Bug 1624323
| Summary: | gsskex authentication causes segmentation fault | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Daniel Ahlin <dah> | ||||
| Component: | openssh | Assignee: | Jakub Jelen <jjelen> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 28 | CC: | dwalsh, jfch, jjelen, lkundrak, mattias.ellert, plautrba, tmraz | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | openssh-7.8p1-2.fc28 openssh-7.8p1-2.fc29 | Doc Type: | If docs needed, set a value | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2018-09-11 16:52:23 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Thank you very much for the bug report and a patch. Indeed, this was a case I missed somehow. I will update OpenSSH today to unbreak gssapi key exchange. Hi, Thanks a lot for the very quick response. In the meantime I took a look on the Debian gssapi patch - they handle the error with fatal - perhaps a good idea - see https://sources.debian.org/src/openssh/1:7.8p1-1/debian/patches/gssapi.patch/ There is also an issue with rekeying still present in the fedora sources - I'll post a separate bug report and patch about that - possibly you would want to wait for this one before updating the package. That is exactly what I did in my patch. Thank you. I will have a look into the other. openssh-7.8p1-2.fc29 has been submitted as an update to Fedora 29. https://bodhi.fedoraproject.org/updates/FEDORA-2018-50a6d79d8e openssh-7.8p1-2.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-9effcf1f69 openssh-7.8p1-2.fc29 has been pushed to the Fedora 29 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-50a6d79d8e openssh-7.8p1-2.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-9effcf1f69 (In reply to Fedora Update System from comment #7) > openssh-7.8p1-2.fc28 has been pushed to the Fedora 28 testing repository. If > problems still persist, please make note of it in this bug report. > See https://fedoraproject.org/wiki/QA:Updates_Testing for > instructions on how to install test updates. > You can provide feedback for this update here: > https://bodhi.fedoraproject.org/updates/FEDORA-2018-9effcf1f69 The package in testing seems to work. openssh-7.8p1-2.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report. openssh-7.8p1-2.fc29 has been pushed to the Fedora 29 stable repository. If problems still persist, please make note of it in this bug report. |
Created attachment 1480046 [details] Fixes to gsskex patch to properly allocate sshbuf before use. Description of problem: The gsskex patch for 7.8p1 which contains an adaptations to changes in sshbuf functionality fails to properly initialize the sshbuf before using it - this causes a segmentation fault at least from the client side (possibly also on the server side but this is not tested). Version-Release number of selected component (if applicable): 7.8p1-1 How reproducible: Always Steps to Reproduce: 1. Try to login using gsskex Actual results: Segmentation fault at sshbuf.c:173 Expected results: Successful login Additional info: Patch attached - this works by properly allocating the sshbuf before using it. However the patch does not properly report failure to allocate the buf (I'm not familiar enough with how such an error should be handled in that context).