Project

General

Profile

Actions
Copy link

action #163484

open

[security][15-SP4-QU] gpg segfaults

Added by amanzini 19 days ago. Updated 2 days ago.

Status:
Blocked
Priority:
Normal
Assignee:
-
Category:
Bugs in existing tests
Target version:
-
Start date:
2024-07-08
Due date:
% Done:

20%

Estimated time:
8.00 h
Difficulty:

Description

Observation

openQA test in scenario sle-15-SP4-Online-QR-x86_64-fips_env_mode_tests_crypt_tool@64bit-amd fails in
gpg

Test suite description

Testsuite maintained at https://gitlab.suse.de/qe-security/osd-sle15-security.

Reproducible

Fails since (at least) Build 191.4 (current job)

Expected result

Last good: 190.2 (or more recent)

Further details

Always latest result in this scenario: latest

investigate on reproducibility, see Marcus' suggestion on
https://bugzilla.suse.com/show_bug.cgi?id=1213636

to ensure proper use of export LIBGCRYPT_FORCE_FIPS_MODE=1 before running commands

Files

clipboard-202407101745-xnbyh.png (8.76 KB) clipboard-202407101745-xnbyh.png amanzini, 2024-07-10 15:45
Actions
Copy link
 #1

Updated by amanzini 19 days ago

  • Subject changed from test fails in gpg to [security][15sp4]test fails in gpg
Actions
Copy link
 #2

Updated by amanzini 17 days ago · Edited

some observations; I was not able to reproduce on a fresh installed system, while it's reproducible on the openQA setup.
seems like it's related to LIBGCRYPT_FORCE_FIPS_MODE environment variable :

Actions
Copy link
 #3

Updated by pstivanin 3 days ago

  • Status changed from New to In Progress
  • Assignee set to pstivanin
Actions
Copy link
 #4

Updated by pstivanin 3 days ago · Edited

  • % Done changed from 0 to 20
  • Estimated time set to 8.00 h

I was able to reproduce the error locally. I've opened the following bug since this is a product bug: https://bugzilla.suse.com/show_bug.cgi?id=1228279

Actions
Copy link
 #5

Updated by pstivanin 3 days ago

  • Status changed from In Progress to Blocked
Actions
Copy link
 #6

Updated by pstivanin 3 days ago

  • Subject changed from [security][15sp4]test fails in gpg to [security][15-SP4-QU] gpg segfaults
Actions
Copy link
 #7

Updated by pstivanin 3 days ago

Another, unrelated, issue is that rsa1024 fails to be generated. That's likely due to rsa1024 being unsupported on FIPS, but we have to check.

Actions
Copy link
 #8

Updated by pstivanin 3 days ago

can confirm that rsa1024 is NOT a supported algo on FIPS

Actions
Copy link
 #9

Updated by pstivanin 2 days ago

  • Assignee deleted (pstivanin)
Actions
Copy link

Also available in: Atom PDF