Bug 2311882 - crypto-policies-20240717-1.git154fd4e.fc41 breaks rubygem-net-ssh
Summary: crypto-policies-20240717-1.git154fd4e.fc41 breaks rubygem-net-ssh
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: rubygem-net-ssh
Version: rawhide
Hardware: Unspecified
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Vít Ondruch
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-09-12 09:30 UTC by Vít Ondruch
Modified: 2024-12-13 16:58 UTC (History)
10 users (show)

Fixed In Version: rubygem-net-ssh-7.3.0-1.fc42
Clone Of:
Environment:
Last Closed: 2024-12-13 16:58:55 UTC
Type: ---
Embargoed:
fedora-admin-xmlrpc: mirror+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker FC-1297 0 None None None 2024-09-12 09:31:02 UTC

Description Vít Ondruch 2024-09-12 09:30:24 UTC 
Starting with crypto-policies-20240717-1.git154fd4e.fc41, rubygem-net-ssh test suite fails with errors such as:

~~~
  1) Error:
Transport::TestCipherFactory#test_lengths_for_blowfish_cbc:
OpenSSL::Cipher::CipherError: unsupported (Global default library context, Algorithm (BF-CBC : 13), Properties ())
    /builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/net-ssh-7.1.0/usr/share/gems/gems/net-ssh-7.1.0/lib/net/ssh/transport/cipher_factory.rb:83:in `initialize'
    /builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/net-ssh-7.1.0/usr/share/gems/gems/net-ssh-7.1.0/lib/net/ssh/transport/cipher_factory.rb:83:in `new'
    /builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/net-ssh-7.1.0/usr/share/gems/gems/net-ssh-7.1.0/lib/net/ssh/transport/cipher_factory.rb:83:in `get_lengths'
    transport/test_cipher_factory.rb:18:in `test_lengths_for_blowfish_cbc'

... snip ...

 16) Failure:
Transport::Kex::TestDiffieHellmanGroupExchangeSHA256#test_exchange_keys_with_unverifiable_host_should_raise_exception [transport/kex/test_diffie_hellman_group1_sha1.rb:29]:
[Net::SSH::Exception] exception expected, not
Class: <OpenSSL::PKey::PKeyError>
Message: <"EVP_DigestSignInit: invalid digest">
---Backtrace---
/builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/net-ssh-7.1.0/usr/share/gems/gems/net-ssh-7.1.0/lib/net/ssh/transport/openssl.rb:86:in `sign'
/builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/net-ssh-7.1.0/usr/share/gems/gems/net-ssh-7.1.0/lib/net/ssh/transport/openssl.rb:86:in `ssh_do_sign'
/builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/test/transport/kex/test_diffie_hellman_group1_sha1.rb:158:in `signature'
/builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb:69:in `block (2 levels) in exchange!'
/builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/test/common.rb:128:in `send_message'
/builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/net-ssh-7.1.0/usr/share/gems/gems/net-ssh-7.1.0/lib/net/ssh/transport/kex/diffie_hellman_group1_sha1.rb:94:in `send_kexinit'
/builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/net-ssh-7.1.0/usr/share/gems/gems/net-ssh-7.1.0/lib/net/ssh/transport/kex/abstract.rb:48:in `exchange_keys'
/builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/test/transport/kex/test_diffie_hellman_group_exchange_sha1.rb:77:in `exchange!'
/builddir/build/BUILD/rubygem-net-ssh-7.1.0-build/test/transport/kex/test_diffie_hellman_group1_sha1.rb:29:in `block in test_exchange_keys_with_unverifiable_host_should_raise_exception'
---------------

... snip ...
~~~

and many more [1]. I suspect that the specific change responsible for these errors is this commit [2]. But hard to tell what is the mechanism behind and how to fix it because OpenSSL error reports are not useful at all.

Could you please help me understand what is going on and how to fix this?


[1] https://koschei.fedoraproject.org/package/rubygem-net-ssh
[2] https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/commit/035c735a8310af5e3999c327d96ad5e354837250

Reproducible: Always

Actual Results:  
rubygem-net-ssh test failures

Expected Results:  
no test failures for rubygem-net-ssh

BTW, I would appreciate if changes like were not just announced, but if the team responsible for the changes also helped to mitigate the impact. Mainly because the unusefull OpenSSL errors. I still can't believe how bad OpenSSL can be in this regard. I have tried to request improvements [2] but ...



[1] https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer
[2] https://github.com/openssl/openssl/issues/17108
Comment 1 Clemens Lang 2024-09-12 10:46:42 UTC 
I believe only some of the issues in the testsuite are caused by the switch to distrust signatures that use SHA-1.

For example, the first test failure attempts to use the Blowfish-CBC cipher. Blowfish hasn't been available except from the legacy provider since OpenSSL 3.0: https://github.com/openssl/openssl/commit/f5056577ba08b3694aab2722eae1c97bf00acc80. Unless you made changes to enable the legacy provider, this test should have failed ever since OpenSSL 3.0.

The same applies for CAST5 and IDEA, which have also been moved into the legacy provider.

These algorithms should no longer be used and are not considered secure. I'd argue it's a feature, not a bug, that they don't work.

Tests 16-51 fail because they use a SHA-1 digest in a signature and should be changed to use a modern hash algorithm that's still considered secure.

Tests 52, 54, 57, 58, 60-63, 65-68, 70-73, 76-77, 79-80 are again Blowfish, CAST5 or IDEA.

I can't immediately see the root cause for the failure of tests 53, 55, 56, 59, 64, 69, 74-75, 78, 81.

I've stopped here, I don't have time to review all 461 failures, but most of them are likely going to fall into the same categories.


> BTW, I would appreciate if changes like were not just announced, but if the team responsible for the changes also helped to mitigate the impact.

Sorry, we cannot fix all components that depend on OpenSSL in Fedora. There are way too many of those for us to handle.
Most of the tests that start failing now are for old algorithms that should no longer be used. Personally, I think those tests should just be disabled or removed, nobody should be using those algorithms anymore. The tests that fail due to SHA-1 should move to SHA-2 where possible. If the protocol doesn't support that, the old protocol should be deprecated as insecure. For tests, you can export OPENSSL_ENABLE_SHA1_SIGNATURES=1 to make them pass, but this is not supported at runtime and we may introduce changes that break this outside of build environments in the future.
Comment 2 Clemens Lang 2024-09-12 10:48:40 UTC 
Re-assigning to rubygem-net-ssh: It uses old algorithms and needs to fix its testsuite. There's nothing for crypto-policies to fix here.
Comment 3 Vít Ondruch 2024-09-12 12:44:49 UTC 
(In reply to Clemens Lang from comment #1)

Thanks for looking into this. Actually, now I see where the problem comes from [1]:

~~~
ruby -Ilib:test test/test_all.rb 2>&1 | tee test.out
grep "0 failures, 275 errors" test.out
~~~

IOW there always were errors, the number just differs likely due to SHA1. IOW the 150 failures are all new and there are 36 new errors.

> Sorry, we cannot fix all components that depend on OpenSSL in Fedora.

That was not the proposal. I think that basic step would be to e.g. do mass rebuild and find what OpenSSL breaks. After all, you makes much more sense from the errors than me. And now having better understanding, I might have dig deeper.



[1]: https://src.fedoraproject.org/rpms/rubygem-net-ssh/blob/e3fbd96558539dd0e76bb7a7c91190f9a2879a22/f/rubygem-net-ssh.spec#_67-68
Comment 4 Fedora Update System 2024-12-13 16:49:57 UTC 
FEDORA-2024-ea6aa546d1 (rubygem-net-ssh-7.3.0-1.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2024-ea6aa546d1
Comment 5 Fedora Update System 2024-12-13 16:58:55 UTC 
FEDORA-2024-ea6aa546d1 (rubygem-net-ssh-7.3.0-1.fc42) has been pushed to the Fedora 42 stable repository.
If problem still persists, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.