** Attachment added: "gpgme-config" https://bugs.launchpad.net/ubuntu/+source/fwknop/+bug/2131672/+attachment/5927503/+files/gpgme-config
** Description changed: Ubuntu 24.04.3 LTS Release 24.04 Architecture amd64 fwknop-client 2.6.10-20.2build3 CONFIGURATION ============= My .fwknoprc file has two configurations: one using Rijndael encryption - and another using GPG encryption. See below the contents of .fwknoprc. + and another using GPG encryption. See attachement for the contents of + .fwknoprc. OBSERVED BEHAVIOUR ================== When using Rijndael encryption, fwknop terminates successfully. The SPA packet is received by the server. When using GPG encryption, fwknop terminates as follows, before I get a chance to enter the passphrase for the gpg key. No SPA packet is received by the server (obviously). ubuntu@tstnoble:~$ fwknop -v -n spa_with_gnupg [+] Resolved external IP (via '/usr/bin/wget -U Fwknop/2.6.10 --secure-protocol=auto --quiet -O - https://www.cipherdyne.org/cgi-bin/myip') as: xxx.xxx.xxx.xxx [+] GPG mode set, signing passphrase acquired via gpg-agent *** buffer overflow detected ***: terminated Aborted (core dumped) EXPECTED BEHAVIOUR ================== I expect fwknop to terminate successfully after sending an SPA packet encrypted with GPG. ADDITIONAL INFORMATION ====================== Tested with official packages from Ubuntu: - fwknop-client 2.6.10-20.2build3 - gpg 2.4.4-2ubuntu17.3 - gpg-agent 2.4.4-2ubuntu17.3 - libgpgme11t64:amd64 1.18.0-4.1ubuntu4 + fwknop-client 2.6.10-20.2build3 + gpg 2.4.4-2ubuntu17.3 + gpg-agent 2.4.4-2ubuntu17.3 + libgpgme11t64:amd64 1.18.0-4.1ubuntu4 RESULTS: see above. ALSO TESTED on same system with current packages from https://repos.gnupg.org/deb/gnupg/noble/: - gpg 2.4.8-2 - gpg-agent 2.4.8-2 - libgpgme11t64:amd64 1.24.3-2 + gpg 2.4.8-2 + gpg-agent 2.4.8-2 + libgpgme11t64:amd64 1.24.3-2 RESULTS: same result as above: fwknop fails with buffer overflow ALSO TESTED on Debian 12 Bookworm with the following (official) packages: - fwknop-client 2.6.10-16 - gpg 2.2.40-1.1+deb12u1 - gpg-agent 2.2.40-1.1+deb12u1 - libgpgme11:amd64 1.18.0-3+b1 + fwknop-client 2.6.10-16 + gpg 2.2.40-1.1+deb12u1 + gpg-agent 2.2.40-1.1+deb12u1 + libgpgme11:amd64 1.18.0-3+b1 RESULTS: On Debian Bookworm, fwknop works as expected. - - CONTENTS OF CONFIGURATION FILE - ============================== - $ cat .fwknoprc - [default] - USE_HMAC Y - HMAC_KEY_BASE64 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - ACCESS tcp/22 - ALLOW_IP resolve - RESOLVE_IP_HTTPS Y - - [spa_with_rijndael] - SPA_SERVER xxx.xxx.xxx.xxx - SPA_SERVER_PORT 63772 - SPA_SERVER_PROTO udp - KEY_BASE64 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - - [spa_with_gnupg] - SPA_SERVER xxx.xxx.xxx.xxx - SPA_SERVER_PORT 63772 - SPA_SERVER_PROTO udp - USE_GPG Y - USE_GPG_AGENT Y - GPG_HOMEDIR /home/ubuntu/.gnupg - GPG_EXE /usr/bin/gpg - # gpg key of client - rsa2048 - GPG_SIGNER 558708C6BF84459E - # gpg key of server - rsa2048 - GPG_RECIPIENT 6AF5CDD31C2DA406 - #--EOF-- - DEBUG INFORMATION ================= - - ubuntu@tstnoble:~$ sudo apt install gdb - ... - ubuntu@tstnoble:~$ gdb --args fwknop -v -n spa_with_gnupg - ... - (gdb) run - Starting program: /usr/bin/fwknop -v -n spa_with_gnupg - [Thread debugging using libthread_db enabled] - Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". - [Detaching after fork from child process 1838] - - [+] Resolved external IP (via '/usr/bin/wget -U Fwknop/2.6.10 --secure-protocol=auto --quiet -O - https://www.cipherdyne.org/cgi-bin/myip') as: xxx.xxx.xxx.xxx - [Detaching after fork from child process 1839] - [Detaching after fork from child process 1841] - [Detaching after fork from child process 1843] - [Detaching after fork from child process 1845] - [Detaching after fork from child process 1847] - [Detaching after fork from child process 1849] - [Detaching after fork from child process 1851] - [+] GPG mode set, signing passphrase acquired via gpg-agent - *** buffer overflow detected ***: terminated - - Program received signal SIGABRT, Aborted. - __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44 - warning: 44 ./nptl/pthread_kill.c: No such file or directory - - (gdb) bt - #0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44 - #1 __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78 - #2 __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at ./nptl/pthread_kill.c:89 - #3 0x00007ffff7c4527e in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 - #4 0x00007ffff7c288ff in __GI_abort () at ./stdlib/abort.c:79 - #5 0x00007ffff7c297b6 in __libc_message_impl (fmt=fmt@entry=0x7ffff7dce765 "*** %s ***: terminated\n") at ../sysdeps/posix/libc_fatal.c:134 - #6 0x00007ffff7d36c49 in __GI___fortify_fail (msg=msg@entry=0x7ffff7dce74c "buffer overflow detected") at ./debug/fortify_fail.c:24 - #7 0x00007ffff7d36604 in __GI___chk_fail () at ./debug/chk_fail.c:28 - #8 0x00007ffff7d37de5 in ___snprintf_chk (s=<optimized out>, maxlen=<optimized out>, flag=<optimized out>, slen=<optimized out>, format=<optimized out>) at ./debug/snprintf_chk.c:29 - #9 0x00007ffff7faaf29 in fko_encrypt_spa_data () from /lib/x86_64-linux-gnu/libfko.so.3 - #10 0x00007ffff7faec6b in fko_spa_data_final () from /lib/x86_64-linux-gnu/libfko.so.3 - #11 0x0000555555558ccc in ?? () - #12 0x00007ffff7c2a1ca in __libc_start_call_main (main=main@entry=0x5555555580a0, argc=argc@entry=4, argv=argv@entry=0x7fffffffe9b8) at ../sysdeps/nptl/libc_start_call_main.h:58 - #13 0x00007ffff7c2a28b in __libc_start_main_impl (main=0x5555555580a0, argc=4, argv=0x7fffffffe9b8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe9a8) at ../csu/libc-start.c:360 - #14 0x000055555555a7e5 in ?? () - (gdb) + See attachement below ** Description changed: Ubuntu 24.04.3 LTS Release 24.04 Architecture amd64 fwknop-client 2.6.10-20.2build3 CONFIGURATION ============= My .fwknoprc file has two configurations: one using Rijndael encryption - and another using GPG encryption. See attachement for the contents of + and another using GPG encryption. See attachment for the contents of .fwknoprc. OBSERVED BEHAVIOUR ================== When using Rijndael encryption, fwknop terminates successfully. The SPA packet is received by the server. When using GPG encryption, fwknop terminates as follows, before I get a chance to enter the passphrase for the gpg key. No SPA packet is received by the server (obviously). ubuntu@tstnoble:~$ fwknop -v -n spa_with_gnupg [+] Resolved external IP (via '/usr/bin/wget -U Fwknop/2.6.10 --secure-protocol=auto --quiet -O - https://www.cipherdyne.org/cgi-bin/myip') as: xxx.xxx.xxx.xxx [+] GPG mode set, signing passphrase acquired via gpg-agent *** buffer overflow detected ***: terminated Aborted (core dumped) EXPECTED BEHAVIOUR ================== I expect fwknop to terminate successfully after sending an SPA packet encrypted with GPG. ADDITIONAL INFORMATION ====================== Tested with official packages from Ubuntu: fwknop-client 2.6.10-20.2build3 gpg 2.4.4-2ubuntu17.3 gpg-agent 2.4.4-2ubuntu17.3 libgpgme11t64:amd64 1.18.0-4.1ubuntu4 RESULTS: see above. ALSO TESTED on same system with current packages from https://repos.gnupg.org/deb/gnupg/noble/: gpg 2.4.8-2 gpg-agent 2.4.8-2 libgpgme11t64:amd64 1.24.3-2 RESULTS: same result as above: fwknop fails with buffer overflow ALSO TESTED on Debian 12 Bookworm with the following (official) packages: fwknop-client 2.6.10-16 gpg 2.2.40-1.1+deb12u1 gpg-agent 2.2.40-1.1+deb12u1 libgpgme11:amd64 1.18.0-3+b1 RESULTS: On Debian Bookworm, fwknop works as expected. DEBUG INFORMATION ================= - See attachement below + See attachment below: gdb-output.txt ** Description changed: Ubuntu 24.04.3 LTS Release 24.04 Architecture amd64 fwknop-client 2.6.10-20.2build3 CONFIGURATION ============= My .fwknoprc file has two configurations: one using Rijndael encryption and another using GPG encryption. See attachment for the contents of .fwknoprc. OBSERVED BEHAVIOUR ================== When using Rijndael encryption, fwknop terminates successfully. The SPA packet is received by the server. - When using GPG encryption, fwknop terminates as follows, before I get a - chance to enter the passphrase for the gpg key. No SPA packet is + When using GPG encryption, fwknop fails with a buffer overflow (before I + get a chance to enter the passphrase for the gpg key). No SPA packet is received by the server (obviously). ubuntu@tstnoble:~$ fwknop -v -n spa_with_gnupg [+] Resolved external IP (via '/usr/bin/wget -U Fwknop/2.6.10 --secure-protocol=auto --quiet -O - https://www.cipherdyne.org/cgi-bin/myip') as: xxx.xxx.xxx.xxx [+] GPG mode set, signing passphrase acquired via gpg-agent *** buffer overflow detected ***: terminated Aborted (core dumped) EXPECTED BEHAVIOUR ================== I expect fwknop to terminate successfully after sending an SPA packet encrypted with GPG. ADDITIONAL INFORMATION ====================== Tested with official packages from Ubuntu: fwknop-client 2.6.10-20.2build3 gpg 2.4.4-2ubuntu17.3 gpg-agent 2.4.4-2ubuntu17.3 libgpgme11t64:amd64 1.18.0-4.1ubuntu4 RESULTS: see above. ALSO TESTED on same system with current packages from https://repos.gnupg.org/deb/gnupg/noble/: gpg 2.4.8-2 gpg-agent 2.4.8-2 libgpgme11t64:amd64 1.24.3-2 RESULTS: same result as above: fwknop fails with buffer overflow ALSO TESTED on Debian 12 Bookworm with the following (official) packages: fwknop-client 2.6.10-16 gpg 2.2.40-1.1+deb12u1 gpg-agent 2.2.40-1.1+deb12u1 libgpgme11:amd64 1.18.0-3+b1 RESULTS: On Debian Bookworm, fwknop works as expected. DEBUG INFORMATION ================= See attachment below: gdb-output.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2131672 Title: fwknop-client: buffer overflow when using GPG encryption To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/fwknop/+bug/2131672/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
