Bug#768841: libgnutls-deb0-28: SIGABRT when loading certificates
Marc Dequènes (Duck)
duck at duckcorp.org
Sun Nov 9 15:55:28 UTC 2014
Package: libgnutls-deb0-28
Version: 3.3.8-3
Severity: grave
Justification: breaks related softwares (minbif, ircd-ratbox)
Control: affects -1 = minbif ircd-ratbox
Coin,
I had to update all my certificates because our CA is going to expire
soon. I then restarted all services with the new CA and server
certificates and it worked for all services but minbif and ircd-ratbox
(probably the only ones using gnutls). minbif fork for each connecting
user and the new process crash ; see the strace and gdb trace
attached. I was not able yet to get a core for ircd-ratbox but the
strace is similar.
Reverting the certificates (which are still valid until the end of the
month) did not help. Downgrading gnutls to 3.3.8-2 (before the rusage
patch) did not help either.
I find two things disturbing. First, fd 3 is used to read the public
key, closed, but then read again which fails and the abort is done
shortly afterwards. Second, rnd_func() fails like if there was no
entropy available, but /proc/sys/kernel/random/entropy_avail proves it
wrong (the machine has a hardware generator with rngd).
As for the timing, i uploaded ircd-ratbox on 2014-07-29 which worked
perfectly on the testing suite at that time (after a gnutls 3 patch).
Tell me if you need anything tested and thanks for your help.
Regards.
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.13-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libgnutls-deb0-28 depends on:
ii libc6 2.19-12
ii libgmp10 2:6.0.0+dfsg-4
ii libhogweed2 2.7.1-3
ii libnettle4 2.7.1-3
ii libp11-kit0 0.20.7-1
ii libtasn1-6 4.1-1
ii multiarch-support 2.19-12
ii zlib1g 1:1.2.8.dfsg-1
--
Marc Dequènes (Duck)
-------------- next part --------------
#0 0x00007f9727650107 in __GI_raise (sig=sig at entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
resultvar = 0
pid = 28099
selftid = 28099
#1 0x00007f97276514e8 in __GI_abort () at abort.c:89
save_stage = 2
act = {__sigaction_handler = {sa_handler = 0x1631eb0, sa_sigaction = 0x1631eb0}, sa_mask = {__val = {140733327892112, 140733327890224, 140287214206471, 1, 0, 0, 140287177530664, 23280608, 140733327890224, 23290456, 140287214232357, 4294966954, 0, 23264720, 0, 0}}, sa_flags = 0, sa_restorer = 0x161a220}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007f9728009199 in rnd_func (_ctx=0x0, length=264, data=0x7fff08045740 "") at pk.c:62
No locals.
#3 0x00007f97238cd346 in nettle_mpz_random_size (x=0x7fff08045910, ctx=0x0, random=0x7f9728009169 <rnd_func>, bits=2112) at bignum-random.c:44
length = 264
data = 0x7fff08045740 ""
#4 0x00007f97238cd3d1 in nettle_mpz_random (x=0x7fff08045910, ctx=0x0, random=0x7f9728009169 <rnd_func>, n=0x7fff08045a48) at bignum-random.c:81
No locals.
#5 0x00007f97238d024a in _nettle_rsa_blind (pub=0x7fff08045a40, random_ctx=0x0, random=0x7f9728009169 <rnd_func>, c=0x7fff08045a30, ri=0x7fff08045980) at rsa-blind.c:50
r = {{_mp_alloc = 1, _mp_size = 0, _mp_d = 0x161a400}}
#6 0x00007f97238cedbd in nettle_rsa_pkcs1_sign_tr (pub=0x7fff08045a40, key=0x7fff08045a70, random_ctx=0x0, random=0x7f9728009169 <rnd_func>, length=51, digest_info=0x1638500 "010\r\006\t`\206H\001e\003\004\002\001\005", s=0x7fff08045a30) at rsa-pkcs1-sign-tr.c:47
ri = {{_mp_alloc = 1, _mp_size = 0, _mp_d = 0x161a310}}
#7 0x00007f972800a997 in _wrap_nettle_pk_sign (algo=GNUTLS_PK_RSA, signature=0x7fff08045bf0, vdata=0x7fff08045b80, pk_params=0x1644680) at pk.c:566
priv = {size = 256, d = {{_mp_alloc = 33, _mp_size = 32, _mp_d = 0x1639180}}, p = {{_mp_alloc = 17, _mp_size = 16, _mp_d = 0x1639320}}, q = {{_mp_alloc = 17, _mp_size = 16, _mp_d = 0x1638a10}}, a = {{_mp_alloc = 16, _mp_size = 16, _mp_d = 0x16398d0}}, b = {{_mp_alloc = 16, _mp_size = 16, _mp_d = 0x1639960}}, c = {{_mp_alloc = 17, _mp_size = 16, _mp_d = 0x1638aa0}}}
pub = {size = 256, n = {{_mp_alloc = 33, _mp_size = 32, _mp_d = 0x1639070}}, e = {{_mp_alloc = 1, _mp_size = 1, _mp_d = 0x1616800}}}
s = {{_mp_alloc = 32, _mp_size = 32, _mp_d = 0x1639e40}}
ret = 134502912
hash_len = 32767
me = 0x7f9723d44e5a
#8 0x00007f9727f4176c in gnutls_privkey_sign_raw_data (key=0x1645860, flags=0, data=0x7fff08045b80, signature=0x7fff08045bf0) at gnutls_privkey.c:909
No locals.
#9 0x00007f9727f4147c in gnutls_privkey_sign_data (signer=0x1645860, hash=GNUTLS_DIG_SHA256, flags=0, data=0x7fff08045be0, signature=0x7fff08045bf0) at gnutls_privkey.c:788
ret = 0
digest = {data = 0x1638500 "010\r\006\t`\206H\001e\003\004\002\001\005", size = 51}
me = 0x7f972824b360 <hash_algorithms+96>
#10 0x00007f9727f2d4ad in _gnutls_check_key_cert_match (res=0x16350e0) at gnutls_cert.c:936
test = {data = 0x7f972801695d "test text", size = 9}
sig = {data = 0x0, size = 0}
pk = 1
pk2 = 1
ret = 32663
__func__ = "_gnutls_check_key_cert_match"
#11 0x00007f9727f3d721 in gnutls_certificate_set_x509_key_file2 (res=0x16350e0, certfile=0x1636208 "/etc/minbif/certs/duckcorp_irc_mp-minbif.crt", keyfile=0x1636258 "/etc/minbif/certs/duckcorp_irc_mp-minbif.key", type=GNUTLS_X509_FMT_PEM, pass=0x0, flags=0) at gnutls_x509.c:1336
ret = 1
#12 0x00007f9727f3d691 in gnutls_certificate_set_x509_key_file (res=0x16350e0, certfile=0x1636208 "/etc/minbif/certs/duckcorp_irc_mp-minbif.crt", keyfile=0x1636258 "/etc/minbif/certs/duckcorp_irc_mp-minbif.key", type=GNUTLS_X509_FMT_PEM) at gnutls_x509.c:1282
No locals.
#13 0x0000000000446d32 in sock::SockWrapperTLS::SockWrapperTLS (this=0x1633be0, _config=<optimized out>, _recv_fd=<optimized out>, _send_fd=<optimized out>) at /build/minbif-e0OeNy/minbif-1.0.5+git20120508/src/sockwrap/sockwrap_tls.cpp:80
c_section = 0x1631eb0
trust_file = "/etc/ssl/certs/ca-certificates.crt"
crl_file = " "
#14 0x000000000043fb56 in sock::SockWrapper::Builder (_config=0x1631790, _recv_fd=_recv_fd at entry=5, _send_fd=_send_fd at entry=5) at /build/minbif-e0OeNy/minbif-1.0.5+git20120508/src/sockwrap/sockwrap.cpp:61
sec_mode = "tls"
#15 0x0000000000453a6f in DaemonForkServerPoll::new_client_cb (this=0x1633b80) at /build/minbif-e0OeNy/minbif-1.0.5+git20120508/src/server_poll/daemon_fork.cpp:241
newcon = {sin_family = 10, sin_port = 4524, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}
new_socket = 5
fds = {6, 7}
addrlen = 28
client_pid = 0
#16 0x0000000000437000 in _callback (data=<optimized out>) at /build/minbif-e0OeNy/minbif-1.0.5+git20120508/src/core/callback.cpp:31
cb = <optimized out>
#17 g_callback_input (data=<optimized out>, src=<optimized out>, i=i at entry=PURPLE_INPUT_READ) at /build/minbif-e0OeNy/minbif-1.0.5+git20120508/src/core/callback.cpp:37
No locals.
#18 0x0000000000434c3e in purple_glib_io_invoke (source=<optimized out>, condition=<optimized out>, data=0x1630350) at /build/minbif-e0OeNy/minbif-1.0.5+git20120508/src/core/util.cpp:82
closure = 0x1630350
purple_cond = PURPLE_INPUT_READ
#19 0x00007f9728de4b6d in g_main_dispatch (context=0x1633d40) at /build/glib2.0-dt6trg/glib2.0-2.42.0/./glib/gmain.c:3111
dispatch = 0x7f9728e298a0 <g_io_unix_dispatch>
prev_source = 0x0
was_in_call = 0
user_data = 0x1630350
callback = 0x434c10 <purple_glib_io_invoke(GIOChannel*, GIOCondition, gpointer)>
cb_funcs = <optimized out>
cb_data = 0x1635e00
need_destroy = <optimized out>
source = 0x1633cc0
current = 0x1611260
i = 0
#20 g_main_context_dispatch (context=context at entry=0x1633d40) at /build/glib2.0-dt6trg/glib2.0-2.42.0/./glib/gmain.c:3710
No locals.
#21 0x00007f9728de4f48 in g_main_context_iterate (context=0x1633d40, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at /build/glib2.0-dt6trg/glib2.0-2.42.0/./glib/gmain.c:3781
max_priority = 2147483647
timeout = -1
some_ready = 1
nfds = <optimized out>
allocated_nfds = 2
fds = 0x1613170
#22 0x00007f9728de5272 in g_main_loop_run (loop=0x1612fd0) at /build/glib2.0-dt6trg/glib2.0-2.42.0/./glib/gmain.c:3975
__FUNCTION__ = "g_main_loop_run"
#23 0x0000000000425580 in Minbif::main (this=this at entry=0x7fff080470e0, argc=argc at entry=4, argv=argv at entry=0x7fff080471f8) at /build/minbif-e0OeNy/minbif-1.0.5+git20120508/src/core/minbif.cpp:244
rlim = {rlim_cur = 18446744073709551615, rlim_max = 18446744073709551615}
long_options = {{name = 0x4f7795 "pidfile", has_arg = 1, flag = 0x0, val = 112}, {name = 0x4f779d "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x4f77a2 "version", has_arg = 0, flag = 0x0, val = 118}, {name = 0x4f8db6 "mode", has_arg = 1, flag = 0x0, val = 109}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
option_index = 0
c = <optimized out>
mode = 2
#24 0x0000000000425b80 in main (argc=4, argv=0x7fff080471f8) at /build/minbif-e0OeNy/minbif-1.0.5+git20120508/src/core/minbif.cpp:285
minbif = {loop = 0x1612fd0, server_poll = 0x1633b80, pidfile = "/var/run/minbif/minbif.pid"}
quit
-------------- next part --------------
2103 restart_syscall(<... resuming interrupted call ...>) = 1
2103 read(4, 0x7fffdc9a6820, 16) = -1 EAGAIN (Resource temporarily unavailable)
2103 write(4, "\1\0\0\0\0\0\0\0", 8) = 8
2103 accept(3, {sa_family=AF_INET6, sin6_port=htons(43856), inet_pton(AF_INET6, "::ffff:ffff:0:0", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=3011625552}, [28]) = 5
2103 socketpair(PF_LOCAL, SOCK_STREAM, 0, [6, 7]) = 0
2103 fcntl(6, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
2103 fcntl(7, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
2103 clone( <unfinished ...>
3976 set_robust_list(0x7fe7b4522ae0, 24) = 0
3976 close(3) = 0
3976 fstat(7, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
3976 fcntl(7, F_GETFL) = 0x802 (flags O_RDWR|O_NONBLOCK)
3976 write(4, "\1\0\0\0\0\0\0\0", 8) = 8
3976 close(6) = 0
2103 <... clone resumed> child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7fe7b4522ad0) = 3976
2103 gettimeofday({1415543029, 613800}, NULL) = 0
2103 write(1, "[INFO] Creating new process with"..., 42) = 42
2103 close(5) = 0
3976 open("/etc/ssl/certs/ca-certificates.crt", O_RDONLY <unfinished ...>
2103 fstat(6, <unfinished ...>
3976 <... open resumed> ) = 3
2103 <... fstat resumed> {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
3976 fstat(3, <unfinished ...>
2103 fcntl(6, F_GETFL <unfinished ...>
3976 <... fstat resumed> {st_mode=S_IFREG|0644, st_size=5578, ...}) = 0
2103 <... fcntl resumed> ) = 0x802 (flags O_RDWR|O_NONBLOCK)
3976 fstat(3, <unfinished ...>
2103 write(4, "\1\0\0\0\0\0\0\0", 8 <unfinished ...>
3976 <... fstat resumed> {st_mode=S_IFREG|0644, st_size=5578, ...}) = 0
2103 <... write resumed> ) = 8
3976 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...>
2103 close(7 <unfinished ...>
3976 <... mmap resumed> ) = 0x7fe7b4546000
2103 <... close resumed> ) = 0
3976 lseek(3, 0, SEEK_CUR <unfinished ...>
2103 write(4, "\1\0\0\0\0\0\0\0", 8 <unfinished ...>
3976 <... lseek resumed> ) = 0
2103 <... write resumed> ) = 8
3976 read(3, <unfinished ...>
2103 poll([{fd=4, events=POLLIN}, {fd=6, events=POLLIN}, {fd=3, events=POLLIN}], 3, 4294967295 <unfinished ...>
3976 <... read resumed> "-----BEGIN CERTIFICATE-----\nMIID"..., 4096) = 4096
2103 <... poll resumed> ) = 1 ([{fd=4, revents=POLLIN}])
3976 read(3, "h+B99ow/NzTlPNzVLfbM3MU4bWxf0gUJ"..., 4096) = 1482
2103 poll([{fd=4, events=POLLIN}, {fd=6, events=POLLIN}, {fd=3, events=POLLIN}], 3, 4294967295 <unfinished ...>
3976 read(3, <unfinished ...>
2103 <... poll resumed> ) = 1 ([{fd=4, revents=POLLIN}])
3976 <... read resumed> "", 4096) = 0
2103 read(4, <unfinished ...>
3976 close(3 <unfinished ...>
2103 <... read resumed> "\4\0\0\0\0\0\0\0", 16) = 8
3976 <... close resumed> ) = 0
3976 munmap(0x7fe7b4546000, 4096 <unfinished ...>
2103 poll([{fd=4, events=POLLIN}, {fd=6, events=POLLIN}, {fd=3, events=POLLIN}], 3, 4294967295 <unfinished ...>
3976 <... munmap resumed> ) = 0
3976 brk(0x1f44000) = 0x1f44000
3976 open("/etc/minbif/certs/duckcorp_irc_mp-minbif.key", O_RDONLY) = 3
3976 fstat(3, {st_mode=S_IFREG|0640, st_size=1679, ...}) = 0
3976 fstat(3, {st_mode=S_IFREG|0640, st_size=1679, ...}) = 0
3976 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe7b4546000
3976 lseek(3, 0, SEEK_CUR) = 0
3976 read(3, "-----BEGIN RSA PRIVATE KEY-----\n"..., 4096) = 1679
3976 read(3, "", 4096) = 0
3976 close(3) = 0
3976 munmap(0x7fe7b4546000, 4096) = 0
3976 open("/etc/minbif/certs/duckcorp_irc_mp-minbif.crt", O_RDONLY) = 3
3976 fstat(3, {st_mode=S_IFREG|0644, st_size=1306, ...}) = 0
3976 fstat(3, {st_mode=S_IFREG|0644, st_size=1306, ...}) = 0
3976 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe7b4546000
3976 lseek(3, 0, SEEK_CUR) = 0
3976 read(3, "-----BEGIN CERTIFICATE-----\nMIID"..., 4096) = 1306
3976 read(3, "", 4096) = 0
3976 close(3) = 0
3976 munmap(0x7fe7b4546000, 4096) = 0
3976 clock_gettime(CLOCK_REALTIME, {1415543029, 617398410}) = 0
3976 getrusage(0x1 /* RUSAGE_??? */, {ru_utime={0, 0}, ru_stime={0, 0}, ...}) = 0
3976 read(3, 0x7fffdc9a52a0, 16) = -1 EBADF (Bad file descriptor)
3976 rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
3976 tgkill(3976, 3976, SIGABRT) = 0
3976 --- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=3976, si_uid=122} ---
2103 <... poll resumed> ) = 1 ([{fd=6, revents=POLLIN|POLLHUP}])
2103 read(4, 0x7fffdc9a6820, 16) = -1 EAGAIN (Resource temporarily unavailable)
2103 write(4, "\1\0\0\0\0\0\0\0", 8) = 8
2103 recvfrom(6, "", 511, MSG_PEEK, NULL, NULL) = 0
2103 gettimeofday({1415543029, 665359}, NULL) = 0
2103 write(1, "[INFO] IPC: a child left: Resour"..., 59) = 59
2103 close(6) = 0
2103 poll([{fd=4, events=POLLIN}, {fd=3, events=POLLIN}], 2, 4294967295) = 1 ([{fd=4, revents=POLLIN}])
2103 poll([{fd=4, events=POLLIN}, {fd=3, events=POLLIN}], 2, 4294967295) = 1 ([{fd=4, revents=POLLIN}])
2103 read(4, "\1\0\0\0\0\0\0\0", 16) = 8
2103 poll([{fd=4, events=POLLIN}, {fd=3, events=POLLIN}], 2, 4294967295 <unfinished ...>
3976 +++ killed by SIGABRT (core dumped) +++
2103 <... poll resumed> ) = ? ERESTART_RESTARTBLOCK (Interrupted by signal)
2103 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_DUMPED, si_pid=3976, si_uid=122, si_status=SIGABRT, si_utime=0, si_stime=0} ---
2103 wait4(0, [{WIFSIGNALED(s) && WTERMSIG(s) == SIGABRT && WCOREDUMP(s)}], WNOHANG, NULL) = 3976
2103 wait4(0, 0x7fffdc9a6464, WNOHANG, NULL) = -1 ECHILD (No child processes)
2103 rt_sigreturn() = -1 EINTR (Interrupted system call)
2103 read(4, 0x7fffdc9a6820, 16) = -1 EAGAIN (Resource temporarily unavailable)
2103 poll([{fd=4, events=POLLIN}, {fd=3, events=POLLIN}], 2, 4294967295 <detached ...>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: PGP Digital Signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20141109/cf4a247c/attachment.sig>
More information about the Pkg-gnutls-maint
mailing list