Project

General

Profile

Actions

Bug #2986

closed

GNU TLS fallback: segfault on gnutls_rnd()

Added by fixeria about 6 years ago. Updated almost 6 years ago.

Status:
Resolved
Priority:
High
Assignee:
Category:
libosmogsm
Target version:
-
Start date:
02/22/2018
Due date:
% Done:

100%

Spec Reference:

Description

According to the GNU TLS documentation, prior to 3.3.0 the library has to be
initialized by calling gnutls_global_init():

https://www.gnutls.org/manual/html_node/Initialization.html

while the recent versions are being initialized on load. This causes
segfault on osmo_get_rand_id() if a library version is lower than 3.3.0...

At the same time, in the configure.am we require gnutls >= 2.12.0.


Related issues

Related to OsmoSGSN - Bug #2982: make check: sgsn test failedClosed02/22/2018

Actions
Related to OsmoMGW - Bug #2981: make check: mgcp test failedResolvedfixeria02/22/2018

Actions
Related to OsmoMSC - Bug #2983: OsmoMSC crashes on LURClosedfixeria02/22/2018

Actions
Actions #1

Updated by fixeria about 6 years ago

  • Related to Bug #2982: make check: sgsn test failed added
Actions #2

Updated by fixeria about 6 years ago

  • Related to Bug #2981: make check: mgcp test failed added
Actions #3

Updated by fixeria about 6 years ago

  • Related to Bug #2983: OsmoMSC crashes on LUR added
Actions #4

Updated by laforge almost 6 years ago

  • Assignee set to lynxis
Actions #5

Updated by fixeria almost 6 years ago

I have the following suggestions:

  • Bump the minimal required version to 3.3.0;
  • Initialize the library when libosmocore is loaded (DSO):
__attribute__((constructor))
static void on_dso_load_gnutls(void)
{
    gnutls_global_init();
}
Actions #6

Updated by lynxis almost 6 years ago

debian/wheezy (old-old-stable): 2.12.20-8+deb7u5
debian/jessie (old-stabe): 3.3.8-6+deb8u
debian/stretch (stable): 3.5.8-5+deb9u3
ubuntu/14.04 LTS: 3.2.11
ubuntu/16.04 LTS: 3.4.10

Actions #7

Updated by lynxis almost 6 years ago

  • Assignee changed from lynxis to laforge

laforge: can we increase the minimal version to 3.3.0?

Actions #8

Updated by lynxis almost 6 years ago

sysmobts 201705: is using 3.5.9
sysmobts 201310: is using 2.12.23

So we would loose sysmobts 201310 and ubuntu 14.04

Actions #9

Updated by lynxis almost 6 years ago

  • Status changed from New to In Progress
  • Assignee changed from laforge to lynxis
Actions #10

Updated by laforge almost 6 years ago

I think we should simply introduce an

#if GNUTLS_VERSION < 3.3.0
gnutls_global_init();
#endif

I would assume it's pretty straight-forward to do, and not a big burden
in order to gain wider backwards compatibility.

Actions #11

Updated by lynxis almost 6 years ago

I've tried to reproduce this test in a vm with debian wheezy, but it didn't worked out.

/* compile with
 * gcc -g -o test_osmo_get_rand_id /tmp/test_osmo_get_rand_id.c -l osmocore -l osmogsm
 */

#include <stdio.h>
#include <stdlib.h>

#include <osmocom/gsm/gsm_utils.h>

int main() {
    char buffer[16] = { 0 };
    printf("%s\n", osmo_hexdump(buffer, 16));
    int rc = osmo_get_rand_id(buffer, 16);
    printf("%s\n", osmo_hexdump(buffer, 16));
    printf("rc = %d\n", rc);

    exit(0);
}
Actions #12

Updated by lynxis almost 6 years ago

  • % Done changed from 0 to 100
Actions #13

Updated by lynxis almost 6 years ago

  • Status changed from In Progress to Feedback
Actions #14

Updated by laforge almost 6 years ago

  • Status changed from Feedback to Stalled
  • % Done changed from 100 to 90
Actions #15

Updated by lynxis almost 6 years ago

waiting for review.

Actions #16

Updated by lynxis almost 6 years ago

  • Status changed from Stalled to Resolved
  • % Done changed from 90 to 100
Actions

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)