RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 839280 - ntpd segfaults in FIPS mode (md5 not available)
Summary: ntpd segfaults in FIPS mode (md5 not available)
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ntp
Version: 7.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Miroslav Lichvar
QA Contact: Jan Ščotka
URL:
Whiteboard:
Depends On:
Blocks: 717789
TreeView+ depends on / blocked
 
Reported: 2012-07-11 12:55 UTC by Milan Broz
Modified: 2014-06-13 10:07 UTC (History)
3 users (show)

Fixed In Version: ntp-4.2.6p5-5
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-06-13 10:07:52 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Network Time Protocol 2294 0 None None None 2019-05-22 04:21:32 UTC

Description Milan Broz 2012-07-11 12:55:12 UTC 
Description of problem:
When running in fips mode (fips=1) ntpd crashes on startup.

This is backtrace, apparently it tries to use MD5 which is not available in FIPS mode (and does not properly detect context init error).

[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `ntpd -n'.
Program terminated with signal 11, Segmentation fault.
#0  0x0000000000000000 in ?? ()
(gdb) bt
#0  0x0000000000000000 in ?? ()
#1  0x00007ff3212f0441 in addr2refid (addr=addr@entry=0x7ff322cc007c) at a_md5encrypt.c:105
#2  0x00007ff32129097d in add_interface (ep=ep@entry=0x7ff322cc0060) at ntp_io.c:939
#3  0x00007ff3212938c0 in create_wildcards (port=123) at ntp_io.c:1265
#4  create_sockets (port=<optimized out>) at ntp_io.c:2070
#5  io_open_sockets () at ntp_io.c:562
#6  0x00007ff32128bf80 in config_ntpd (ptree=0x7ff322cbfe00) at ntp_config.c:3729
#7  save_and_apply_config_tree () at ntp_config.c:3997
#8  0x00007ff32128f91b in getconfig (argc=argc@entry=0, argv=argv@entry=0x7fffd3071758) at ntp_config.c:3915
#9  0x00007ff321298f92 in ntpdmain (argc=0, argv=0x7fffd3071758) at ntpd.c:863
#10 0x00007ff3212899b9 in main (argc=<optimized out>, argv=<optimized out>) at ntpd.c:354
(gdb) frame 1
#1  0x00007ff3212f0441 in addr2refid (addr=addr@entry=0x7ff322cc007c) at a_md5encrypt.c:105
105             EVP_DigestUpdate(&ctx, (u_char *)PSOCK_ADDR6(addr),
(gdb) list
100             if (IS_IPV4(addr))
101                     return (NSRCADR(addr));
102
103             INIT_SSL();
104             EVP_DigestInit(&ctx, EVP_get_digestbynid(NID_md5));
105             EVP_DigestUpdate(&ctx, (u_char *)PSOCK_ADDR6(addr),
106                 sizeof(struct in6_addr));
107             EVP_DigestFinal(&ctx, digest, &len);
108             memcpy(&addr_refid, digest, 4);
109             return (addr_refid);
(gdb) p ctx
$1 = {digest = 0x0, engine = 0x0, flags = 0, md_data = 0x0, pctx = 0x0, update = 0x0}


Version-Release number of selected component (if applicable):

Above is reported on rawhide ntp-4.2.6p5-2.fc18.x86_64
(but because ntp is in RHEL7 as well, we need to track this problem...)

How reproducible:
boot in fips mode and just start default config
(fips mode is currently broken - I'll update the bug once patches reach upstream:)
Comment 4 Ludek Smid 2014-06-13 10:07:52 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.
Note You need to log in before you can comment on or make changes to this bug.