Bug#983013: marked as done (m2crypto: autopkgtest needs update for new version of openssl: M2Crypto.RSA.RSAError: sslv3 rollback attack)

[Debian Bug Tracking System]

Your message dated Fri, 19 Mar 2021 19:32:08 +0000
with message-id <e1lnkqu-000iuh...@fasolo.debian.org>
and subject line Bug#983013: fixed in m2crypto 0.31.0-4+deb10u2
has caused the Debian Bug report #983013,
regarding m2crypto: autopkgtest needs update for new version of openssl: 
M2Crypto.RSA.RSAError: sslv3 rollback attack
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
983013: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983013
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: m2crypto
Version: 0.37.1-1
Severity: serious
X-Debbugs-CC: debian...@lists.debian.org, open...@packages.debian.org
Tags: sid bullseye
User: debian...@lists.debian.org
Usertags: needs-update
Control: affects -1 src:openssl

Dear maintainer(s),

With a recent upload of openssl the autopkgtest of m2crypto fails in
testing when that autopkgtest is run with the binary packages of openssl
from unstable. It passes when run with only packages from testing. In
tabular form:

                       pass            fail
openssl                from testing    1.1.1j-1
m2crypto               from testing    0.37.1-1
all others             from testing    from testing

I copied some of the output at the bottom of this report.  I *think*
this may be related to CVE-2020-25657 "bleichenbacher timing attacks in
the RSA decryption API" against m2crypto, hence I file this bug against
m2crypto.

Currently this regression is blocking the migration of openssl to
testing [1]. Of course, openssl shouldn't just break your autopkgtest
(or even worse, your package), but it seems to me that the change in
openssl was intended and your package needs to update to the new situation.

If this is a real problem in your package (and not only in your
autopkgtest), the right binary package(s) from openssl should really add
a versioned Breaks on the unfixed version of (one of your) package(s).
Note: the Breaks is nice even if the issue is only in the autopkgtest as
it helps the migration software to figure out the right versions to
combine in the tests.

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://qa.debian.org/excuses.php?package=openssl

https://ci.debian.net/data/autopkgtest/testing/amd64/m/m2crypto/10541025/log.gz

=================================== FAILURES
===================================
_______________________ RSATestCase.test_public_encrypt
________________________

self = <tests.test_rsa.RSATestCase testMethod=test_public_encrypt>

    @unittest.skipIf(m2.OPENSSL_VERSION_NUMBER < 0x1010103f,
                     'Relies on fix which happened only in OpenSSL 1.1.1c')
    def test_public_encrypt(self):
        priv = RSA.load_key(self.privkey)
        # pkcs1_padding, pkcs1_oaep_padding
        for padding in self.e_padding_ok:
            p = getattr(RSA, padding)
            ctxt = priv.public_encrypt(self.data, p)
            ptxt = priv.private_decrypt(ctxt, p)
            self.assertEqual(ptxt, self.data)

        # sslv23_padding
        ctxt = priv.public_encrypt(self.data, RSA.sslv23_padding)
>       res = priv.private_decrypt(ctxt, RSA.sslv23_padding)

tests/test_rsa.py:129:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _

self = <M2Crypto.RSA.RSA object at 0x7f954bddabb0>
data =
b'wf\xdc\xa5\xdf\xca\x95\xc7;\xa4\xdfEWUm/\xa1m\xd8\xa1\x14s&\x1bid\xf4c\\\xbcI\x90[<\x8dE\x89\x1f\xbf\xe9y=\xef\xa9z\...2\xb7\xaaO\x89\x88\xf7P\xee\x9f\xaf\x19B?\x1f\n\xe5\x18Q9\x186\x97gj\x0e)0mg@\xed\xe4~\xf3\xc4\xbe\x1dK#\x9f/\r"N%\x8d'
padding = 2

    def private_decrypt(self, data, padding):
        # type: (bytes, int) -> bytes
        assert self.check_key(), 'key is not initialised'
>       return m2.rsa_private_decrypt(self.rsa, data, padding)
E       M2Crypto.RSA.RSAError: sslv3 rollback attack

/usr/lib/python3/dist-packages/M2Crypto/RSA.py:82: RSAError

OpenPGP_signature
Description: OpenPGP digital signature

--- End Message ---

--- Begin Message ---

Source: m2crypto
Source-Version: 0.31.0-4+deb10u2
Done: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>

We believe that the bug you reported is fixed in the latest version of
m2crypto, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 983...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastian Andrzej Siewior <sebast...@breakpoint.cc> (supplier of updated 
m2crypto package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 23 Feb 2021 23:41:19 +0100
Source: m2crypto
Architecture: source
Version: 0.31.0-4+deb10u2
Distribution: buster
Urgency: medium
Maintainer: Daniel Stender <sten...@debian.org>
Changed-By: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
Closes: 979865 983013
Changes:
 m2crypto (0.31.0-4+deb10u2) buster; urgency=medium
 .
   * Non-maintainer upload.
   * debian/patches/MR262.patch
     - fix test failure with recent openssl; Closes: #983013
   * debian/rules
     - skip test_ssl.py during tests, more than 50% of its tests fail on an
       IPv6-only machine; Closes: #979865
Checksums-Sha1:
 d1123c425952c5c1a6042dd7c7f164daad39d4d7 2166 m2crypto_0.31.0-4+deb10u2.dsc
 dc985b3f24d57335df4e2a3c2d104efe7d2d1cd2 60532 
m2crypto_0.31.0-4+deb10u2.debian.tar.xz
Checksums-Sha256:
 d6c1d9943b56c6db0335e4fc12e3bbc00921b9cd7bee671d7f603fff9ae62b1b 2166 
m2crypto_0.31.0-4+deb10u2.dsc
 305a58c431ac553115639ce733ed33ee2c4bac63eb48e00dff4b5135b6ed8dc3 60532 
m2crypto_0.31.0-4+deb10u2.debian.tar.xz
Files:
 c12c0eeda332ff1e48ef9bcc47705b33 2166 python optional 
m2crypto_0.31.0-4+deb10u2.dsc
 f85de78a05983562c6143f90afbeb1fd 60532 python optional 
m2crypto_0.31.0-4+deb10u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAmBNOb4ACgkQBWQfF1cS
+luP3gv+J6EaW47zb4S7IhCKpbyv+6bqeCZu6+HYrt9xye3qXe5DRGT0iXvaUoHd
BzE5PSmf372izvBHKJIUvSANOk1Py/XN6JenWXniNNGt6VOuyVkFQi6bFmE+6nbk
3uVf75oVO6sh/3U7Ns13PxtH/TMcjcjt0a4Itl18Cyq23Ka7TJ5HRLRFEMbSOJMj
QmT+fpsZDnGs25Jdc2vnpBeo9e/WeV9jD7caaV9U1dVP999WQghuwEXv4e7RK2F3
MX8hSsCpu/hDna56hEjiqdcamFQDM5r3A7R/o9TPVAYx0g7vHBkcc49nTfTwNY4W
qMsg4YVDmr7g5/LUK+ReTA+sm2z3B+0U6GTUyiGReM/8IEYcwMBvGOjSjWTCUOLk
eezK2iWy2LSCtenTAhWUdycjbwDmqnLbBkmAPrc3ijdg5LMOzJTpB5QKDJ8NcuIJ
CLnkuNoJtTYH+biJo/t+Q1Xn44RghH5E1O0j0RkHbkn4Azdpgc55z5QkJQYmmnmU
BqdldfXk
=+G36
-----END PGP SIGNATURE-----

--- End Message ---