This is a multi-part message in MIME format.
--------------030909030302020406050404
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit



--------------030909030302020406050404
Content-Type: text/plain;
name="bug.template"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="bug.template"

================================================== ==========================
POSTGRESQL BUG REPORT TEMPLATE
================================================== ==========================


Your name : Alexey Rodin
Your email address : alx (AT) sm (DOT) ukrtel.net


System Configuration
---------------------
Architecture : CPU: AMD Duron(tm) processor (801.42-MHz 686-class CPU)

Operating System : FreeBSD 5.1-RELEASE

PostgreSQL version : PostgreSQL-7.3.3

Compiler used : gcc version 3.2.2 [FreeBSD] 20030205 (release)


Please enter a FULL description of your problem:
------------------------------------------------

PostgreSQL 7.3.3 with pgcrypto crushed after execute test sql query.



Please describe a way to repeat the problem. Please try to provide a
concise reproducible example, if at all possible:
----------------------------------------------------------------------

testdb=# SELECT crypt('lalalal',gen_salt('md5'));

server closed the connection unexpectedly
This probably means the server terminated abnormally
before or while processing the request.
The connection to the server was lost. Attempting reset: Failed.

<pglog>

LOG: ReadRecord: record with zero length at 0/18BDEA8
LOG: redo is not required
LOG: database system is ready
LOG: server process (pid 21460) was terminated by signal 11
LOG: terminating any other active server processes
LOG: all server processes terminated; reinitializing shared memory and semaphores
LOG: database system was interrupted at 2003-07-21 11:44:47 EEST
LOG: checkpoint record is at 0/18BDEA8
LOG: redo record is at 0/18BDEA8; undo record is at 0/0; shutdown TRUE
LOG: next transaction id: 996; next oid: 98896
LOG: database system was not properly shut down; automatic recovery in progress
FATAL: The database system is starting up


</pglog>

If you know how this problem might be fixed, list the solution below:
---------------------------------------------------------------------



--------------030909030302020406050404
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0


---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to majordomo (AT) postgresql (DOT) org so that your
message can get through to the mailing list cleanly

--------------030909030302020406050404--

FWIW, I can confirm this, but I don't think it's a FreeBSD specific
problem given that the backend dies inside of an OpenSSL routine.

#0 0x2864ae9c in EVP_DigestUpdate () from /usr/lib/libcrypto.so.3
#1 0x28576a90 in px_find_cipher () from /usr/local/lib/postgresql/pgcrypto.so
#2 0x2857c584 in px_crypt_md5 () from /usr/local/lib/postgresql/pgcrypto.so
#3 0x2857efa4 in px_gen_salt () from /usr/local/lib/postgresql/pgcrypto.so
#4 0x2857ee1f in px_crypt () from /usr/local/lib/postgresql/pgcrypto.so
#5 0x2857d2be in pg_crypt () from /usr/local/lib/postgresql/pgcrypto.so
#6 0x0811acb6 in ExecMakeFunctionResult ()
#7 0x0811b7db in ExecEvalExpr ()
#8 0x0811e794 in ExecProject ()
#9 0x0811cb7a in ExecProject ()
#10 0x081282a5 in ExecResult ()
#11 0x0811a0e5 in ExecProcNode ()
#12 0x0811952c in ExecEndPlan ()
#13 0x081188b8 in ExecutorRun ()
#14 0x0819b703 in PortalRun ()
#15 0x0819b53e in PortalRun ()
#16 0x08199b21 in authdie ()
#17 0x081982fd in PostgresMain ()
#18 0x0816de64 in PostmasterMain ()
#19 0x0816d628 in PostmasterMain ()
#20 0x0816bcc6 in PostmasterMain ()
#21 0x0816b5c7 in PostmasterMain ()
#22 0x0813588b in main ()
#23 0x0806c802 in _start ()

Both crypt() and gen_salt() work independently of each other:

test=# SELECT gen_salt('md5');
gen_salt
-------------
$1$nouzuI/B
(1 row)

test=# SELECT crypt('foo','ba');
crypt
---------------
ba4TuD1iozTxw
(1 row)

:-/ crypt() does die with the salt, '$1$' Not sure why either...

That said, the right work around is to _not_ use gen_salt('md5') when
passing data in to crypt(), instead, use gen_salt('des'). The readme
says its not recommended, but in the same breath, it should recommend
that gen_salt('des') is as weak as crypt() and gen_salt('des')
produces the correct salt for use with crypt().




What's interesting, however, is that I can no longer ctrl+c to get out
of psql after the backend dies. To kill psql, I have to suspend it,
then kill.

test=# SELECT crypt('lalal',gen_salt('md5'));
The connection to the server was lost. Attempting reset: Failed.
connection pointer is NULL
!>
!>
!>
!>
!>
!>
!>
[1] + 15252 Suspended psql test pgsql
1:08pm sean@localhost:databases/postgresql-devel > kill %1
1:08pm sean@localhost:databases/postgresql-devel >
[1] Terminated psql test pgsql


-sc

--
Sean Chittenden

---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings

Sean Chittenden <sean (AT) chittenden (DOT) org> writes:
Works fine here:

regression=# SELECT crypt('lalalal',gen_salt('md5'));
crypt
------------------------------------
$1$2tnDkstz$e2vTadSh2zGH4yh51Ocbu0
(1 row)

"here" being Red Hat 8.0 with these OpenSSL packages:

openssl095a-0.9.5a-16
openssl-devel-0.9.6b-29
openssl-perl-0.9.6b-29
openssl-0.9.6b-29
openssl096-0.9.6-11

What OpenSSL release are you using?

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html

Sean Chittenden <sean (AT) chittenden (DOT) org> writes:
By chance I noticed this entry in the CVS logs:

2002-11-14 21:54 momjian

* contrib/pgcrypto/openssl.c: OpenSSL 0.9.6g in Debian/unstable
stopped working with pgcrypto. This is pgcrypto bug as it assumed
too much about inner workings of OpenSSL.

Following patch stops pgcrypto using EVP* functions for ciphers and
lets it manage ciphers itself.

This patch supports Blowfish, DES and CAST5 algorithms.

Marko Kreen

Perhaps the problem is that Marko didn't fix the crypt() code in the
same way?

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to majordomo (AT) postgresql (DOT) org)

Ah, I think that's _very_ likely the case here... -sc

--
Sean Chittenden

---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings

0.9.7a, which lends weight to the theory of shifting internals...

-sc

--
Sean Chittenden

---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings

Sean Chittenden <sean (AT) chittenden (DOT) org> writes:
I updated to openssl 0.9.7b on my HPUX machine, and still do not see any
failure in

regression=# SELECT crypt('lalalal',gen_salt('md5'));
crypt
------------------------------------
$1$.yzzlyzz$W8vpUQ3Nonx20vchlBQye/
(1 row)

So it seems that OpenSSL version is not the issue --- or at least not
the whole story. Maybe there is some platform-dependency here too.

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Sean Chittenden <sean (AT) chittenden (DOT) org> writes:
But maybe the problem is in crypt(3) and not in OpenSSL at all? I'm
quite willing to believe that neither Linux nor HPUX share crypt()
source with FreeBSD...

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 9: the planner will ignore your desire to choose an index scan if your
joining column's datatypes do not match

--qjNfmADvan18RZcF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Using the builtin crypt() solved this problem for the user though. I
wonder if the configure script isn't correctly detecting using the
builtin crypt() as opposed to the openssl version... or visa versa.
Try applying the attached patch and seeing if that lets you reproduce
the crash. random may still need to be silly on HPUX, I don't know if
it has a /dev/random. -sc

--
Sean Chittenden

--qjNfmADvan18RZcF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=patch

--- contrib/pgcrypto/Makefile.orig Thu May 8 16:09:28 2003
+++ contrib/pgcrypto/Makefile Thu May 8 16:12:47 2003
@@ -7,7 +7,7 @@
include $(top_builddir)/src/Makefile.global

# either 'builtin', 'mhash', 'openssl'
-cryptolib = builtin
+cryptolib = openssl

# either 'builtin', 'system'
cryptsrc = builtin
@@ -21,7 +21,7 @@
# This works ofcouse only with cryptolib = openssl
#
# 'silly' - use libc random() - very weak
-random = silly
+random = dev
random_dev = \"/dev/urandom\"

##########################

--qjNfmADvan18RZcF
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0


---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

--qjNfmADvan18RZcF--

Sean Chittenden <sean (AT) chittenden (DOT) org> writes:
Hmm. I get *a* crash, maybe not the same one. But there's no
autoconfiguration of this setting in pgcrypto/Makefile, so how would
anyone be using anything but builtin crypt()?

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo (AT) postgresql (DOT) org