** Description changed: - In FIPS mode on Bionic MD5 is semi-disabled causing some applications to - segfault. + [Impact] + In FIPS mode on Bionic MD5 is semi-disabled causing some applications to segfault. + ntpq uses crypto hashes to authenticate its requests. By default it appears to use an internal md5 implementation. However, when compiled with openssl it creates a lists of acceptable hashes from openssl that can be used. + + [Test Steps] Test case: sudo apt install ntp ntpq -p Segmentation fault (core dumped) What happens there is ntpq wants to iterate all available digests (list_digest_names in ntpq.c). It uses EVP_MD_do_all_sorted for this task. EVP_MD_do_all_sorted eventually runs openssl_add_all_digests_int in c_alld.c. For FIPS mode it adds: EVP_add_digest(EVP_md5()); What happens later in ntpq is (list_md_fn function inside ntpq.c): ctx = EVP_MD_CTX_new(); EVP_DigestInit(ctx, EVP_get_digestbyname(name)); EVP_DigestFinal(ctx, digest, &digest_len); First digest it gets is MD5, but while running EVP_DigestInit for it, it gets to this point (openssl/crypto/evp/digest.c EVP_DigestInit_ex): #ifdef OPENSSL_FIPS if (FIPS_mode()) { if (!(type->flags & EVP_MD_FLAG_FIPS) && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) { EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_FOR_FIPS); return 0; } } #endif Due to type->flags for MD5 being 0 there's an error set (EVP_R_DISABLED_FOR_FIPS). After getting back to ntpq.c: ctx->engine and ctx->digest are not set (due to the mentioned error), hence inside EVP_DigestFinal_ex (openssl/crypto/evp/digest.c) OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); causes a segfault (ctx->digest is NULL). So either MD5 shouldn't be added in FIPS mode or it should have the EVP_MD_FLAG_FIPS to be properly initialized. + + [Regression Potential] + + I believe the resolution to check the return code and if unsuccessful, do not include the hash algorithm in the internal ntpq digest list, should not introduce any regression. + It will simply not add md5 and md5_sha1 to its lists of digests when compiled with openssl. Instead it will add the others like sha1, sha2, and sha3.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1884265 Title: [fips] Not fully initialized digest segfaulting some client applications To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1884265/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs