Bug 2107240

Summary:	FIPS breaks pdftopdf and bannertopdf
Product:	[Fedora] Fedora	Reporter:	Zdenek Dohnal <zdohnal>
Component:	qpdf	Assignee:	Zdenek Dohnal <zdohnal>
Status:	CLOSED ERRATA	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	unspecified	Docs Contact:
Priority:	unspecified
Version:	rawhide	CC:	twaugh, zdohnal
Target Milestone:	---
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:	qpdf-10.6.3-2.fc36 qpdf-10.3.2-3.fc35	Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2022-07-21 16:39:41 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Zdenek Dohnal 2022-07-14 14:52:06 UTC

This bug was initially created as a copy of Bug #2106940

I am copying this bug because: 



Description of problem:

  When FIPS mode is enabled, printing breaks.
  The pdftopdf and bannertopdf filters use QPDFWriter, which
  results in a call to 

    gnutls_hash_init(&this->hash_ctx, GNUTLS_DIG_MD5)

  which fails because FIPS doesn't allow MD5.

  Not sure if this is something that needs to be addressed
  in pdftopdf/bannertopdf (cups-filters) or libqpdf (qpdf).
  I thought I'd file the bug against cups-filters and it
  can be moved if needed.
  
Version-Release number of selected component (if applicable):

  cups-filters-1.28.7-10.el9.x86_64
  qpdf-libs-10.3.1-4.el9.x86_64

How reproducible:

  100%

Steps to Reproduce:

  1. fips-mode-setup --enable
  2. /usr/lib/cups/filter/pdftopdf 1 user title 1 "" /usr/share/cups/data/default-testpage.pdf > /dev/null
  3. /usr/lib/cups/filter/bannertopdf 1 user title 1 "" /usr/share/cups/data/testprint > /dev/null

Actual results:

  # /usr/lib/cups/filter/pdftopdf 1 user title 1 "" /usr/share/cups/data/default-testpage.pdf > /dev/null
  DEBUG: pdftopdf: No PPD file specified, could not determine whether to log pages or not, so turned off page logging. 
  DEBUG: PDF interactive form and annotation flattening done via QPDF
  ERROR: Exception: gnutls: MD5 error: An algorithm that is not enabled was negotiated.

  #  /usr/lib/cups/filter/bannertopdf 1 user title 1 "" /usr/share/cups/data/testprint > /dev/null
  DEBUG: Could not open PPD file '(null)'
  DEBUG: PDF template file doesn't have form. It's okay.
  terminate called after throwing an instance of 'std::runtime_error'
    what():  gnutls: MD5 error: An algorithm that is not enabled was negotiated.
  Aborted (core dumped)

Expected results:

  No errors.
  Printing with FIPS enabled should work

Additional info:

  Some backtraces:

  [root@sf03264105 ~]# gdb /usr/lib/cups/filter/bannertopdf 
  (gdb) set args 1 user title 1 '' /usr/share/cups/data/testprint
  (gdb) run
  Starting program: /usr/lib/cups/filter/bannertopdf 1 user title 1 '' /usr/share/cups/data/testprint

  Program received signal SIGABRT, Aborted.
  0x00007ffff79fb42c in __pthread_kill_implementation () from /lib64/libc.so.6
  (gdb) bt
  #0  0x00007ffff79fb42c in __pthread_kill_implementation () from /lib64/libc.so.6
  #1  0x00007ffff79aed06 in raise () from /lib64/libc.so.6
  #2  0x00007ffff79817d3 in abort () from /lib64/libc.so.6
  #3  0x00007ffff7c1ba01 in __gnu_cxx::__verbose_terminate_handler() [clone .cold] () from /lib64/libstdc++.so.6
  #4  0x00007ffff7c2735c in __cxxabiv1::__terminate(void (*)()) () from /lib64/libstdc++.so.6
  #5  0x00007ffff7c273c7 in std::terminate() () from /lib64/libstdc++.so.6
  #6  0x00007ffff7c27669 in __cxa_throw () from /lib64/libstdc++.so.6
  #7  0x00007ffff7debcf4 in QPDFCrypto_gnutls::MD5_init() [clone .cold] () from /lib64/libqpdf.so.28
  #8  0x00007ffff7df42f1 in MD5::MD5() () from /lib64/libqpdf.so.28
  #9  0x00007ffff7e80529 in QPDF::compute_data_key(std::__cxx11::basic_string<char, std::char_traits<char>,
      std::allocator<char> > const&, int, int, bool, int, int) () from /lib64/libqpdf.so.28
  #10 0x00007ffff7e6649d in QPDFWriter::setDataKey(int) () from /lib64/libqpdf.so.28
  #11 0x00007ffff7e6c446 in QPDFWriter::writeObject(QPDFObjectHandle, int) () from /lib64/libqpdf.so.28
  #12 0x00007ffff7e77dba in QPDFWriter::write() () from /lib64/libqpdf.so.28
  #13 0x000055555555cc83 in pdf_write (file=<optimized out>, pdf=0x55555556c640) at filter/pdf.cxx:352
  #14 generate_banner_pdf (banner=<optimized out>, ppd=<optimized out>, jobid=0x7fffffffe1c0 "\001", 
      user=<optimized out>, jobtitle=0x7fffffffe160 "\001SVUUU", noptions=<optimized out>, options=0x7fffffffe3d0)
      at filter/bannertopdf.c:516
  #15 0x000055555555858b in main (argc=<optimized out>, argv=0x7fffffffe538) at filter/bannertopdf.c:563

  [root@sf03264105 ~]# gdb /usr/lib/cups/filter/pdftopdf
  (gdb) set args 1 user title 1 "" /usr/share/cups/data/default-testpage.pdf
  (gdb) break QPDFCrypto_gnutls::MD5_init
  Breakpoint 1 at 0x7ffff7e8ac6a (2 locations)

  (gdb) run
  
  Breakpoint 1, 0x00007ffff7f588c0 in QPDFCrypto_gnutls::MD5_init() () from /lib64/libqpdf.so.28
  (gdb) bt
  #0  0x00007ffff7f588c0 in QPDFCrypto_gnutls::MD5_init() () from /lib64/libqpdf.so.28
  #1  0x00007ffff7e932f1 in MD5::MD5() () from /lib64/libqpdf.so.28
  #2  0x00007ffff7f1f529 in QPDF::compute_data_key(std::__cxx11::basic_string<char, std::char_traits<char>,
      std::allocator<char> > const&, int, int, bool, int, int) () from /lib64/libqpdf.so.28
  #3  0x00007ffff7f0549d in QPDFWriter::setDataKey(int) () from /lib64/libqpdf.so.28
  #4  0x00007ffff7f0b446 in QPDFWriter::writeObject(QPDFObjectHandle, int) () from /lib64/libqpdf.so.28
  #5  0x00007ffff7f16dba in QPDFWriter::write() () from /lib64/libqpdf.so.28
  #6  0x00005555555691e1 in QPDF_PDFTOPDF_Processor::emitFilename (this=<optimized out>, name=<optimized out>)
      at filter/pdftopdf/qpdf_pdftopdf_processor.cc:743
  #7  0x000055555555e23e in main (argc=<optimized out>, argv=<optimized out>) at filter/pdftopdf/pdftopdf.cc:1310

  I think the code that generates the actual error is here in libqpdf/QPDFCrypto_gnutls.cc:

  44 void
  45 QPDFCrypto_gnutls::MD5_init()
  46 {
  47     MD5_finalize();
  48     int code = gnutls_hash_init(&this->hash_ctx, GNUTLS_DIG_MD5);
  49     if (code < 0)
  50     {
  51         this->hash_ctx = nullptr;
  52         throw std::runtime_error(
  53             std::string("gnutls: MD5 error: ") +
  54             std::string(gnutls_strerror(code)));
  55     }
  56 }

Comment 1 Fedora Update System 2022-07-15 06:26:48 UTC

FEDORA-2022-0115eb9737 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-0115eb9737

Comment 2 Fedora Update System 2022-07-15 07:37:02 UTC

FEDORA-2022-e6e930c095 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2022-e6e930c095

Comment 3 Fedora Update System 2022-07-16 01:12:14 UTC

FEDORA-2022-0115eb9737 has been pushed to the Fedora 36 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-0115eb9737`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-0115eb9737

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 4 Fedora Update System 2022-07-16 02:30:28 UTC

FEDORA-2022-e6e930c095 has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2022-e6e930c095`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-e6e930c095

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 5 Fedora Update System 2022-07-21 16:39:41 UTC

FEDORA-2022-0115eb9737 has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 6 Fedora Update System 2022-07-24 01:21:34 UTC

FEDORA-2022-e6e930c095 has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.