This is duplicate of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077066 -- Ondřej Surý (He/Him)
> On 26. 7. 2024, at 14:03, Bernhard Übelacker <bernha...@mailbox.org> wrote: > > On Fri, 19 Jul 2024 14:49:25 +0200 Ulrich Teichert > <ulrich.teich...@kumkeo.de> wrote:> Package: libsofthsm2 > >> When using OpenSSL 3.0.13 (installed by the latest security update for >> OpenSSL), >> signing with pkcs11 fails with a segmentation fault. This is not the case >> with >> openSSL OpenSSL 3.0.11. Maybe the library just needs a rebuild against the >> newer openSSL library? Traceback with gdb: > > > > Hello, > I am no maintainer for a related package, just tried to collect some more > information. > I could reproduce the crash inside a temporary > bookworm/stable amd64 VM with the command sequence in [2]. > > This created a backtrace with debug symbols in [1]. > (Package p11-kit-modules-dbgsym is installed, but seems not to contain > matching debug symbols for p11-kit-proxy.so.) > The crash happens because of the getSession method called with "this=0x0". > > The difference seems to be in 3.0.13 in engine_unlocked_finish > is the value e->funct_ref decremented to 0, > and therefore engine_finish gets executed. > > Comparing all modifications of this reference counter > leads to this [3] additional call to engine_unlocked_finish > which happens in 3.0.13 but not in 3.0.11. > > I cannot say if new behaviour in openssl 3.0.13 is wrong, > or if the issue is in libsofthsm2. > > The same commands do not cause a crash in a trixie/testing VM. > The openssl 3.2.2-1 seems to contain the commit [4], > which just removes lines from ENGINE_load_private_key > below a comment "We enforce check for legacy key", > therefore the hurting call to engine_unlocked_finish seems > in trixie/testing no longer getting reached. > > Kind regards, > Bernhard > > > > [1] > (gdb) bt > #0 0x00007fe53b52ad4e in HandleManager::getSession (this=0x0, > hSession=hSession@entry=1) at ./src/lib/handle_mgr/HandleManager.cpp:75 > #1 0x00007fe53b4def69 in SoftHSM::C_CloseSession (this=0x561d3abf75a0, > hSession=hSession@entry=1) at ./src/lib/SoftHSM.cpp:1366 > #2 0x00007fe53b4bf3f4 in C_CloseSession (hSession=1) at > ./src/lib/main.cpp:332 > #3 0x00007fe53ad3189b in ?? () from > /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so > #4 0x00007fe53ad174a0 in ?? () from > /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so > #5 0x00007fe53ad17618 in ?? () from > /usr/lib/x86_64-linux-gnu/p11-kit-proxy.so > #6 0x00007fe53b5939aa in pkcs11_slot_unref (slot=slot@entry=0x561d3ac54610) > at ./src/p11_slot.c:433 > #7 0x00007fe53b593a40 in pkcs11_release_slot (slot=0x561d3ac14140) at > ./src/p11_slot.c:477 > #8 pkcs11_release_all_slots (slots=0x561d3ac14140, nslots=<optimized out>) > at ./src/p11_slot.c:464 > #9 0x00007fe53b594348 in PKCS11_release_all_slots (pctx=<optimized out>, > slots=<optimized out>, nslots=<optimized out>) at ./src/p11_front.c:111 > #10 0x00007fe53b58cf5e in ctx_finish (ctx=0x561d3abf52c0) at > ./src/eng_back.c:352 > #11 0x00007fe53b58ae38 in engine_finish (engine=<optimized out>) at > ./src/eng_front.c:163 > #12 0x00007fe53b1e352f in engine_unlocked_finish (e=0x561d3abf7640, > unlock_for_handlers=unlock_for_handlers@entry=0) at > ../crypto/engine/eng_init.c:64 > #13 0x00007fe53b1e5a52 in int_cleanup_cb_doall (p=0x561d3abf9340) at > ../crypto/engine/eng_table.c:183 > #14 int_cleanup_cb_doall (p=0x561d3abf9340) at > ../crypto/engine/eng_table.c:177 > #15 0x00007fe53b22c6f4 in doall_util_fn (arg=0x0, func_arg=0x0, > func=func@entry=0x7fe53b1e5a30 <int_cleanup_cb_doall>, use_arg=0, > lh=0x561d3abf8a10) at ../crypto/lhash/lhash.c:197 > #16 OPENSSL_LH_doall (lh=0x561d3abf8a10, func=func@entry=0x7fe53b1e5a30 > <int_cleanup_cb_doall>) at ../crypto/lhash/lhash.c:205 > #17 0x00007fe53b1e5e31 in lh_ENGINE_PILE_doall (doall=0x7fe53b1e5a30 > <int_cleanup_cb_doall>, lh=<optimized out>) at > ../crypto/engine/eng_local.h:159 > #18 engine_table_cleanup (table=0x7fe53b47f6f8 <rsa_table>) at > ../crypto/engine/eng_table.c:192 > #19 0x00007fe53b1e37a6 in engine_cleanup_cb_free (item=0x561d3abf9320) at > ../crypto/engine/eng_lib.c:169 > #20 0x00007fe53b2add20 in OPENSSL_sk_pop_free (st=0x561d3abfbdd0, > func=0x7fe53b1e37a0 <engine_cleanup_cb_free>) at ../crypto/stack/stack.c:426 > #21 0x00007fe53b1e3b89 in sk_ENGINE_CLEANUP_ITEM_pop_free > (freefunc=0x7fe53b1e37a0 <engine_cleanup_cb_free>, sk=<optimized out>) at > ../crypto/engine/eng_local.h:48 > #22 engine_cleanup_int () at ../crypto/engine/eng_lib.c:176 > #23 0x00007fe53b230e2e in OPENSSL_cleanup () at ../crypto/init.c:418 > #24 OPENSSL_cleanup () at ../crypto/init.c:344 > #25 0x00007fe53ae5d55d in __run_exit_handlers (status=status@entry=0, > listp=0x7fe53aff1820 <__exit_funcs>, > run_list_atexit=run_list_atexit@entry=true, run_dtors=run_dtors@entry=true) > at ./stdlib/exit.c:116 > #26 0x00007fe53ae5d69a in __GI_exit (status=status@entry=0) at > ./stdlib/exit.c:146 > #27 0x0000561d393b82f1 in main (argc=<optimized out>, argv=<optimized out>) > at ../apps/openssl.c:311 > > > > [2] > export SOFTHSM2_CONF=$HOME/softhsm-config.file > cat /usr/share/softhsm/softhsm2.conf | sed > "s@/var/lib/softhsm/tokens/@$HOME/tokens@g" > $SOFTHSM2_CONF > mkdir $HOME/tokens/ > softhsm2-util --init-token --free --label "example" > > openssl req -newkey rsa:2048 -x509 -sha256 -days 365 -out example.crt -keyout > key.pem > openssl pkcs8 -in key.pem -out key_unencrypted.pem > softhsm2-util --import key_unencrypted.pem --label "update" --id 1111 --token > "example" > > echo sw-description.in > sw-description.in > openssl cms -sign -engine pkcs11 -keyform engine -in sw-description.in -out > sw-description.sig -signer example.crt -inkey > "pkcs11:token=example;object=update" -outform DER -nosmimecap -binary > > > > [3] > Old value = 6 > New value = 7 > 0x00007fbc3efe3517 in engine_unlocked_finish (e=e@entry=0x56197f0db640, > unlock_for_handlers=unlock_for_handlers@entry=1) at > ../crypto/engine/eng_init.c:59 > 59 e->funct_ref--; > (rr) bt > #0 0x00007fbc3efe3517 in engine_unlocked_finish (e=e@entry=0x56197f0db640, > unlock_for_handlers=unlock_for_handlers@entry=1) at > ../crypto/engine/eng_init.c:59 > #1 0x00007fbc3efe3725 in ENGINE_finish (e=0x56197f0db640) at > ../crypto/engine/eng_init.c:108 > #2 0x00007fbc3f01a68e in evp_pkey_free_legacy (x=x@entry=0x56197f0dd020) at > ../crypto/evp/p_lib.c:1756 > #3 0x00007fbc3f01a77e in evp_pkey_free_it (x=0x56197f0dd020) at > ../crypto/evp/p_lib.c:1767 > #4 pkey_set_type (pkey=0x56197f0dd020, e=<optimized out>, type=6, str=0x0, > len=-1, keymgmt=0x0) at ../crypto/evp/p_lib.c:1518 > #5 0x00007fbc3f01aa71 in EVP_PKEY_assign (pkey=pkey@entry=0x56197f0dd020, > type=type@entry=6, key=key@entry=0x56197f10b710) at ../crypto/evp/p_lib.c:774 > #6 0x00007fbc3f0190d6 in EVP_PKEY_set1_RSA (pkey=pkey@entry=0x56197f0dd020, > key=key@entry=0x56197f10b710) at ../crypto/evp/p_legacy.c:27 > #7 0x00007fbc3efe5486 in ENGINE_load_private_key (e=<optimized out>, > key_id=0x56197f0e6910 "pkcs11:token=example;object=update", > ui_method=ui_method@entry=0x56197f0ddda0, > callback_data=callback_data@entry=0x7ffd57ebab70) at > ../crypto/engine/eng_pkey.c:87 > #8 0x000056197df1b1c7 in engine_load (ctx=0x56197f0e67c0, > ui_method=0x56197f0ddda0, ui_data=0x7ffd57ebab70) at > ../apps/lib/engine_loader.c:126 > #9 0x00007fbc3f0af2e2 in OSSL_STORE_load (ctx=ctx@entry=0x56197f0df3b0) at > ../crypto/store/store_lib.c:441 > #10 0x000056197df1817a in load_key_certs_crls_suppress (uri=0x56197f0e6680 > "org.openssl.engine:pkcs11:pkcs11:token=example;object=update", > format=format@entry=8, maybe_stdin=maybe_stdin@entry=0, pass=<optimized out>, > desc=0x56197df2cf77 "signing key", ppkey=ppkey@entry=0x7ffd57ebacb0, > ppubkey=0x0, pparams=0x0, pcert=0x0, pcerts=0x0, pcrl=0x0, pcrls=0x0, > suppress_decode_errors=0) at ../apps/lib/apps.c:974 > #11 0x000056197df18db3 in load_key_certs_crls (uri=<optimized out>, > format=format@entry=8, maybe_stdin=maybe_stdin@entry=0, pass=<optimized out>, > desc=<optimized out>, ppkey=ppkey@entry=0x7ffd57ebacb0, ppubkey=0x0, > pparams=0x0, pcert=0x0, pcerts=0x0, pcrl=0x0, pcrls=0x0) at > ../apps/lib/apps.c:1101 > #12 0x000056197df192fb in load_key (uri=<optimized out>, > uri@entry=0x7ffd57ebb59e "pkcs11:token=example;object=update", format=8, > may_stdin=may_stdin@entry=0, pass=<optimized out>, e=e@entry=0x56197f0db640, > desc=desc@entry=0x56197df2cf77 "signing key") at ../apps/lib/apps.c:560 > #13 0x000056197dece3ee in cms_main (argc=<optimized out>, argv=<optimized > out>) at ../apps/cms.c:1077 > #14 0x000056197dee29b1 in do_cmd (prog=prog@entry=0x56197f0db180, > argc=argc@entry=18, argv=argv@entry=0x7ffd57ebb0f0) at ../apps/openssl.c:418 > #15 0x000056197debe381 in main (argc=<optimized out>, argv=0x7ffd57ebb0f0) at > ../apps/openssl.c:296 > > > > [4] > https://github.com/openssl/openssl/commit/39ea78379826fa98e8dc8c0d2b07e2c17cd68380 >
