Summary: | dev-libs/cyrus-sasl: broken with OpenSSL 3 (was: net-nds/openldap-2.6.1-r1 fails test076-authid-rewrite test with segfault) | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Toralf Förster <toralf> |
Component: | Current packages | Assignee: | No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it <maintainer-needed> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ldap-bugs, sam, zlogene |
Priority: | Normal | Keywords: | TESTFAILURE |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: |
https://bugs.gentoo.org/show_bug.cgi?id=848894 https://bugs.gentoo.org/show_bug.cgi?id=866245 |
||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 797325 | ||
Attachments: |
emerge-info.txt
emerge-history.txt environment etc.portage.tar.bz2 logs.tar.bz2 net-nds:openldap-2.6.1-r1:20220531-171006.log.bz2 |
Description
Toralf Förster
2022-05-31 17:39:32 UTC
Created attachment 781730 [details]
emerge-info.txt
Created attachment 781733 [details]
emerge-history.txt
Created attachment 781736 [details]
environment
Created attachment 781739 [details]
etc.portage.tar.bz2
Created attachment 781742 [details]
logs.tar.bz2
Created attachment 781745 [details]
net-nds:openldap-2.6.1-r1:20220531-171006.log.bz2
Same w/ (not yet in tree) 2.6.2: ``` >>>>> 00:09:25 Failed test076-authid-rewrite for mdb after 1 seconds make[1]: *** [Makefile:321: mdb-yes] Error 139 make: *** [Makefile:301: pmdb] Error 2 * ERROR: net-nds/openldap-2.6.2::gentoo failed (test phase): * emake failed ``` In /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/tests/testout.0 (testout.1 has very very little in it), I see: ``` [...] >>>>> 00:09:24 Starting test076-authid-rewrite for mdb... running defines.sh Starting slapd on TCP/IP port 9011... /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/tests Using ldapsearch to check that slapd is running... Checking whether DIGEST-MD5 is supported... Adding schema and database... Using ldapadd to populate the database... Adding olcAuthzRegexp rule for static mapping... Testing ldapwhoami as Manager... Segmentation fault ldapwhoami failed (139)! >>>>> 00:09:25 Failed test076-authid-rewrite for mdb after 1 seconds (exit 139) make[1]: Leaving directory '/var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/tests' ``` ``` Core was generated by `/var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-ab'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007ff288482ec4 in EVP_EncryptUpdate (ctx=0x0, out=0x559e430dcde4 "0\036\002\001\003w\031\200\027\061.3.6.1.4.1.4203.1.11.3ST-MD5 client step 3", outl=0x7ffdc12d97d4, in=0x559e430dde40 "0\036\002\001\003w\031\200\027\061.3.6.1.4.1.4203.1.11.311.311.3", inl=0x20) at crypto/evp/evp_enc.c:614 614 if (!ctx->encrypt) { gef➤ bt #0 0x00007ff288482ec4 in EVP_EncryptUpdate (ctx=0x0, out=0x559e430dcde4 "0\036\002\001\003w\031\200\027\061.3.6.1.4.1.4203.1.11.3ST-MD5 client step 3", outl=0x7ffdc12d97d4, in=0x559e430dde40 "0\036\002\001\003w\031\200\027\061.3.6.1.4.1.4203.1.11.311.311.3", inl=0x20) at crypto/evp/evp_enc.c:614 #1 0x00007ff28807d6c9 in ?? () from /usr/lib64/sasl2/libdigestmd5.so #2 0x00007ff28807dd18 in ?? () from /usr/lib64/sasl2/libdigestmd5.so #3 0x00007ff2889ad41e in ?? () from /usr/lib64/libsasl2.so.3 #4 0x00007ff2889af432 in sasl_encodev () from /usr/lib64/libsasl2.so.3 #5 0x00007ff2889af520 in sasl_encode () from /usr/lib64/libsasl2.so.3 #6 0x00007ff2889ecc5a in sb_sasl_cyrus_encode () from /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/libraries/libldap/.libs/libldap.so.2 #7 0x00007ff2889efa49 in sb_sasl_generic_write () from /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/libraries/libldap/.libs/libldap.so.2 #8 0x00007ff2889cc7f8 in ber_int_sb_write () from /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/libraries/liblber/.libs/liblber.so.2 #9 0x00007ff2889c9bbb in ber_flush2 () from /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/libraries/liblber/.libs/liblber.so.2 #10 0x00007ff2889f93a7 in ldap_int_flush_request () from /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/libraries/libldap/.libs/libldap.so.2 #11 0x00007ff2889f9692 in ldap_send_server_request () from /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/libraries/libldap/.libs/libldap.so.2 #12 0x00007ff2889f9a41 in ldap_send_initial_request () from /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/libraries/libldap/.libs/libldap.so.2 #13 0x00007ff2889ec42d in ldap_extended_operation () from /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/libraries/libldap/.libs/libldap.so.2 #14 0x0000559e4114f00c in main () ``` I think cyrus-sasl might be broken somehow with OpenSSL 3. https://github.com/cyrusimap/cyrus-sasl/commit/887dbc0435056ec58ee48c4d803f110ade1e4c39 https://github.com/cyrusimap/cyrus-sasl/commit/dfaa62392e7caecc6ecf0097b4d73738ec4fc0a8 https://github.com/cyrusimap/cyrus-sasl/commit/c2bd3afbca57f176d8c650670ce371444bb7fcc0 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b6f917fbb156370f36f38def0db2a04e569f07b commit 0b6f917fbb156370f36f38def0db2a04e569f07b Author: Sam James <sam@gentoo.org> AuthorDate: 2022-06-01 04:53:37 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-06-01 05:05:58 +0000 dev-libs/cyrus-sasl: backport OpenSSL 3 patches (+ small other fixes) Also, throw in: - upstream version of static build / PIC patch (same as we had before, just with commit headers now) - gdbm errno variable change (looks like a typo in the original fix) Bug: https://bugs.gentoo.org/848831 Signed-off-by: Sam James <sam@gentoo.org> dev-libs/cyrus-sasl/Manifest | 1 + dev-libs/cyrus-sasl/cyrus-sasl-2.1.28-r3.ebuild | 218 ++++++++++++++++++++++++ 2 files changed, 219 insertions(+) With the cyrus-sasl fixes, it's a bit better, but not great. Still OpenSSL 3 related, I guess, as you have to lod a legacy provider to get RC4: ``` >>>>> 00:09:26 Starting test076-authid-rewrite for mdb... running defines.sh Starting slapd on TCP/IP port 9011... /var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/tests Using ldapsearch to check that slapd is running... Checking whether DIGEST-MD5 is supported... Adding schema and database... Using ldapadd to populate the database... Adding olcAuthzRegexp rule for static mapping... Testing ldapwhoami as Manager... ldap_sasl_interactive_bind: Local error (-2) additional info: SASL(-1): generic failure: internal error: failed to init cipher 'rc4' ldapwhoami failed (254)! >>>>> 00:09:27 Failed test076-authid-rewrite for mdb after 1 seconds (exit 254) make[1]: Leaving directory '/var/tmp/portage/net-nds/openldap-2.6.2/work/openldap-OPENLDAP_REL_ENG_2_6_2-abi_x86_64.amd64/tests' ``` Let's close this bug as the original issue is fixed, anyway. |