Bug 1487003 - vtun - segfault vtun 304-2 ( error 4 in libcrypto.so.1.0.1e[7fa38561c000+1c0000])
Summary: vtun - segfault vtun 304-2 ( error 4 in libcrypto.so.1.0.1e[7fa38561c000+1c00...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: vtun
Version: epel7
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Gabriel Somlo
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-08-31 03:26 UTC by Bishop Clark
Modified: 2017-11-11 02:51 UTC (History)
1 user (show)

Fixed In Version: vtun-3.0.4-4.el7 vtun-3.0.4-4.fc26 vtun-3.0.4-4.fc27 vtun-3.0.4-5.fc26 vtun-3.0.4-5.el7 vtun-3.0.4-5.fc27
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-11-01 00:01:52 UTC
somlo: needinfo+


Attachments (Terms of Use)

Description Bishop Clark 2017-08-31 03:26:44 UTC
Description of problem:
Under the newest vtun package, connections are not completing.  The logs show a segfault:

Aug 31 03:17:54 babylon vtund[4307]: VTUN server ver 3.X 07/31/2017 (inetd)
Aug 31 03:17:54 babylon vtund[s]: authentication[4307]: Session memphis-babylon[xxxxxxxxxxx:40877] opened
Aug 31 03:17:54 babylon vtund[s]: memphis-babylon tun tun0[4307]: Blowfish-128-ECB encryption initialized
Aug 31 03:18:21 babylon kernel: vtund[4307]: segfault at 0 ip 00007fa3857061ca sp 00007ffe7360cc40 error 4 in libcrypto.so.1.0.1e[7fa38561c000+1c0000]

Version-Release number of selected component (if applicable):

Version     : 3.0.4
Release     : 2.el7


How reproducible:

Seemingly accidentally, immediately after update from 304-1 to 304-2
Steps to Reproduce:

memphis-babylon {
    passwd changeme;
    encrypt       yes;     # some blowfish with dinner?
    type tun;
    up {
        ifconfig "%% 10.251.11.7 pointopoint 10.251.11.2 mtu 1450";
    };
}


1.  yum upgrade vtun
2.  wait
3.  cry

Actual results:


Aug 31 03:18:21 babylon kernel: vtund[4307]: segfault at 0 ip 00007fa3857061ca sp 00007ffe7360cc40 error 4 in libcrypto.so.1.0.1e[7fa38561c000+1c0000]

Expected results:



Additional info:

Comment 1 Bishop Clark 2017-08-31 05:56:17 UTC
the segfault appears to occur with the first packet crossing the link -- a ping seems to provoke it on my setup.

Comment 2 Gabriel Somlo 2017-08-31 13:17:16 UTC
I wonder if this is because epel7 still uses openssl 1.0, and I started building vtun with the openssl-1.1 patches everywhere...

Can you try building (or running, if you have x86_64) one of the packages here:

http://www.contrib.andrew.cmu.edu/~somlo/vtun/

and let me know if that helps ?

Thanks,
--G

Comment 3 Bishop Clark 2017-09-02 01:47:03 UTC

Hmm.  Not sure why my reply didn't get all the way through.

-------- Forwarded Message --------
Subject: Re: [Bug 1487003] vtun - segfault vtun 304-2 ( error 4 in libcrypto.so.1.0.1e[ 7fa38561c000+1c0000])
Date: Thu, 31 Aug 2017 22:06:20 -0700
From: bishop <bishop@platypus.bc.ca>
To: bugzilla@redhat.com

It performed well, so far.  I'd call it a qualified win.  Configure.in patching time?  Why wouldn't it fail dependency checking also?

[root@string ~]# rpm -qf /etc/issue
centos-release-7-3.1611.el7.centos.x86_64
[root@string ~]# wget http://www.contrib.andrew.cmu.edu/~somlo/vtun/vtun-3.0.4-2.1.el7.centos.x86_64.rpm
[root@string ~]# yum install vtun-3.0.4-2.1.el7.centos.x86_64.rpm
[root@string ~]# cat > /etc/xinetd.d/vtun # missing; wth?

[root@string ~]# pgrep -f -a -l vtun
740 vtund[c]: string-homer tun tun0
4715 vtund[c]: string-babylon tun tun1
[root@string ~]# pkill -9 -f tun1

[root@string ~]# ping  10.1.1.7  # this would segfault it
PING 10.1.1.7 (10.1.1.7) 56(84) bytes of data.
64 bytes from 10.1.1.7: icmp_seq=1 ttl=64 time=161 ms
64 bytes from 10.1.1.7: icmp_seq=2 ttl=64 time=132 ms
64 bytes from 10.1.1.7: icmp_seq=3 ttl=64 time=108 ms
64 bytes from 10.1.1.7: icmp_seq=4 ttl=64 time=116 ms
64 bytes from 10.1.1.7: icmp_seq=5 ttl=64 time=112 ms
64 bytes from 10.1.1.7: icmp_seq=6 ttl=64 time=119 ms

When did EPEL pull the xinetd profile?

Oh;  and building on a host WITH vtun installed will fail with this spec.  Another time.

Comment 4 Gabriel Somlo 2017-09-02 22:17:48 UTC
What's weird is that it builds for epel7 in the first place *after* the fedora-specific openssl 1.0 patches were applied to the source...

Guess in the long run upstream should handle this via autoconf. In the mean time, I'll try to cut a 3.0.4-3 srpm where the patch is conditionally applied before build only on Fedora, and not on epel7!

Comment 5 Fedora Update System 2017-09-02 22:49:30 UTC
vtun-3.0.4-4.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-62150e0ec8

Comment 6 Fedora Update System 2017-09-02 22:49:52 UTC
vtun-3.0.4-4.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-db64f9f636

Comment 7 Fedora Update System 2017-09-02 22:50:13 UTC
vtun-3.0.4-4.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-bebcf948c9

Comment 8 Fedora Update System 2017-09-03 19:55:50 UTC
vtun-3.0.4-4.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-62150e0ec8

Comment 9 Fedora Update System 2017-09-04 06:19:50 UTC
vtun-3.0.4-4.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-bebcf948c9

Comment 10 Fedora Update System 2017-09-04 06:51:28 UTC
vtun-3.0.4-4.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-db64f9f636

Comment 11 Fedora Update System 2017-09-19 21:20:28 UTC
vtun-3.0.4-4.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2017-09-19 23:21:27 UTC
vtun-3.0.4-4.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.

Comment 13 Fedora Update System 2017-09-30 06:13:46 UTC
vtun-3.0.4-4.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.

Comment 14 Gabriel Somlo 2017-10-11 18:02:32 UTC
just a quick follow-up: the openssl out-of-tree patch I used to build against openssl1.1 for fedora 26 and up never worked properly, and segfaulted when one attempted to use it. Instead, I'm building against compat-openssl1.0 on fedora, and will leave it to upstream to fix openssl1.1 compatibility.

Comment 15 Fedora Update System 2017-10-11 18:11:45 UTC
vtun-3.0.4-5.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-4853fd2ed8

Comment 16 Fedora Update System 2017-10-11 18:12:23 UTC
vtun-3.0.4-5.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-019aa5febe

Comment 17 Fedora Update System 2017-10-13 04:19:37 UTC
vtun-3.0.4-5.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-fd12483a2d

Comment 18 Fedora Update System 2017-10-13 04:23:03 UTC
vtun-3.0.4-5.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-019aa5febe

Comment 19 Fedora Update System 2017-10-13 06:23:13 UTC
vtun-3.0.4-5.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-4853fd2ed8

Comment 20 Fedora Update System 2017-11-01 00:01:52 UTC
vtun-3.0.4-5.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.

Comment 21 Fedora Update System 2017-11-01 00:17:34 UTC
vtun-3.0.4-5.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.

Comment 22 Fedora Update System 2017-11-11 02:51:26 UTC
vtun-3.0.4-5.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.