Project

General

Profile

Bug #2986

GNU TLS fallback: segfault on gnutls_rnd()

Added by fixeria over 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
High
Assignee:
Category:
libosmogsm
Target version:
-
Start date:
02/22/2018
Due date:
% Done:

100%

Spec Reference:

Description

According to the GNU TLS documentation, prior to 3.3.0 the library has to be
initialized by calling gnutls_global_init():

https://www.gnutls.org/manual/html_node/Initialization.html

while the recent versions are being initialized on load. This causes
segfault on osmo_get_rand_id() if a library version is lower than 3.3.0...

At the same time, in the configure.am we require gnutls >= 2.12.0.


Related issues

Related to OsmoSGSN - Bug #2982: make check: sgsn test failedClosed02/22/2018

Related to OsmoMGW - Bug #2981: make check: mgcp test failedNew02/22/2018

Related to OsmoMSC - Bug #2983: OsmoMSC crashes on LURClosed02/22/2018

History

#1 Updated by fixeria over 1 year ago

  • Related to Bug #2982: make check: sgsn test failed added

#2 Updated by fixeria over 1 year ago

  • Related to Bug #2981: make check: mgcp test failed added

#3 Updated by fixeria over 1 year ago

  • Related to Bug #2983: OsmoMSC crashes on LUR added

#4 Updated by laforge about 1 year ago

  • Assignee set to lynxis

#5 Updated by fixeria about 1 year ago

I have the following suggestions:

  • Bump the minimal required version to 3.3.0;
  • Initialize the library when libosmocore is loaded (DSO):
__attribute__((constructor))
static void on_dso_load_gnutls(void)
{
    gnutls_global_init();
}

#6 Updated by lynxis about 1 year ago

debian/wheezy (old-old-stable): 2.12.20-8+deb7u5
debian/jessie (old-stabe): 3.3.8-6+deb8u
debian/stretch (stable): 3.5.8-5+deb9u3
ubuntu/14.04 LTS: 3.2.11
ubuntu/16.04 LTS: 3.4.10

#7 Updated by lynxis about 1 year ago

  • Assignee changed from lynxis to laforge

laforge: can we increase the minimal version to 3.3.0?

#8 Updated by lynxis about 1 year ago

sysmobts 201705: is using 3.5.9
sysmobts 201310: is using 2.12.23

So we would loose sysmobts 201310 and ubuntu 14.04

#9 Updated by lynxis about 1 year ago

  • Status changed from New to In Progress
  • Assignee changed from laforge to lynxis

#10 Updated by laforge about 1 year ago

I think we should simply introduce an

#if GNUTLS_VERSION < 3.3.0
gnutls_global_init();
#endif

I would assume it's pretty straight-forward to do, and not a big burden
in order to gain wider backwards compatibility.

#11 Updated by lynxis about 1 year ago

I've tried to reproduce this test in a vm with debian wheezy, but it didn't worked out.

/* compile with
 * gcc -g -o test_osmo_get_rand_id /tmp/test_osmo_get_rand_id.c -l osmocore -l osmogsm
 */

#include <stdio.h>
#include <stdlib.h>

#include <osmocom/gsm/gsm_utils.h>

int main() {
    char buffer[16] = { 0 };
    printf("%s\n", osmo_hexdump(buffer, 16));
    int rc = osmo_get_rand_id(buffer, 16);
    printf("%s\n", osmo_hexdump(buffer, 16));
    printf("rc = %d\n", rc);

    exit(0);
}

#12 Updated by lynxis about 1 year ago

  • % Done changed from 0 to 100

#13 Updated by lynxis about 1 year ago

  • Status changed from In Progress to Feedback

#14 Updated by laforge about 1 year ago

  • Status changed from Feedback to Stalled
  • % Done changed from 100 to 90

#15 Updated by lynxis about 1 year ago

waiting for review.

#16 Updated by lynxis about 1 year ago

  • Status changed from Stalled to Resolved
  • % Done changed from 90 to 100

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)