Bug 272220

Summary: security/pam_ssh_agent_auth: fails at runtime after import of OpenSSL 3 (head only)
Product: Ports & Packages Reporter: Guido Falsi <madpilot>
Component: Individual Port(s)Assignee: Matthew Seaman <matthew>
Status: Closed FIXED    
Severity: Affects Only Me CC: Trond.Endrestol, agh, brnrd, dim, emaste, khorben, michael, pierre
Priority: --- Flags: bugzilla: maintainer-feedback? (matthew)
Version: Latest   
Hardware: Any   
OS: Any   
Bug Depends on:    
Bug Blocks: 271656    
Attachments:
Description Flags
security/pam_ssh_agent_auth/Makefile needs a slight tweak to be valid none

Description Guido Falsi freebsd_committer freebsd_triage 2023-06-26 10:12:59 UTC
Hi,

After upgrading to new head (including OpenSSL 3, recently imported) pam_ssh_agent_auth starts to fail at runtime.

During build it causes a few deprecation warnings about RSA_generate_key(3) and DSA_generate_parameters(3).

When trying to use sudo (configured to use this pam modules), it fails with this error:

sudo: unable to initialize PAM: No error: 0

and the following gets logged to /var/log/messages:

sudo[1154]: in try_dlopen(): /usr/local/lib/pam_ssh_agent_auth.so: (null): Undefined symbol "RSA_generate_key"
sudo[1154]: in openpam_load_module(): no /usr/local/lib/pam_ssh_agent_auth.so found


I tried compiling with `CFLAGS=-DOPENSSL_API_COMPAT=0x00908000L`. This makes the compile time deprecation warnings disappear but changes nothing at runtime.

Filing this so it can be tracked, and to attach it to the openssl v3 tracking bug.
Comment 1 Dimitry Andric freebsd_committer freebsd_triage 2023-06-26 10:37:01 UTC
It looks like pam_ssh_agent_auth should be adjusted, since RSA_generate_key() has been deprecated since openssl 0.9.8, and has likely been removed after 1.1:

# ifndef OPENSSL_NO_DEPRECATED_0_9_8
OSSL_DEPRECATEDIN_0_9_8 RSA *RSA_generate_key(int bits, unsigned long e, void
                                              (*callback) (int, int, void *),
                                              void *cb_arg);
# endif

The successor seems to be RSA_generate_key_ex(), but that is also deprecated for 3.0, so it is likely to go away similarly in the future:

OSSL_DEPRECATEDIN_3_0 int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e,
                                              BN_GENCB *cb);


Instead, consumers are supposed to use the newer EVP APIs, as described in <https://wiki.openssl.org/index.php/EVP> and <https://www.openssl.org/docs/manmaster/man7/migration_guide.html>.
Comment 2 Guido Falsi freebsd_committer freebsd_triage 2023-06-26 10:43:30 UTC
(In reply to Dimitry Andric from comment #1)

Thanks for the analysis!

As a quick band aid moving to RSA_generate_key_ex() looks easier and faster.

I was unable to find any code in upstream repo using newer APIs, unluckily.
Comment 3 Dimitry Andric freebsd_committer freebsd_triage 2023-06-26 11:05:41 UTC
(In reply to Guido Falsi from comment #2)
Upstream looks a bit like abandonware... lots of stuff has not been touched for ~10 years, except for fixes that you seen to have submitted. :)

I wonder if it is really advisable to trust PAM authentication to this software. Maybe it should come with a Big Fat Warning?
Comment 4 Guido Falsi freebsd_committer freebsd_triage 2023-06-26 11:10:31 UTC
(In reply to Dimitry Andric from comment #3)

You are correct, this is something I configured a long time ago, which was and still is suggested by various guides.

Anyway it's good to let users know there is a problem with this software at present.
Comment 5 Matthew Seaman freebsd_committer freebsd_triage 2023-06-26 16:59:09 UTC
Thanks for the report.  I'll see what I can do about OpenSSL 3.x support, but as other commenters have said, it may be time to retire this port.  I'm not aware of any alternatives that provide similar functionality which we could recommend instead of pam_ssh_agent_auth though.
Comment 6 Guido Falsi freebsd_committer freebsd_triage 2023-06-26 17:20:39 UTC
(In reply to Matthew Seaman from comment #5)

Since I needed to have my machines working I've now simply removed this.

I installed it a long time ago to support ansible "become" privilege escalation, I'm back to providing a password each time I run it.

If upstream is not helpful, unless you want to take full responsibility for future maintenance there is no option except to retire the port.

I thought I'd report the issue because making this kind of things known is always better also for users.
Comment 7 Guido Falsi freebsd_committer freebsd_triage 2023-08-10 15:01:36 UTC
I'm closing this as not accepted, since fixing it would require actually forking the project, which is out of the scope for the ports collection.


Thanks for the feedback and help!
Comment 8 Bernard Spil freebsd_committer freebsd_triage 2023-08-10 17:01:08 UTC
Do any of the patches in the Debian port work? At work we use pam-ssh-agent-auth on Ubuntu 23.04 without issues, package says it depends on OpenSSL >= 3.0.

It contains 2 patches containing lots of OPENSSL_VERSION_NUMBER ifdefs.
Comment 9 Bernard Spil freebsd_committer freebsd_triage 2023-08-10 17:14:29 UTC
And now I see that you (madpilot) sent those patches to Debian :D
Comment 10 Matthew Seaman freebsd_committer freebsd_triage 2023-08-10 17:19:12 UTC
Apologies -- I got distracted by real life and didn't get round to looking at this PR.  I'll try out the Debian patches at the weekend.
Comment 11 Guido Falsi freebsd_committer freebsd_triage 2023-08-10 19:48:48 UTC
(In reply to Bernard Spil from comment #9)

I completely forgot about that...it was 5 years ago...A life has passed by since then! :)

Anyway, those patches are already included in this port:

https://cgit.freebsd.org/ports/commit/security/pam_ssh_agent_auth?id=7e4dd958073e372854ea99aa8522fa8cd11f2b47

https://cgit.freebsd.org/ports/commit/security/pam_ssh_agent_auth?id=eff6c06d3666cbaf4b56659ab71c27f9f701d514
Comment 12 commit-hook freebsd_committer freebsd_triage 2023-08-16 06:17:54 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=a97d608312ec78a1da88c6a43b060069845d8c5e

commit a97d608312ec78a1da88c6a43b060069845d8c5e
Author:     Matthew Seaman <matthew@FreeBSD.org>
AuthorDate: 2023-08-16 06:13:41 +0000
Commit:     Matthew Seaman <matthew@FreeBSD.org>
CommitDate: 2023-08-16 06:13:41 +0000

    security/pam_ssh_agent_auth: mark as broken with OpenSSL 3.x

    While this compiles successfully, it doesn't produce a working
    pam_ssh_agent_auth.so PAM module.

    PR:             272220
    Reported by:    madpilot

 security/pam_ssh_agent_auth/Makefile | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)
Comment 13 Trond Endrestøl 2023-08-16 07:28:54 UTC
Created attachment 244138 [details]
security/pam_ssh_agent_auth/Makefile needs a slight tweak to be valid
Comment 14 commit-hook freebsd_committer freebsd_triage 2023-08-16 07:37:03 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=42e570a18ef163863f79c2fbbdbfb375d58e82f8

commit 42e570a18ef163863f79c2fbbdbfb375d58e82f8
Author:     Matthew Seaman <matthew@FreeBSD.org>
AuthorDate: 2023-08-16 07:31:26 +0000
Commit:     Matthew Seaman <matthew@FreeBSD.org>
CommitDate: 2023-08-16 07:36:52 +0000

    security/pam_ssh_agent_auth: Fix typo

    PR:             272220
    Reported by:    Freshports, Trond Endrestol

 security/pam_ssh_agent_auth/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 15 Michael Sinatra 2023-08-31 21:28:49 UTC
This module will work fine (compile and work at runtime) under 14, if the following are added to src/secure/lib/libcrypto/Makefile in base:

SRCS+= rsa_depr.c
SRCS+= dsa_depr.c

I see that rsa_depr.c has already been added, so one way to fix this port is to add the dsa_depr.c to the appropriate section of the Makefile.

I have also been able to get this module to load and run (but I have only tested RSA validation via the forwarded agent) by ripping all of the DSA code out of key.c in the module source code.  However, that really necessitates a more thorough refactoring of the code in order to gracefully remove all DSA support and have the module log a message that DSA is no longer supported.

It looks like all of the Linux distros (confirmed on a Debian host that I have) that have moved to openssl 3.x have done the former (add both rsa_depr.c and dsa_depr.c) to their base openssl packages in support of this (and possibly other) packages.

And yes, I do agree that various <things> should probably stop supporting 1024-bit DSA, but there's probably some legacy stuff out there, and possibly some POLA issues involved.
Comment 16 Pierre Pronchery 2023-09-21 11:38:24 UTC
(In reply to Michael Sinatra from comment #15)

From crypto/openssl/crypto/rsa/build.info:

```
IF[{- !$disabled{'deprecated-0.9.8'} -}]
  SOURCE[../../libcrypto]=rsa_depr.c
ENDIF
```
The decision when importing OpenSSL 3 in base was to avoid OpenSSL's APIs that were already deprecated in 1.1.1, updating software to contemporary APIs in the process.

Adding rsa_depr.c to the Makefile meant allowing some 0.9.8 functions to be reachable, but not all. We should definitely not remain in this in-between state. I am preparing a patch that will also add bn_depr.c, e_old.c, and dh_depr.c, which I believe should complete the support for OpenSSL's 0.9.8 API.
Comment 17 Pierre Pronchery 2023-09-21 12:18:00 UTC
(In reply to Pierre Pronchery from comment #16)
I submitted a pull-up request on GitHub at https://github.com/freebsd/freebsd-src/pull/851. (Still a draft)
Comment 18 Pierre Pronchery 2023-09-21 14:46:48 UTC
(In reply to Pierre Pronchery from comment #17)
From what I can tell, with this patch the port works again:

```
Sep 21 16:13:30 kwarx sudo[49935]: pam_ssh_agent_auth: matching key found: file/command /etc/ssh/sudo_authorized_keys, line 1
Sep 21 16:13:30 kwarx sudo[49935]: pam_ssh_agent_auth: Found matching RSA key: a2:a1:b5:1b:4f:9a:38:6a:c8:6a:d6:67:b2:71:1c:92
Sep 21 16:13:30 kwarx sudo[49935]: pam_ssh_agent_auth: Authenticated (agent): `khorben' as `khorben' using /etc/ssh/sudo_authorized_keys
```

sudo was still asking me for a password, but this is probably an issue with my local setup. (It's the first time I try to use this port)
Comment 19 commit-hook freebsd_committer freebsd_triage 2023-09-21 15:08:38 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=b15b39521644ebffdcc091bd283ed410b0ae9274

commit b15b39521644ebffdcc091bd283ed410b0ae9274
Author:     Pierre Pronchery <pierre@freebsdfoundation.org>
AuthorDate: 2023-09-21 11:42:06 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-09-21 15:07:24 +0000

    libcrypto: complete the support for the 0.9.8 API

    When importing OpenSSL 3 in base, some but not all source files
    implementing the deprecated 0.9.8 API were imported. With this change,
    it becomes possible again to compile software targeting this API.

    PR:             272220
    Fixes:          b077aed33b7b ("Merge OpenSSL 3.0.9")
    Reviewed by:    emaste
    MFC after:      3 days
    Sponsored by:   The FreeBSD Foundation
    Pull Request:   https://github.com/freebsd/freebsd-src/pull/851

 secure/lib/libcrypto/Makefile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
Comment 20 Matthew Seaman freebsd_committer freebsd_triage 2023-09-21 15:25:30 UTC
Nice.  I'll update the port so it can build again on HEAD tonight.
Comment 21 commit-hook freebsd_committer freebsd_triage 2023-09-22 18:15:49 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=f2fcda4b68540dc824a0a5d9338ae23e5148d5fc

commit f2fcda4b68540dc824a0a5d9338ae23e5148d5fc
Author:     Matthew Seaman <matthew@FreeBSD.org>
AuthorDate: 2023-09-21 21:16:43 +0000
Commit:     Matthew Seaman <matthew@FreeBSD.org>
CommitDate: 2023-09-22 18:14:49 +0000

    security/pam_ssh_agent_auth: unbreak on HEAD, STABLE/14

    After b15b39521644 systems with OpenSSL 3.x have the complete OpenSSL
    0.9.8 API avaialable once more.  This is slightly anticipating the MFC
    to STABLE/14.

    PR:             272220
    Reported by:    Pierre Pronchery

 security/pam_ssh_agent_auth/Makefile | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)
Comment 22 Matthew Seaman freebsd_committer freebsd_triage 2023-09-22 18:37:36 UTC
Sorry about the delay.  It took an inordinately long time to compile a 15-CURRENT system, but I can confirm that after b15b39521644e pam_ssh_agent_auth is working correctly on HEAD.

I'm assuming this change is going to be MFC'd to 14-STABLE fairly soon, so I've de-restricted the port there too, although right now it will presumably produce a non-working result.
Comment 23 Ed Maste freebsd_committer freebsd_triage 2023-09-22 19:09:23 UTC
> I'm assuming this change is going to be MFC'd to 14-STABLE fairly soon

Yes I will merge to stable/14 and request to merge to releng/14.0 over the weekend or at the beginning of next week.
Comment 24 commit-hook freebsd_committer freebsd_triage 2023-09-24 13:20:52 UTC
A commit in branch stable/14 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=ab64f100ca5ddd37029695646003abaf49c3065e

commit ab64f100ca5ddd37029695646003abaf49c3065e
Author:     Pierre Pronchery <pierre@freebsdfoundation.org>
AuthorDate: 2023-09-21 11:42:06 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-09-24 13:17:43 +0000

    libcrypto: complete the support for the 0.9.8 API

    When importing OpenSSL 3 in base, some but not all source files
    implementing the deprecated 0.9.8 API were imported. With this change,
    it becomes possible again to compile software targeting this API.

    PR:             272220
    Fixes:          b077aed33b7b ("Merge OpenSSL 3.0.9")
    Reviewed by:    emaste
    Sponsored by:   The FreeBSD Foundation
    Pull Request:   https://github.com/freebsd/freebsd-src/pull/851

    (cherry picked from commit b15b39521644ebffdcc091bd283ed410b0ae9274)

 secure/lib/libcrypto/Makefile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
Comment 25 commit-hook freebsd_committer freebsd_triage 2023-09-24 16:20:27 UTC
A commit in branch releng/14.0 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=444eda0dda6407c56c80638f2218ce80e7c90a1f

commit 444eda0dda6407c56c80638f2218ce80e7c90a1f
Author:     Pierre Pronchery <pierre@freebsdfoundation.org>
AuthorDate: 2023-09-21 11:42:06 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-09-24 16:18:28 +0000

    libcrypto: complete the support for the 0.9.8 API

    When importing OpenSSL 3 in base, some but not all source files
    implementing the deprecated 0.9.8 API were imported. With this change,
    it becomes possible again to compile software targeting this API.

    PR:             272220
    Fixes:          b077aed33b7b ("Merge OpenSSL 3.0.9")
    Reviewed by:    emaste
    Sponsored by:   The FreeBSD Foundation
    Pull Request:   https://github.com/freebsd/freebsd-src/pull/851

    (cherry picked from commit b15b39521644ebffdcc091bd283ed410b0ae9274)
    (cherry picked from commit ab64f100ca5ddd37029695646003abaf49c3065e)

    Approved by:    re (gjb)

 secure/lib/libcrypto/Makefile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
Comment 26 Matthew Seaman freebsd_committer freebsd_triage 2023-09-24 16:21:46 UTC
Fixed in all affected branches, thanks!