2-mod-auth-pgsql (2.0.3-6.1ubuntu0.16.04.1) xenial; urgency=medium
* d/p/crypt-check-null-1698758.patch: check for a NULL return from crypt(3)
(LP: #1698758)
-- Andreas
This bug was fixed in the package libapache2-mod-auth-pgsql -
2.0.3-6ubuntu0.1
---
libapache2-mod-auth-pgsql (2.0.3-6ubuntu0.1) trusty; urgency=medium
* d/p/fixdoublefree.patch: set freed pointers to NULL before subsequent
checks against NULL. (LP: #1272857)
*
This bug was fixed in the package libapache2-mod-auth-pgsql -
2.0.3-6.1ubuntu0.17.04.1
---
libapache2-mod-auth-pgsql (2.0.3-6.1ubuntu0.17.04.1) zesty; urgency=medium
* d/p/crypt-check-null-1698758.patch: check for a NULL return from crypt(3)
(LP: #1698758)
-- Andreas Hasenack
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1698758
Title:
Encrypted password causes segmentation fault
To manage
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libapache2-mod-auth-pgsql in Ubuntu.
https://bugs.launchpad.net/bugs/1698758
Title:
Encrypted password causes
Trusty verification
Crash confirmed with libapache2-mod-auth-pgsql 2.0.3-6. Curiously, with more
than just the "ubuntu-invalidhash" user:
ubuntu@trust-mod-auth-pgsql-crypt-segfault-1698758:~$ for u in
ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 ubuntu-des; do echo
-n "Testing
Trusty verification
Crash confirmed with libapache2-mod-auth-pgsql 2.0.3-6. Curiously, with more
than just the "ubuntu-invalidhash" user:
ubuntu@trust-mod-auth-pgsql-crypt-segfault-1698758:~$ for u in
ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 ubuntu-des; do echo
-n "Testing
Xenial verification:
Crash confirmed with libapache2-mod-auth-pgsql 2.0.3-6.1:
ubuntu@xenial-mod-auth-pgsql-crypt-segfault-1698758:~$ for u in
ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 ubuntu-des; do echo
-n "Testing $u... "; curl -f http://$u:secret@localhost/ -o /dev/null -s;
Zesty verification
Crash reproduced with libapache2-mod-auth-pgsql 2.0.3-6.1:
ubuntu@zesty-mod-auth-pgsql-crypt-segfault-1698758:~$ for u in
ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 ubuntu-des; do echo
-n "Testing $u... "; curl -f http://$u:secret@localhost/ -o /dev/null -s;
Xenial verification:
Crash confirmed with libapache2-mod-auth-pgsql 2.0.3-6.1:
ubuntu@xenial-mod-auth-pgsql-crypt-segfault-1698758:~$ for u in
ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 ubuntu-des; do echo
-n "Testing $u... "; curl -f http://$u:secret@localhost/ -o /dev/null -s;
Zesty verification
Crash reproduced with libapache2-mod-auth-pgsql 2.0.3-6.1:
ubuntu@zesty-mod-auth-pgsql-crypt-segfault-1698758:~$ for u in
ubuntu-invalidhash ubuntu-md5 ubuntu-sha256 ubuntu-sha512 ubuntu-des; do echo
-n "Testing $u... "; curl -f http://$u:secret@localhost/ -o /dev/null -s;
Hello John, or anyone else affected,
Accepted libapache2-mod-auth-pgsql into xenial-proposed. The package
will build now and be available at
https://launchpad.net/ubuntu/+source/libapache2-mod-auth-
pgsql/2.0.3-6.1ubuntu0.16.04.1 in a few hours, and then in the -proposed
repository.
Please help
** Description changed:
[Impact]
The libapache2-mod-auth-pgsql module will cause a segfault error in apache if
its encrypted support is enabled ("Auth_PG_encrypted on") and a hash format not
supported by crypt(3) is used.
Since this is an apache module, users might be tempted to use
** Description changed:
[Impact]
The libapache2-mod-auth-pgsql module will cause a segfault error in apache if
its encrypted support is enabled ("Auth_PG_encrypted on") and a hash format not
supported by crypt(3) is used.
Since this is an apache module, users might be tempted to use
** Description changed:
[Impact]
* An explanation of the effects of the bug on users and
* justification for backporting the fix to the stable release.
* In addition, it is helpful, but not required, to include an
explanation of how the upload fixes this bug.
[Test
** Description changed:
[Impact]
* An explanation of the effects of the bug on users and
* justification for backporting the fix to the stable release.
* In addition, it is helpful, but not required, to include an
explanation of how the upload fixes this bug.
[Test
** Description changed:
[Impact]
* An explanation of the effects of the bug on users and
* justification for backporting the fix to the stable release.
* In addition, it is helpful, but not required, to include an
explanation of how the upload fixes this bug.
[Test
** Description changed:
[Impact]
* An explanation of the effects of the bug on users and
* justification for backporting the fix to the stable release.
* In addition, it is helpful, but not required, to include an
explanation of how the upload fixes this bug.
[Test
** Description changed:
[Impact]
* An explanation of the effects of the bug on users and
* justification for backporting the fix to the stable release.
* In addition, it is helpful, but not required, to include an
explanation of how the upload fixes this bug.
[Test
** Description changed:
[Impact]
* An explanation of the effects of the bug on users and
* justification for backporting the fix to the stable release.
* In addition, it is helpful, but not required, to include an
explanation of how the upload fixes this bug.
[Test
test users
** Description changed:
- I have configured a .htaccess to use libapache2-mod-auth-pgsql to
- authenticate a user against a postgres database. The settings are as
- follows:
+ [Impact]
+ * An explanation of the effects of the bug on users and
+
+ * justification for backporting
test users
** Description changed:
- I have configured a .htaccess to use libapache2-mod-auth-pgsql to
- authenticate a user against a postgres database. The settings are as
- follows:
+ [Impact]
+ * An explanation of the effects of the bug on users and
+
+ * justification for backporting
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/libapache2-mod-auth-pgsql/+git/libapache2-mod-auth-pgsql/+merge/327729
** Merge proposal linked:
** Changed in: libapache2-mod-auth-pgsql (Ubuntu Trusty)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: libapache2-mod-auth-pgsql (Ubuntu Xenial)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: libapache2-mod-auth-pgsql (Ubuntu Zesty)
** Changed in: libapache2-mod-auth-pgsql (Ubuntu Trusty)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: libapache2-mod-auth-pgsql (Ubuntu Xenial)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: libapache2-mod-auth-pgsql (Ubuntu Zesty)
** Also affects: libapache2-mod-auth-pgsql (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: libapache2-mod-auth-pgsql (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: libapache2-mod-auth-pgsql (Ubuntu Zesty)
Importance: Undecided
Sorry, I need to rework that debdiff to get the same patch that is
already applied in the other ubuntu releases. I had updated the dep3
header.
** Patch removed: "trusty-libapache2-mod-auth-pgsql.debdiff"
Sorry, I need to rework that debdiff to get the same patch that is
already applied in the other ubuntu releases. I had updated the dep3
header.
** Patch removed: "trusty-libapache2-mod-auth-pgsql.debdiff"
debdiff for trusty
** Patch added: "trusty-libapache2-mod-auth-pgsql.debdiff"
https://bugs.launchpad.net/ubuntu/+source/libapache2-mod-auth-pgsql/+bug/1698758/+attachment/4917187/+files/trusty-libapache2-mod-auth-pgsql.debdiff
--
You received this bug notification because you are a member
debdiff for trusty
** Patch added: "trusty-libapache2-mod-auth-pgsql.debdiff"
https://bugs.launchpad.net/ubuntu/+source/libapache2-mod-auth-pgsql/+bug/1698758/+attachment/4917187/+files/trusty-libapache2-mod-auth-pgsql.debdiff
--
You received this bug notification because you are a member
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/libapache2-mod-auth-pgsql/+git/libapache2-mod-auth-pgsql/+merge/327657
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This bug was fixed in the package libapache2-mod-auth-pgsql -
2.0.3-6.1ubuntu1
---
libapache2-mod-auth-pgsql (2.0.3-6.1ubuntu1) artful; urgency=medium
* d/p/crypt-check-null-1698758.patch: check for a NULL return from crypt(3)
(LP: #1698758)
-- Andreas Hasenack
Here is a debdiff for artful
** Patch added: "artful-mod-auth-pgsql-null-check-1698758.debdiff"
https://bugs.launchpad.net/ubuntu/+source/libapache2-mod-auth-pgsql/+bug/1698758/+attachment/4914083/+files/artful-mod-auth-pgsql-null-check-1698758.debdiff
--
You received this bug notification
** Changed in: libapache2-mod-auth-pgsql (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1698758
Title:
Encrypted password causes segmentation
Here is a debdiff for artful
** Patch added: "artful-mod-auth-pgsql-null-check-1698758.debdiff"
https://bugs.launchpad.net/ubuntu/+source/libapache2-mod-auth-pgsql/+bug/1698758/+attachment/4914083/+files/artful-mod-auth-pgsql-null-check-1698758.debdiff
--
You received this bug notification
** Changed in: libapache2-mod-auth-pgsql (Debian)
Status: Unknown => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1698758
Title:
Encrypted password causes segmentation fault
To manage
** Bug watch added: Debian Bug tracker #865553
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865553
** Also affects: libapache2-mod-auth-pgsql (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865553
Importance: Unknown
Status: Unknown
--
You received this bug
** Bug watch added: Debian Bug tracker #865553
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865553
** Also affects: libapache2-mod-auth-pgsql (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865553
Importance: Unknown
Status: Unknown
--
You received this bug
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/libapache2-mod-auth-pgsql/+git/libapache2-mod-auth-pgsql/+merge/326173
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
One can use mkpasswd(1) from the "whois" package (!) to generate these hashes
supported by crypt(3):
$ mkpasswd -5 secret
$1$0UiJQbpc$QoJQqJIT1DCHtQYGwJHZh0
$ mkpasswd -m sha-256 secret
$5$.oyALiVLtCvfBa$cvNlH7IxsirDkBN/vIvHB54p0MPwqxSyiulqnYVMxt/
$ mkpasswd -m sha-512 secret
One can use mkpasswd(1) from the "whois" package (!) to generate these hashes
supported by crypt(3):
$ mkpasswd -5 secret
$1$0UiJQbpc$QoJQqJIT1DCHtQYGwJHZh0
$ mkpasswd -m sha-256 secret
$5$.oyALiVLtCvfBa$cvNlH7IxsirDkBN/vIvHB54p0MPwqxSyiulqnYVMxt/
$ mkpasswd -m sha-512 secret
Ok, got a better hang of it. crypt(3) can indeed be used like that, but the
code needs to check for it returning NULL in the case of errors:
diff --git a/mod_auth_pgsql.c b/mod_auth_pgsql.c
index 0a16e05..4f80917 100644
--- a/mod_auth_pgsql.c
+++ b/mod_auth_pgsql.c
@@ -868,6 +868,12 @@ static
Ok, got a better hang of it. crypt(3) can indeed be used like that, but the
code needs to check for it returning NULL in the case of errors:
diff --git a/mod_auth_pgsql.c b/mod_auth_pgsql.c
index 0a16e05..4f80917 100644
--- a/mod_auth_pgsql.c
+++ b/mod_auth_pgsql.c
@@ -868,6 +868,12 @@ static
It's segfaulting because of this odd usage of crypt(3):
sent_pw = (char *) crypt(sent_pw, real_pw);
That returns NULL, because in the SHA case the real_pw contains the {
character which is invalid for the second parameter which is meant to be
the salt.
Later on strcmp is
It's segfaulting because of this odd usage of crypt(3):
sent_pw = (char *) crypt(sent_pw, real_pw);
That returns NULL, because in the SHA case the real_pw contains the {
character which is invalid for the second parameter which is meant to be
the salt.
Later on strcmp is
** Changed in: apache2 (Ubuntu)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: apache2 (Ubuntu)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
** Changed in: apache2 (Ubuntu)
Assignee: (unassigned) => Andreas Hasenack (ahasenack)
** Changed in: apache2 (Ubuntu)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Confirmed in my xenial testing:
==> /var/log/apache2/error.log <==
[Tue Jun 20 18:44:20.612899 2017] [core:notice] [pid 7038:tid 140431534086016]
AH00051: child pid 7041 exit signal Segmentation fault (11), possible coredump
in /etc/apache2
** Changed in: apache2 (Ubuntu)
Importance:
Confirmed in my xenial testing:
==> /var/log/apache2/error.log <==
[Tue Jun 20 18:44:20.612899 2017] [core:notice] [pid 7038:tid 140431534086016]
AH00051: child pid 7041 exit signal Segmentation fault (11), possible coredump
in /etc/apache2
** Changed in: apache2 (Ubuntu)
Importance:
50 matches
Mail list logo
