Ticket #93 (closed defect)

Opened 8 years ago

Last modified 7 years ago

libssh2_userauth_publickey_fromfile crashed in windows XP

Reported by: anonymous Owned by: bagder
Priority: normal Milestone:
Component: Version:
Keywords: Cc: bagder, alamaison
Blocked By: Blocks:

Description

libssh2_userauth_publickey_fromfile crashed in windows XP. When I further debugged the problem , I found it was crashing in PEM_read_RSAPrivateKey (openssl.c). When I replaced this API with PEM_read_bio_RSAPrivateKey, things started working. May I know why this behavior -

Harish Jadhav

Change History

comment:1 Changed 8 years ago by bagder

It makes no sense, the function reads data from a FILE * not a BIO *!

https://www.openssl.org/docs/crypto/pem.html seems to document these specific functions.

Can you make any sense from it?

comment:2 Changed 8 years ago by anonymous

I know PEM_read_RSAPrivateKey uses File * and when I pass file pointer to this function, this was leading to crash. Some one else also had a problem. Pls refer http://www.mail-archive.com/libssh2-devel@lists.sourceforge.net/msg00758.html

should make sense.

comment:3 Changed 8 years ago by bagder

Are you using the OpenSSL as a DLL? It so feels like a problem with passing a FILE * between DLL boundaries which simply isn't allowed in windows.

comment:4 Changed 8 years ago by anonymous

Can you please clarify what exaclty is the issue? I tried writing sample dll api which accepts FILE * as argument and also successfully accessed from other Dll which inturn used by execatable.

Also, please let me what is your suggestion on this.

comment:5 Changed 8 years ago by alamaison

Has any progress been made on this issue? I've spent the last few days trying to get pubkey authentication working and am suffering the same problem.

The solution may be to go the BIO route as suggested by Harish. For example, an early version of TOR had a function like this:

int crypto_pk_read_private_key_from_file(crypto_pk_env_t *env, FILE *src)
{

assert(env && src);

if (env->key)

RSA_free(env->key);

env->key = PEM_read_RSAPrivateKey(src, NULL, NULL, NULL);
if (!env->key)

return -1;

return 0;

}

When people started having issues with this on Windows so that the file contents were read on the TOR side, put into a BIO and passed to the OpenSSL dll (changeset 2354 of /tor/trunk/src/common/crypto.c https://svn.torproject.org/cgi-bin/viewvc.cgi/tor/trunk/src/common/crypto.c?view=log#rev2354):

int
crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env,

const char *keyfile)

{

char *contents;
int r;

/* Read the file into a string. */
contents = read_file_to_str(keyfile, 0, NULL);
if (!contents) {

log_warn(LD_CRYPTO, "Error reading private key from \"%s\"", keyfile);
return -1;

}

/* Try to parse it. */
r = crypto_pk_read_private_key_from_string(env, contents);
tor_free(contents);
if (r)

return -1; /* read_private_key_from_string already warned, so we don't.*/

/* Make sure it's valid. */
if (crypto_pk_check_key(env) <= 0)

return -1;

return 0;

}

int
crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,

const char *s)

{

BIO *b;

tor_assert(env);
tor_assert(s);

/* Create a read-only memory BIO, backed by the nul-terminated string 's' */
b = BIO_new_mem_buf((char*)s, -1);

if (env->key)

RSA_free(env->key);

env->key = PEM_read_bio_RSAPrivateKey(b,NULL,NULL,NULL);

BIO_free(b);

if (!env->key) {

crypto_log_errors(LOG_WARN, "Error parsing private key");
return -1;

}
return 0;

}

I might try to knock something like this together for libssh2, time permitting, but I'd rather not go to the effort if it's already been solved.

Alex
--
http://swish.sourceforge.net

comment:6 Changed 7 years ago by bagder

This issue is fixed now, right?

comment:7 Changed 7 years ago by sf-robot

This Tracker item was closed automatically by the system. It was
previously set to a Pending status, and the original submitter
did not respond within 14 days (the time period specified by
the administrator of this Tracker).

Note: See TracTickets for help on using tickets.