Ubuntu
libpam-ccreds package

Libpam-ccreds does not properly initiate libgcrypt

Bug #869166 reported by Juha Sahakangas
58
This bug affects 8 people
Affects Status Importance Assigned to Milestone
libpam-ccreds (Debian)
New
Unknown
libpam-ccreds (Ubuntu)
Fix Released
Low
Andreas Hasenack

Bug Description

libpam-ccreds generates "Libgcrypt warning: missing initialization - please fix the application" errors in the logs.

Tags: patch
Revision history for this message
Juha Sahakangas (juhaz) wrote :
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "Fix." of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-sponsors please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

tags: added: patch
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in libpam-ccreds (Ubuntu):
status: New → Confirmed
Revision history for this message
Pieter H (ubuntu-low) wrote :

sudo and sshd seem to have the same issue
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1397663
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1397666

Bug Watch Updater (bug-watch-updater)
Changed in libpam-ccreds (Debian):
status: Unknown → New
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Revisiting this old bug. Confirmed in trusty and artful, should be happening between those two as well:

Jul 20 14:08:54 artful-pam-ccreds-869166 login[4695]: Libgcrypt warning: missing initialization - please fix the application

Used libpam-ccreds 10-6build1 from artful.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

...which is the same version since trusty, heh

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

@juhaz and others, what do you think of this attached patch variant? It checks if the library was already initialised before doing it. Since libpam is a library, this is following the recommendation in gcrypt.info, and in https://lists.gnupg.org/pipermail/gcrypt-devel/2003-August/000458.html:

"""
Becuase you can't know in a library whether another library has
already initialized the library, I suggest to do this:

 if (!gcry_control (GCRYCTL_ANY_INITIALIZATION_P))
   { /* No other library has already initialized libgcrypt. */

     if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) )
       {
          log_fatal (_("libgcrypt is too old (need %s, have %s)\n"),
                     NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL));
       }
     gcry_set_allocation_handler (...);
     gcry_control (GCRYCTL_INITIALIZATION_FINISHED);
   }
"""

Andreas Hasenack (ahasenack)
Changed in libpam-ccreds (Ubuntu):
assignee: nobody → Andreas Hasenack (ahasenack)
status: Confirmed → In Progress
Andreas Hasenack (ahasenack)
Changed in libpam-ccreds (Ubuntu):
importance: Undecided → Low
Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Patch was accepted upstream and merged: https://github.com/PADL/pam_ccreds/commit/3fa53ee374e4712643f988ef74bd6d52a6fe0c12

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libpam-ccreds - 10-6ubuntu1

---------------
libpam-ccreds (10-6ubuntu1) artful; urgency=medium

  * debian/patches/0003-initialize-libgcrypt.patch: Initialize gcrypt
    before usage. Closes: #645229, LP: #869166.

 -- Andreas Hasenack <email address hidden> Thu, 20 Jul 2017 14:54:06 -0300

Changed in libpam-ccreds (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.