Bug 839280 – ntpd segfaults in FIPS mode (md5 not available)

Bug 839280 - ntpd segfaults in FIPS mode (md5 not available)

Summary:	ntpd segfaults in FIPS mode (md5 not available)

Status:	CLOSED CURRENTRELEASE

Aliases:	None

Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	ntp (Show other bugs)
Sub Component:
Version:	7.0
Hardware:	Unspecified Unspecified

Priority	unspecified Severity unspecified
Target Milestone:	rc
Target Release:	---
Assigned To:	Miroslav Lichvar
QA Contact:	Jan Ščotka
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:	717789
	Show dependency tree / graph

Reported:	2012-07-11 08:55 EDT by Milan Broz
Modified:	2014-06-13 06:07 EDT (History)
CC List:	3 users (show)

See Also:
Fixed In Version:	ntp-4.2.6p5-5
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2014-06-13 06:07:52 EDT
Type:	Bug
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Network Time Protocol	2294	None	None	None	2012-10-24 12:36:06 EDT

Groups: None (edit)

Description Milan Broz 2012-07-11 08:55:12 EDT

Description of problem:
When running in fips mode (fips=1) ntpd crashes on startup.

This is backtrace, apparently it tries to use MD5 which is not available in FIPS mode (and does not properly detect context init error).

[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `ntpd -n'.
Program terminated with signal 11, Segmentation fault.
#0  0x0000000000000000 in ?? ()
(gdb) bt
#0  0x0000000000000000 in ?? ()
#1  0x00007ff3212f0441 in addr2refid (addr=addr@entry=0x7ff322cc007c) at a_md5encrypt.c:105
#2  0x00007ff32129097d in add_interface (ep=ep@entry=0x7ff322cc0060) at ntp_io.c:939
#3  0x00007ff3212938c0 in create_wildcards (port=123) at ntp_io.c:1265
#4  create_sockets (port=<optimized out>) at ntp_io.c:2070
#5  io_open_sockets () at ntp_io.c:562
#6  0x00007ff32128bf80 in config_ntpd (ptree=0x7ff322cbfe00) at ntp_config.c:3729
#7  save_and_apply_config_tree () at ntp_config.c:3997
#8  0x00007ff32128f91b in getconfig (argc=argc@entry=0, argv=argv@entry=0x7fffd3071758) at ntp_config.c:3915
#9  0x00007ff321298f92 in ntpdmain (argc=0, argv=0x7fffd3071758) at ntpd.c:863
#10 0x00007ff3212899b9 in main (argc=<optimized out>, argv=<optimized out>) at ntpd.c:354
(gdb) frame 1
#1  0x00007ff3212f0441 in addr2refid (addr=addr@entry=0x7ff322cc007c) at a_md5encrypt.c:105
105             EVP_DigestUpdate(&ctx, (u_char *)PSOCK_ADDR6(addr),
(gdb) list
100             if (IS_IPV4(addr))
101                     return (NSRCADR(addr));
102
103             INIT_SSL();
104             EVP_DigestInit(&ctx, EVP_get_digestbynid(NID_md5));
105             EVP_DigestUpdate(&ctx, (u_char *)PSOCK_ADDR6(addr),
106                 sizeof(struct in6_addr));
107             EVP_DigestFinal(&ctx, digest, &len);
108             memcpy(&addr_refid, digest, 4);
109             return (addr_refid);
(gdb) p ctx
$1 = {digest = 0x0, engine = 0x0, flags = 0, md_data = 0x0, pctx = 0x0, update = 0x0}


Version-Release number of selected component (if applicable):

Above is reported on rawhide ntp-4.2.6p5-2.fc18.x86_64
(but because ntp is in RHEL7 as well, we need to track this problem...)

How reproducible:
boot in fips mode and just start default config
(fips mode is currently broken - I'll update the bug once patches reach upstream:)

Comment 4 Ludek Smid 2014-06-13 06:07:52 EDT

This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.