Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 308123

Summary: dev-libs/openssl-0.9.8m breaks encfs
Product: Gentoo Linux Reporter: Harris Landgarten <harrisl>
Component: [OLD] DevelopmentAssignee: Marcelo Goes (RETIRED) <vanquirius>
Status: VERIFIED FIXED    
Severity: critical CC: base-system, felix, jonas.narstrom, joost.ruis, joshua.rich, l33tmmx, marduk
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Harris Landgarten 2010-03-06 21:34:24 UTC 
$ encfs ~/.crypt ~/crypt/
The directory "/home/harrisl/.crypt/" does not exist. Should it be created? (y,n) y
Creating new encrypted volume.
Please choose from one of the following options:
 enter "x" for expert configuration mode,
 enter "p" for pre-configured paranoia mode,
 anything else, or an empty line will select standard mode.
?> 

Standard configuration selected.

Configuration finished.  The filesystem to be created has
the following properties:
Filesystem cipher: "ssl/aes", version 2:2:1
Filename encoding: "nameio/block", version 3:0:1
Key Size: 192 bits
Block Size: 1024 bytes
Each file contains 8 byte header with unique IV data.
Filenames encoded using IV chaining mode.
File holes passed through to ciphertext.

Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism.  However, the password can be changed
later using encfsctl.

New Encfs Password: 
Verify Encfs Password: 
16:18:26 (SSL_Cipher.cpp:794) encoding 40 bytes, got back 32 (0 in final_ex)
fusermount: failed to access mountpoint /home/harrisl/crypt: Permission denied
fuse failed.  Common problems:
 - fuse kernel module not installed (modprobe fuse)
 - invalid options -- see usage message

It also prevents mounting of existing encfs volumes with the same encoding 40 bytes, got back 32 error

Downgrading to openssl-0.9.8l fixes the problem


Reproducible: Always
Comment 1 Jonas Närström 2010-03-07 09:22:32 UTC 
I have confirmed this on my system (lost some files), fixed in Debian for openssl-0.9.8m

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571810
Comment 2 Jouni Rinne 2010-03-07 18:41:40 UTC 
Had trouble with an encrypted /home using openssl-0.9.8m, too. Downgrading to openssl-0.9.8l-r2 fixed the problem
Comment 3 Joost Ruis 2010-03-09 10:25:12 UTC 
Marking this critical
Comment 4 Joost Ruis 2010-03-09 10:25:52 UTC 
CC to base-system@gentoo.org
Comment 6 Fabio Erculiani (RETIRED) gentoo-dev 2010-03-09 13:26:12 UTC 
+*openssl-0.9.8m-r1 (09 Mar 2010)
+
+  09 Mar 2010; Fabio Erculiani <lxnay@gentoo.org> -openssl-0.9.8m.ebuild,
+  +openssl-0.9.8m-r1.ebuild, +files/openssl-0.9.8m-cfb.patch:
+  fix critical bug #308123, thanks Joost Ruis for reporting
+

Following what Debian and Arch did, I added the patch above.
Thanks for reporting.