** Description changed:
- In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
- segfault.
+ [Impact]
+ In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
segfault.
+ ntpq uses crypto hashes to authenticate its requests. By default it appears
to use an internal md5 implementation. However, when compiled with openssl it
creates a lists of acceptable hashes from openssl that can be used.
+
+ [Test Steps]
Test case:
sudo apt install ntp
ntpq -p
Segmentation fault (core dumped)
What happens there is ntpq wants to iterate all available digests
(list_digest_names in ntpq.c). It uses EVP_MD_do_all_sorted for this
task.
EVP_MD_do_all_sorted eventually runs openssl_add_all_digests_int in c_alld.c.
For FIPS mode it adds:
EVP_add_digest(EVP_md5());
What happens later in ntpq is (list_md_fn function inside ntpq.c):
ctx = EVP_MD_CTX_new();
EVP_DigestInit(ctx, EVP_get_digestbyname(name));
EVP_DigestFinal(ctx, digest, &digest_len);
First digest it gets is MD5, but while running EVP_DigestInit for it, it gets
to this point (openssl/crypto/evp/digest.c EVP_DigestInit_ex):
#ifdef OPENSSL_FIPS
if (FIPS_mode()) {
if (!(type->flags & EVP_MD_FLAG_FIPS)
&& !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) {
EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_FOR_FIPS);
return 0;
}
}
#endif
Due to type->flags for MD5 being 0 there's an error set
(EVP_R_DISABLED_FOR_FIPS).
After getting back to ntpq.c:
ctx->engine and ctx->digest are not set (due to the mentioned error), hence
inside EVP_DigestFinal_ex (openssl/crypto/evp/digest.c)
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
causes a segfault (ctx->digest is NULL).
So either MD5 shouldn't be added in FIPS mode or it should have the
EVP_MD_FLAG_FIPS to be properly initialized.
+
+ [Regression Potential]
+
+ I believe the resolution to check the return code and if unsuccessful, do not
include the hash algorithm in the internal ntpq digest list, should not
introduce any regression.
+ It will simply not add md5 and md5_sha1 to its lists of digests when compiled
with openssl. Instead it will add the others like sha1, sha2, and sha3.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting some client
applications
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1884265/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
