[hybrid] Segfault when DH param file missing

Dominic Hargreaves dom at earth.li
Sun Sep 1 07:31:28 EDT 2019 

The problem arises if ssl_dh_param_file is either not specified or is
missing. This only became a problem when EDH ciphers were
specified, as per the config file comment:

"DH parameters are required when using ciphers with EDH (ephemeral
Diffie-Hellman) key exchange."

It seems a check for a valid file should be added before the call to
gnutls_certificate_set_dh_params.

Longer term, if the minimum supported version of GnuTLS can be changed to
3.6.0, that function could be eliminated as it's now marked as
deprecated/unnecessary:

https://manpages.debian.org/buster/gnutls-doc/gnutls_certificate_set_dh_params.3.en.html

Thanks,
Dominic.

On Tue, Jul 23, 2019 at 09:55:30PM +0100, Dominic Hargreaves wrote:
> Hello,
> 
> Does this ring a bell with anyone? Afraid I won't be able to dig
> into this for a few days.
> 
> Thanks,
> Dominic.
> 
> ----- Forwarded message from devel at sumpfralle.de -----
> 
> Date: Tue, 23 Jul 2019 01:16:09 +0200
> From: devel at sumpfralle.de
> To: submit at bugs.debian.org
> Subject: Bug#932774: ircd-hybrid: Segfault in libgmp.so.10.3.2
> Reply-To: devel at sumpfralle.de, 932774 at bugs.debian.org
> 
> Source: ircd-hybrid
> Version: 1:8.2.24+dfsg.1-1
> Severity: normal
> 
> Dear Maintainer,
> 
> after upgrading a host from Stretch to Buster, ircd-hybrid fails to
> start:
> 
>   irc at example:~$ ircd-hybrid -foreground
>   ircd: version hybrid-1:8.2.24+dfsg.1-1(20180404_8492)
>   ircd: pid 32127
>   ircd: running in foreground mode from /usr
>   Segmentation fault
> 
> 
> gdb shows the following output:
> 
>   irc at example:~$ gdb --args ircd-hybrid -foreground
>   GNU gdb (Debian 8.2.1-2) 8.2.1
>   Copyright (C) 2018 Free Software Foundation, Inc.
>   License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
>   This is free software: you are free to change and redistribute it.
>   There is NO WARRANTY, to the extent permitted by law.
>   Type "show copying" and "show warranty" for details.
>   This GDB was configured as "x86_64-linux-gnu".
>   Type "show configuration" for configuration details.
>   For bug reporting instructions, please see:
>   <http://www.gnu.org/software/gdb/bugs/>.
>   Find the GDB manual and other documentation resources online at:
>       <http://www.gnu.org/software/gdb/documentation/>.
>   
>   For help, type "help".
>   Type "apropos word" to search for commands related to "word"...
>   Reading symbols from ircd-hybrid...(no debugging symbols found)...done.
>   (gdb) run
>   Starting program: /usr/sbin/ircd-hybrid -foreground
>   [Thread debugging using libthread_db enabled]
>   Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
>   ircd: version hybrid-1:8.2.24+dfsg.1-1(20180404_8492)
>   ircd: pid 28120
>   ircd: running in foreground mode from /usr
> 
>   Program received signal SIGSEGV, Segmentation fault.
>   0x00007ffff765a5f0 in __gmpz_sizeinbase () from /usr/lib/x86_64-linux-gnu/libgmp.so.10
>   (gdb) bt
>   #0  0x00007ffff765a5f0 in __gmpz_sizeinbase () from /usr/lib/x86_64-linux-gnu/libgmp.so.10
>   #1  0x00007ffff7f3acce in ?? () from /usr/lib/x86_64-linux-gnu/libgnutls.so.30
>   #2  0x00007ffff7e6e1b4 in gnutls_certificate_set_dh_params () from /usr/lib/x86_64-linux-gnu/libgnutls.so.30
>   #3  0x00005555555778f3 in tls_new_cred ()
>   #4  0x0000555555566bfd in read_conf_files ()
>   #5  0x000055555555efc4 in main ()
> 
> 
> ltrace shows the following at the end of its run:
> 
>   calloc(1, 32)                                                                                     = 0x558d1fc9f3a0
>   gnutls_global_init(0, 1265, 40, 0)                                                                = 0
>   gnutls_certificate_allocate_credentials(0x558d1fc9f3a0, 0, 0x7f3c4f66a620, 0)                     = 0
>   gnutls_priority_init(0x558d1fc9f3a8, 0x558d1dbc7748, 0, 0x558d1fca8a00)                           = 0
>   gnutls_certificate_set_x509_key_file(0x558d1fc9f3d0, 0x558d1fca0490, 0x558d1fca0450, 1)           = 0
>   gnutls_dh_params_init(0x558d1fc9f3b0, 0, 0, 0)                                                    = 0
>   gnutls_certificate_set_dh_params(0x558d1fc9f3d0, 0x558d1fc897c0, 24, 0 <no return ...>
>   --- SIGSEGV (Segmentation fault) ---
>   +++ killed by SIGSEGV +++
> 
> 
> The kernel log contains the following:
> 
>   ircd-hybrid[32122]: segfault at 4 ip 00007f5548d1b5f0 sp 00007ffc4241e6a8 error 4 in libgmp.so.10.3.2[7f5548d02000+5e000]
> 
> 
> I took a quick look at "gnutls_certificate_set_dh_params".  Its manpage
> [1] describes this function as deprecated for quite some time.  I do not
> know, whether this is relevant.
> 
> Thank you for your time!
> 
> Cheers,
> Lars
> 
> 
> [1] https://manpages.debian.org/buster/gnutls-doc/gnutls_certificate_set_dh_params.3.en.html
> 
> 
> ----- End forwarded message -----
>

More information about the hybrid mailing list