Bug 538851 - EVP_PBE_CipherInit() passes NULL cipher to keygen function
Summary: EVP_PBE_CipherInit() passes NULL cipher to keygen function
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: openssl
Version: 12
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-11-19 15:09 UTC by Marius Andreiana
Modified: 2010-05-25 18:42 UTC (History)
10 users (show)

Fixed In Version: openssl-1.0.0-4.fc12
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-05-25 18:42:03 UTC


Attachments (Terms of Use)
stack backtrace of wpa_supplicant-0.6.8-6.fc12.x86_64 (4.16 KB, text/plain)
2009-11-24 12:41 UTC, Matthias Andree
no flags Details
The patch fixing the crash in openssl if algorithms are not available (858 bytes, patch)
2009-12-15 07:19 UTC, Tomas Mraz
no flags Details | Diff
Add algorithms necessary for reading some PKCS-12 files (599 bytes, patch)
2009-12-15 10:14 UTC, Tomas Mraz
no flags Details | Diff

Description Marius Andreiana 2009-11-19 15:09:51 UTC
Description of problem: trying to use wireless network
On connect it gives

 19 17:05:42 localhost NetworkManager: <info>  (wlan0): supplicant connection state:  scanning -> disconnected
 19 17:05:42 localhost NetworkManager: <info>  (wlan0): supplicant connection state:  disconnected -> scanning
 19 17:05:43 localhost NetworkManager: <info>  (wlan0): supplicant connection state:  scanning -> associating
 19 17:05:43 localhost NetworkManager: <info>  (wlan0): supplicant connection state:  associating -> associated
 19 17:05:46 localhost kernel: wpa_supplicant[9430]: segfault at 8 ip 03894ed7 sp bf9ab19c error 4 in libcrypto


Using F12 up to date.

Comment 1 Matthias Andree 2009-11-24 12:27:42 UTC
Confirmed on up-to-date F12 x86_64. This happens when setting up a network with WPA2-Enterprise authentication with EAP-TLS, and I'm providing my username, no user certificate, the server root signing (CA) certificate and a .p12 package (along with matching password) of user private key and user certificate. This is an "eduroam"-style network, albeit with the less-common client certificate authentication (many eduroam sites use TTLS = Tunneled TLS instead -- we don't).

Comment 2 Matthias Andree 2009-11-24 12:41:40 UTC
Created attachment 373406 [details]
stack backtrace of wpa_supplicant-0.6.8-6.fc12.x86_64

This should be reassigned to wpa_supplicant.

I'm attaching a (modified) backtrace of my wpa_supplicant crash. The "classified" were the password I need to decrypt the .p12 PKCS#12 package, the "xxxx" was a four-character string in the \3xx octal range.

Comment 3 Dan Williams 2009-11-29 22:56:11 UTC
Based on your backtrace, it looks like openssl isn't returning a failure code when it can't find the cipher it needs to decrypt the PKCS12 file; why it can't find the cipher I don't know.  But it certainly shouldn't segfault when it can't do so...

Comment 4 Matthias Andree 2009-11-30 13:49:59 UTC
How do I analyze the PKCS12 file to figure out the ciphers used for keys/certs?

Comment 5 Tomas Mraz 2009-11-30 15:10:21 UTC
openssl pkcs12 -info -noout -in <keyfile>

Comment 6 Tomas Mraz 2009-12-07 17:22:24 UTC
Does the openssl segfault/crash if you call the openssl pkcs12 command?

Comment 7 Matthias Andree 2009-12-07 17:58:32 UTC
It does not crash. It prints (this is retyped from a different machine):

MAC Iteration 2048
MAC verified OK
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048
Certificate bag
Certificate bag
PKCS7 Data
Shrouded Keybag: pbeWithSHA1and3-KeyTripleDES-CBC, Iteration 2048

I can extract key and certficiate to PEM files just fine. (Does this mean that OpenSSL itself isn't at fault but the way it's used in wpa_supplicant? Looks like that to me.)

Comment 8 Matthias Andree 2009-12-07 18:00:20 UTC
(In reply to comment #7)
> It does not crash. It prints (this is retyped from a different machine):

Note that I only retyped the screen output, but had run the openssl pkcs12 command on the computer affected by the problem.

BTW, Marius, you haven't been let off the hook, so may want to provide your input too so maintainers can see a pattern sooner perhaps.

Comment 9 Dan Williams 2009-12-07 18:23:05 UTC
(In reply to comment #7)
> I can extract key and certficiate to PEM files just fine. (Does this mean that
> OpenSSL itself isn't at fault but the way it's used in wpa_supplicant? Looks
> like that to me.)  

OpenSSL still shouldn't segfault...  it should return some error that upper layers can handle.

Comment 10 Tomas Mraz 2009-12-07 18:30:18 UTC
Yes, I'll look at the crash and try to handle the error properly. However my current guess is that wpa_supplicant does not properly initialize the openssl library. Dan, can you please look at the initialization of openssl in wpa_supplicant and compare it to the calls in the openssl app source code?

Comment 11 Francisco Moraes 2009-12-14 19:45:56 UTC
Any updates to this? I am holding upgrading to F12 because of this bug.

Comment 12 Tomas Mraz 2009-12-14 22:06:25 UTC
I have a patch for the crash now. However wpa_supplicant has to be modified to add call to OpenSSL_add_all_algorithms() before the SSL_library_init() call to be able to load the PKCS12 file.

Comment 13 Matthias Andree 2009-12-14 22:19:57 UTC
Would this be F12-specific? Otherwise, what's the upstream status?

Comment 14 Daniel 2009-12-15 05:06:06 UTC
(In reply to comment #12)
> I have a patch for the crash now. However wpa_supplicant has to be modified to
> add call to OpenSSL_add_all_algorithms() before the SSL_library_init() call to
> be able to load the PKCS12 file.  

Could you please post the patch file here?

Comment 15 Tomas Mraz 2009-12-15 07:19:40 UTC
Created attachment 378440 [details]
The patch fixing the crash in openssl if algorithms are not available

This crash is only in openssl-1.0.0 branch. I've submitted it to upstream tracker.

Comment 16 Daniel 2009-12-15 08:12:58 UTC
(In reply to comment #15)
> Created an attachment (id=378440) [details]
> The patch fixing the crash in openssl if algorithms are not available
> 
> This crash is only in openssl-1.0.0 branch. I've submitted it to upstream
> tracker.  

Thank you very much for your patch file.
I confirmed that the segfault message of wpa_suppliant has been disappeared.

But I still cannot connect to the wireless LAN :-(

Comment 17 Tomas Mraz 2009-12-15 10:14:37 UTC
Created attachment 378461 [details]
Add algorithms necessary for reading some PKCS-12 files

Please try this patch.

Comment 18 Daniel 2009-12-16 01:44:54 UTC
(In reply to comment #17)
> Created an attachment (id=378461) [details]
> Add algorithms necessary for reading some PKCS-12 files
> 
> Please try this patch.  

Thank you very much for your patch file.
I can connect to my wireless LAN now. :-)

Thanks again for your rapid response and hard work.

Comment 19 Tomas Mraz 2009-12-16 11:02:46 UTC
I'll keep this bug for the crash in libcrypto, the wpa_supplicant change will be tracked in bug 541924.

Comment 20 Fedora Update System 2010-03-30 12:44:55 UTC
openssl-1.0.0-1.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/openssl-1.0.0-1.fc12

Comment 21 Fedora Update System 2010-05-18 16:46:07 UTC
openssl-1.0.0-4.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/openssl-1.0.0-4.fc12

Comment 22 Fedora Update System 2010-05-19 19:10:00 UTC
openssl-1.0.0-4.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update openssl'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/openssl-1.0.0-4.fc12

Comment 23 Fedora Update System 2010-05-25 18:40:57 UTC
openssl-1.0.0-4.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.