Bug 1165047

Summary: gnutls 3.3.x has issues with programs that close all their file descriptors on startup
Product: Red Hat Enterprise Linux 7 Reporter: Nikos Mavrogiannopoulos <nmavrogi>
Component: gnutlsAssignee: Nikos Mavrogiannopoulos <nmavrogi>
Status: CLOSED ERRATA QA Contact: Stanislav Zidek <szidek>
Severity: high Docs Contact:
Priority: high    
Version: 7.1CC: jenifer.golmitz, ksrot, lmiksik, pvrabec, szidek
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: gnutls-3.3.8-11.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-05 07:06:46 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1110696, 1163882    

Description Nikos Mavrogiannopoulos 2014-11-18 08:23:30 UTC 
Description of problem:

gnutls 3.3.0 and later initialize the library on a constructor, i.e., prior to any program functionality has started. That is a FIPS140 requirement, but unfortunately has a dangerous side-effect. Applications which close all open file descriptors on their start up time, also close gnutls' fd for /dev/urandom. That causes random aborts of the library or even more dangerously, randomness being read from an unknown file. The bug was reported for cups and in debian:

https://cups.org/str.php?L4484
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768841
Comment 6 Stanislav Zidek 2014-12-02 09:54:37 UTC 
There seems to be a regression here:

# GNUTLS_DEBUG_LEVEL=99 gnutls-cli localhost
gnutls[2]: Enabled GnuTLS logging...
gnutls[2]: FIPS140-2 mode enabled
gnutls[2]: FIPS140-2 mode: 1
gnutls[2]: AES-128-CBC self check succeeded
gnutls[2]: 3DES-CBC self check succeeded
gnutls[2]: AES-256-GCM self check succeeded
gnutls[2]: MAC-SHA1 self check succeeded
gnutls[2]: MAC-SHA224 self check succeeded
gnutls[2]: MAC-SHA256 self check succeeded
gnutls[2]: MAC-SHA384 self check succeeded
gnutls[2]: MAC-SHA512 self check succeeded
gnutls[3]: ASSERT: pk.c:717
gnutls[3]: ASSERT: gnutls_pubkey.c:1959
gnutls[3]: ASSERT: gnutls_pubkey.c:1569
gnutls[2]: RSA-2048-known-sig self test succeeded
gnutls[3]: ASSERT: x509_b64.c:299
gnutls[9]: Could not find '-----BEGIN RSA PRIVATE KEY'
gnutls[3]: ASSERT: pk.c:685
gnutls[3]: ASSERT: gnutls_pubkey.c:1970
gnutls[3]: ASSERT: gnutls_pubkey.c:1569
gnutls[2]: DSA-2048-known-sig self test succeeded
gnutls[2]: ECDH self test succeeded
gnutls[2]: DH self test succeeded
gnutls[2]: DRBG-AES self test succeeded
gnutls[2]: Loading: /lib64/libgnutls.so.28
gnutls[2]: Successfully verified library MAC for libgnutls.so.28
gnutls[2]: Loading: /lib64/libnettle.so.4
gnutls[2]: Successfully verified library MAC for libnettle.so.4
gnutls[2]: Loading: /lib64/libhogweed.so.2
gnutls[2]: Successfully verified library MAC for libhogweed.so.2
gnutls[2]: Loading: /lib64/libgmp.so.10
gnutls[2]: Could not open /lib64/.libgmp.so.10.hmac for MAC testing: Error while reading file.
gnutls[2]: Successfully verified library MAC for libgmp.so.10
Segmentation fault

Valgrind output:
==9881== Jump to the invalid address stated on the next line
==9881==    at 0x0: ???
==9881==    by 0x4E7838F: gnutls_global_init (random.h:53)
==9881==    by 0x4066EC: main (cli.c:1062)
==9881==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==9881== 
==9881== 
==9881== Process terminating with default action of signal 11 (SIGSEGV)
==9881==  Bad permissions for mapped region at address 0x0
==9881==    at 0x0: ???
==9881==    by 0x4E7838F: gnutls_global_init (random.h:53)
==9881==    by 0x4066EC: main (cli.c:1062)
==9881== 
==9881== HEAP SUMMARY:
==9881==     in use at exit: 81,980 bytes in 676 blocks
==9881==   total heap usage: 3,838 allocs, 3,162 frees, 2,719,488 bytes allocated
==9881== 
==9881== LEAK SUMMARY:
==9881==    definitely lost: 0 bytes in 0 blocks
==9881==    indirectly lost: 0 bytes in 0 blocks
==9881==      possibly lost: 0 bytes in 0 blocks
==9881==    still reachable: 81,980 bytes in 676 blocks
==9881==         suppressed: 0 bytes in 0 blocks
==9881== Rerun with --leak-check=full to see details of leaked memory
==9881== 
==9881== For counts of detected and suppressed errors, rerun with: -v
==9881== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 3 from 3)
Segmentation fault
Comment 7 Stanislav Zidek 2014-12-02 11:05:58 UTC 
Probably good to note that problems in previous comment happen in FIPS mode..
Comment 13 errata-xmlrpc 2015-03-05 07:06:46 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0315.html