[Bug 1207914] New: Legacy provider not enabled in openSSL 3 (breaks transmission)
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 Bug ID: 1207914 Summary: Legacy provider not enabled in openSSL 3 (breaks transmission) Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: screening-team-bugs@suse.de Reporter: lbeltrame@kde.org QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- As far as I know, transmission uses RC4 as cipher algorithm (cf https://github.com/termux/termux-packages/issues/10814#issuecomment-11573200...). However, this is not enabled by default in openSSL 3. This means that as soon as transmission starts, tries to load it, does not find it and promptly crashes: Thread 3 "transmission-da" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff66a66c0 (LWP 19992)] 0x00007ffff799180f in EVP_CIPHER_CTX_set_key_length (c=c@entry=0x0, keylen=keylen@entry=20) at crypto/evp/evp_enc.c:994 Downloading 0.05 MB source file /usr/src/debug/openssl-3.0.7/crypto/evp/evp_enc.c 994 if (c->cipher->prov != NULL) { (gdb) print c $1 = (EVP_CIPHER_CTX *) 0x0 As detailed in the linked thread, the legacy provider (where RC4 is) should be enabled in openSSL 3 by adding [legacy_provider] activate = 1 I'm not sure if there's an issue upstream for transmission regarding this. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 Luca Beltrame <lbeltrame@kde.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Legacy provider not enabled |OpenSSL 3 breaks |in openSSL 3 (breaks |transmission (crashes) |transmission) | -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 http://bugzilla.opensuse.org/show_bug.cgi?id=1207914#c1 --- Comment #1 from Luca Beltrame <lbeltrame@kde.org> --- Actually scratch that. I thought it was enough, but it wasn't. Here's a proper backtrace: #0 0x00007ffff799180f in EVP_CIPHER_CTX_set_key_length (c=c@entry=0x0, keylen=keylen@entry=20) at crypto/evp/evp_enc.c:994 #1 0x00005555555a3f39 in tr_rc4_set_key (key_length=20, key=0x7ffff66a4210 "", handle=0x0) at ../libtransmission/crypto-utils-openssl.c:208 #2 initRC4 (crypto=crypto@entry=0x7ffff0051970, setme=setme@entry=0x7ffff0051978, key=0x5555555ca7d1 "keyA") at ../libtransmission/crypto.c:106 #3 0x00005555555a40a0 in tr_cryptoEncryptInit (crypto=0x7ffff0051970) at ../libtransmission/crypto.c:140 #4 0x00005555555a54d4 in readYb (inbuf=0x7ffff0050e40, handshake=0x7ffff0051ad0) at ../libtransmission/handshake.c:460 #5 canRead (io=<optimized out>, arg=<optimized out>, piece=<optimized out>) at ../libtransmission/handshake.c:1060 #6 0x000055555558d829 in canReadWrapper (io=0x7ffff00515b0) at ../libtransmission/peer-io.c:211 #7 0x00005555555b2a56 in UTP_ProcessIncoming (conn=0x7ffff0051220, packet=<optimized out>, len=<optimized out>, syn=<optimized out>) at ../third-party/libutp/utp.cpp:2158 #8 0x00005555555bcb23 in UTP_IsIncomingUTP.constprop.0.isra.0 (send_to_userdata=send_to_userdata@entry=0x5555555e38b0, buffer=buffer@entry=0x7ffff66a4bc0 "\001", len=len@entry=125, to=to@entry=0x7ffff66a4b40, send_to_proc=<optimized out>, incoming_proc=<optimized out>, tolen=<optimized out>) at ../third-party/libutp/utp.cpp:2587 #9 0x000055555556d878 in tr_utpPacket (fromlen=<optimized out>, ss=0x5555555e38b0, from=0x7ffff66a4b40, buflen=125, buf=0x7ffff66a4bc0 "\001") at ../libtransmission/tr-utp.c:181 #10 event_callback (s=<optimized out>, type=<optimized out>, sv=0x5555555e38b0) at ../libtransmission/tr-udp.c:285 #11 0x00007ffff7f56925 in event_persist_closure (ev=<optimized out>, base=0x7ffff0000bb0) at /usr/src/debug/libevent-2.1.12-stable/event.c:1638 #12 event_process_active_single_queue (base=base@entry=0x7ffff0000bb0, activeq=0x7ffff0001020, max_to_process=max_to_process@entry=2147483647, endtime=endtime@entry=0x0) at /usr/src/debug/libevent-2.1.12-stable/event.c:1697 #13 0x00007ffff7f582bf in event_process_active (base=0x7ffff0000bb0) at /usr/src/debug/libevent-2.1.12-stable/event.c:1798 #14 event_base_loop (base=base@entry=0x7ffff0000bb0, flags=flags@entry=0) at /usr/src/debug/libevent-2.1.12-stable/event.c:2040 #15 0x00007ffff7f58577 in event_base_dispatch (event_base=event_base@entry=0x7ffff0000bb0) at /usr/src/debug/libevent-2.1.12-stable/event.c:1832 #16 0x0000555555576fd8 in libeventThreadFunc (veh=0x5555555dfae0) at ../libtransmission/trevent.c:263 #17 0x000055555555f547 in ThreadFunc (_t=0x5555555e3e60) at ../libtransmission/platform.c:104 #18 0x00007ffff769398d in start_thread (arg=<optimized out>) at pthread_create.c:442 #19 0x00007ffff771a380 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 http://bugzilla.opensuse.org/show_bug.cgi?id=1207914#c2 --- Comment #2 from Luca Beltrame <lbeltrame@kde.org> --- If what I read is correct, there's a downstream patch: https://gitweb.gentoo.org/repo/gentoo.git/tree/net-p2p/transmission/files/tr... -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 Luca Beltrame <lbeltrame@kde.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://github.com/transmis | |sion/transmission/issues/47 | |16 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 http://bugzilla.opensuse.org/show_bug.cgi?id=1207914#c3 --- Comment #3 from Luca Beltrame <lbeltrame@kde.org> --- Submitted SR 1063301 to fix the problem in transmission. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 Dmitry Markov <werwolf131313@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |werwolf131313@gmail.com -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 Dmitry Markov <werwolf131313@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |opensuse@dstoecker.de -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 http://bugzilla.opensuse.org/show_bug.cgi?id=1207914#c4 Dmitry Markov <werwolf131313@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |needinfo?(opensuse@dstoecke | |r.de) --- Comment #4 from Dmitry Markov <werwolf131313@gmail.com> --- i think it is correct to call opensuse@dstoecker.de as package maintainer https://build.opensuse.org/package/show/filesharing/transmission -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 http://bugzilla.opensuse.org/show_bug.cgi?id=1207914#c5 --- Comment #5 from Luca Beltrame <lbeltrame@kde.org> --- "osc develproject" pointed me to GNOME:Apps. I can redo the SR if that's not the case. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 http://bugzilla.opensuse.org/show_bug.cgi?id=1207914#c6 Dirk Stoecker <opensuse@dstoecker.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(opensuse@dstoecke | |r.de) | --- Comment #6 from Dirk Stoecker <opensuse@dstoecker.de> ---
i think it is correct to call opensuse@dstoecker.de as package maintainer https://build.opensuse.org/package/show/filesharing/transmission
I don't know why you think so. I don't know this software at all. It seems I once fixed some mixup, probably a double development inside OBS which seems to have resulted in the setup of the GNOME:Apps devel project.
"osc develproject" pointed me to GNOME:Apps. I can redo the SR if that's not the case.
No. That's correct. Please close this bug as soon as the request gets accepted. I don't want to reassign it as there is already a SR to fix the issue. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 http://bugzilla.opensuse.org/show_bug.cgi?id=1207914#c7 --- Comment #7 from Dmitry Markov <werwolf131313@gmail.com> ---
I don't know why you think so. I don't know this software at all. It seems I once fixed some mixup, probably a double development inside OBS which seems to have resulted in the setup of the GNOME:Apps devel project.
I apologize for bothering you in vain, apparently I copied the email of the wrong user due to lack of sleep, I was sure that I was copying the email of the main maintainer of the repository, but I missed by one line. of course I meant pascal.bleser@opensuse.org but I guess I won't bother anymore. let everything take its course. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1207914 Felix Niederwanger <felix.niederwanger@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |felix.niederwanger@suse.com -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com