pki segmentation fault on openssl plugin

Bug #1964977 reported by Vincent Batts
20
This bug affects 2 people
Affects Status Importance Assigned to Milestone
strongswan (Ubuntu)
Fix Released
Medium
Sergio Durigan Junior
Jammy
Fix Released
Medium
Sergio Durigan Junior

Bug Description

Found while generating certificates
```
ipsec pki --gen --size 4096 --outform pem
Segmentation fault (core dumped)
```

upon reviewing the core dump it looks like when the openssl plugin is being unloaded there is a locking issue?
```
(gdb) bt
#0 __pthread_rwlock_rdlock_full64 (abstime=0x0, clockid=0, rwlock=0x0) at ./nptl/pthread_rwlock_common.c:298
#1 ___pthread_rwlock_rdlock (rwlock=0x0) at ./nptl/pthread_rwlock_rdlock.c:26
#2 0x00007efd494ccdad in CRYPTO_THREAD_read_lock () from /lib/x86_64-linux-gnu/libcrypto.so.3
#3 0x00007efd494c0306 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.3
#4 0x00007efd494d3245 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.3
#5 0x00007efd494d468c in OSSL_PROVIDER_unload () from /lib/x86_64-linux-gnu/libcrypto.so.3
#6 0x00007efd49768e71 in ?? () from /usr/lib/ipsec/plugins/libstrongswan-openssl.so
#7 0x00007efd49e91142 in plugin_entry_destroy (entry=0x55a207162140) at plugins/plugin_loader.c:209
#8 0x00007efd49e93461 in unload (this=this@entry=0x55a207123c40) at plugins/plugin_loader.c:1344
#9 0x00007efd49e934cd in destroy (this=0x55a207123c40) at plugins/plugin_loader.c:1432
#10 0x00007efd49e7a2f8 in library_deinit () at /build/strongswan-0cV2DU/strongswan-5.9.5/src/libstrongswan/library.c:167
#11 0x00007efd49c65495 in __run_exit_handlers (status=0, listp=0x7efd49e39838 <__exit_funcs>, run_list_atexit=run_list_atexit@entry=true, run_dtors=run_dtors@entry=true)
    at ./stdlib/exit.c:113
#12 0x00007efd49c65610 in __GI_exit (status=<optimized out>) at ./stdlib/exit.c:143
#13 0x00007efd49c49d97 in __libc_start_call_main (main=main@entry=0x55a205ea88e0 <main>, argc=argc@entry=4, argv=argv@entry=0x7ffdfe6010e8) at ../sysdeps/nptl/libc_start_call_main.h:74
#14 0x00007efd49c49e40 in __libc_start_main_impl (main=0x55a205ea88e0 <main>, argc=4, argv=0x7ffdfe6010e8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>,
    stack_end=0x7ffdfe6010d8) at ../csu/libc-start.c:392
#15 0x000055a205eaad25 in _start ()
```

related: https://github.com/openssl/openssl/issues/15915
and even better, it looks like it was fixed upstream a couple weeks ago: https://github.com/strongswan/strongswan/commit/3eecd40cec6415fc033f8d9141ab652047e71524

ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: strongswan-pki 5.9.5-2ubuntu1
ProcVersionSignature: Ubuntu 5.15.0-22.22-generic 5.15.19
Uname: Linux 5.15.0-22-generic x86_64
ApportVersion: 2.20.11-0ubuntu79
Architecture: amd64
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Tue Mar 15 10:46:07 2022
InstallationDate: Installed on 2022-03-03 (11 days ago)
InstallationMedia: Ubuntu 21.10 "Impish Indri" - Release amd64 (20211012)
SourcePackage: strongswan
UpgradeStatus: No upgrade log present (probably fresh install)

Related branches

Revision history for this message
Vincent Batts (vbatts) wrote :
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thanks for taking the time to report the bug.

I can easily verify it here. Here's a step-by-step reproducer:

$ lxc launch ubuntu-daily:jammy ipsec-bug1964977
$ lxc shell ipsec-bug1964977
# apt update && apt full-upgrade -y
# apt install strongswan strongswan-pki
# ipsec pki --gen --size 4096 --outform pem

Changed in strongswan (Ubuntu Jammy):
status: New → Triaged
importance: Undecided → Medium
tags: added: server-todo
Changed in strongswan (Ubuntu Jammy):
assignee: nobody → Sergio Durigan Junior (sergiodj)
Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Verified that the patch provided by:

https://github.com/strongswan/strongswan/commit/3eecd40cec6415fc033f8d9141ab652047e71524

fixes the issue. I'm preparing an MP.

Revision history for this message
Vincent Batts (vbatts) wrote :

👍️

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package strongswan - 5.9.5-2ubuntu2

---------------
strongswan (5.9.5-2ubuntu2) jammy; urgency=medium

  * d/p/lp1964977-fix-ipsec-pki-segfault.patch: Fix "ipsec pki"
    segmentation fault; don't access OpenSSL objects inside atexit()
    handlers. (LP: #1964977)

 -- Sergio Durigan Junior <email address hidden> Fri, 18 Mar 2022 14:24:34 -0400

Changed in strongswan (Ubuntu Jammy):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.