[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Problem when working using libssh with openssl fips support


Hi,

I've build the latest LIBSSh version 0.7.1 with openssl 1.0.1p.
When working in fips mode I'm receiving a SIGABRT (call to ssh_connect, see
stack trace):

################
Program received signal SIGABRT, Aborted.
0x00b9d425 in __kernel_vsyscall ()
(gdb) bt
#0  0x00b9d425 in __kernel_vsyscall ()
#1  0x00422b11 in raise () from /lib/libc.so.6
#2  0x004243ea in abort () from /lib/libc.so.6
#3  0x08d342d2 in OpenSSLDie (file=0x8f9d806 "sha_locl.h", line=128,
assertion=0x8f9d7cc "Low level API call to digest SHA1 forbidden in FIPS
mode!")
    at cryptlib.c:963
#4  0x08f9d7cc in SHA1_version ()
#5  0x0923896c in ?? ()
#6  0x08c5f8be in make_sessionid (session=0xf3f11f00) at
/home/prod/CABuilds/libssh-0.7.1/src/dh.c:646
#7  0x08c6c867 in ssh_packet_newkeys (session=0xf3f11f00, type=21 '\025',
packet=0xf3f0eff0, user=0xf3f11f00)
    at /home/prod/CABuilds/libssh-0.7.1/src/packet_cb.c:157
#8  0x08c6bef7 in ssh_packet_process (session=0xf3f11f00, type=21 '\025')
at /home/prod/CABuilds/libssh-0.7.1/src/packet.c:428
#9  0x08c6bbb2 in ssh_packet_socket_callback (data=0xf3f0cea8,
receivedlen=16, user=0xf3f11f00) at
/home/prod/CABuilds/libssh-0.7.1/src/packe
#10 0x08c6bc17 in ssh_packet_socket_callback (data=0xf3f0cb68,
receivedlen=848, user=0xf3f11f00) at
/home/prod/CABuilds/libssh-0.7.1/src/pack
#11 0x08c74a54 in ssh_socket_pollcallback (p=0xf3f12cf8, fd=164, revents=1,
v_s=0xf3f0f810) at /home/prod/CABuilds/libssh-0.7.1/src/socket.c:
#12 0x08c729a4 in ssh_poll_ctx_dopoll (ctx=0xf3f12d18, timeout=29949) at
/home/prod/CABuilds/libssh-0.7.1/src/poll.c:632
#13 0x08c73f5f in ssh_handle_packets (session=0xf3f11f00, timeout=29949) at
/home/prod/CABuilds/libssh-0.7.1/src/session.c:613
#14 0x08c74046 in ssh_handle_packets_termination (session=0xf3f11f00,
timeout=30000, fct=0x8c5e35e <ssh_connect_termination>, user=0xf3f11f00
    at /home/prod/CABuilds/libssh-0.7.1/src/session.c:675
#15 0x08c5e737 in ssh_connect (session=0xf3f11f00) at
/home/prod/CABuilds/libssh-0.7.1/src/client.c:549
################

Is it possible that the current LIBSSh version is not compliant to work in
fips mode?
Any idea how I can solve this?

Thanks,
Yaron

Follow-Ups:
Re: Problem when working using libssh with openssl fips supportAris Adamantiadis <aris@xxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org