From owner-freebsd-ports-bugs@FreeBSD.ORG Sat Oct 8 09:10:18 2005 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3BB0616A41F for ; Sat, 8 Oct 2005 09:10:18 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8449043D49 for ; Sat, 8 Oct 2005 09:10:17 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j989AHeA020873 for ; Sat, 8 Oct 2005 09:10:17 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j989AHKb020872; Sat, 8 Oct 2005 09:10:17 GMT (envelope-from gnats) Resent-Date: Sat, 8 Oct 2005 09:10:17 GMT Resent-Message-Id: <200510080910.j989AHKb020872@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, "Jukka A. Ukkonen" Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4DFAF16A41F for ; Sat, 8 Oct 2005 09:02:16 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1B23743D46 for ; Sat, 8 Oct 2005 09:02:16 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j9892FEL093758 for ; Sat, 8 Oct 2005 09:02:15 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.13.1/8.13.1/Submit) id j9892FCR093757; Sat, 8 Oct 2005 09:02:15 GMT (envelope-from nobody) Message-Id: <200510080902.j9892FCR093757@www.freebsd.org> Date: Sat, 8 Oct 2005 09:02:15 GMT From: "Jukka A. Ukkonen" To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Cc: Subject: ports/87113: OpenSSL-0.9.8 crashes OpenSSH-portable-4.2.0.0,1 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Oct 2005 09:10:18 -0000 >Number: 87113 >Category: ports >Synopsis: OpenSSL-0.9.8 crashes OpenSSH-portable-4.2.0.0,1 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Oct 08 09:10:17 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Jukka A. Ukkonen >Release: 4.11-STABLE >Organization: private citizen >Environment: FreeBSD mjolnir 4.11-STABLE FreeBSD 4.11-STABLE #0: Wed Sep 21 07:56:19 EET DST 2005 jau@mjolnir:/home/src/sys/compile/Mjolnir i386 >Description: When linked against OpenSSL-0.9.8 OpenSSH-portable-4.2.0.0,1 crashes as follows... Plain command line example: --------------------------- # /usr/local/sbin/sshd Segmentation fault When started inside gdb: ------------------------ (gdb) run Starting program: /usr/local/sbin/sshd (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... (no debugging symbols found)...(no debugging symbols found)... Program received signal SIGSEGV, Segmentation fault. 0x281299e1 in bn_mul_add_words () from /usr/local/lib/libcrypto.so.4 With older OpenSSL-0.9.7g there are no problems with OpenSSL-4.2p1. I classified this bug as *critical/high* because both OpenSSL and OpenSSH are these days very widely used and important elements of overall system security, and everybody should be able to update ASAP there are new stable versions available. OTOH I assume the roots of this problem lie in some little incompatibility which both OpenSSL and OpenSSH maintainers or ports admins have completely overlooked. >How-To-Repeat: Try the same versions of OpenSSL and OpenSSH on FreeBSD-4.11-STABLE. Supposedly neither OpenSSL ports admin nor OpenSSH-portable ports admin has really tested this combination before publishing the latest ports. >Fix: No fix or explanation known yet. There are a couple of good guesses though... 1) Either the call API to bn_mul_add_words() has changed in 0.9.8 or 2) the OpenSSH-4.2p1 port has always been using that function in an improper manner. >Release-Note: >Audit-Trail: >Unformatted: