Report information
The Basics
Id:
46737
Status:
rejected
Priority:
Low/Low
Queue:
bind9-public
People
BugTracker
Version Fixed:
(no value)
Version Found:
9.12.0b2
Versions Affected:
9.12.0b2
Versions Planned:
9.12.0rc
Priority:
P0 Critical
Severity:
S0 Critical
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
BIND Common
Area:
bug
Dates
Created:Thu, 30 Nov 2017 10:16:33 -0500
Updated:Thu, 30 Nov 2017 11:07:16 -0500
Closed:Thu, 30 Nov 2017 10:24:17 -0500

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Thu, 30 Nov 2017 10:16:33 -0500 Ondrej Sury <ondrej@isc.org> - Ticket created
Date: Thu, 30 Nov 2017 15:16:33 +0000
To: bind9-public@isc.org
From: ondrej@isc.org
Subject: ECDSA is not supported with OpenSSL >= 1.1.0

My Debian has OpenSSL 1.1.0f (libssl-dev 1.1.0f-3+deb9u1) and the configure test fails with: checking for OpenSSL ECDSA support... no configure: error: ecdsa not supported We have to fix this before the release.
  Thu, 30 Nov 2017 10:17:50 -0500 Ondrej Sury <ondrej@isc.org> - Correspondence added

@stephen - do we have separate CI tests for OpenSSL 1.0 and OpenSSL 1.1?
Thu, 30 Nov 2017 10:17:51 -0500 The RT System itself - Status changed from 'new' to 'open'
  Thu, 30 Nov 2017 10:24:16 -0500 Ondrej Sury <ondrej@isc.org> - Correspondence added

Oh, I found the culprint, the confcheck tests fails with LeakSanitizer: ================================================================= ==25136==ERROR: LeakSanitizer: detected memory leaks Direct leak of 160 byte(s) in 2 object(s) allocated from: #0 0x4b94e8 in malloc (/home/ondrej/Projects/bind9/conftest+0x4b94e8) #1 0x7f24ebcfba5d in CRYPTO_zalloc (/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1+0x16ba5d) Indirect leak of 2104 byte(s) in 50 object(s) allocated from: #0 0x4b94e8 in malloc (/home/ondrej/Projects/bind9/conftest+0x4b94e8) #1 0x7f24ebcfba5d in CRYPTO_zalloc (/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1+0x16ba5d) Indirect leak of 416 byte(s) in 4 object(s) allocated from: #0 0x4b94e8 in malloc (/home/ondrej/Projects/bind9/conftest+0x4b94e8) #1 0x7f24ebc52cd6 in BN_MONT_CTX_new (/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1+0xc2cd6) Indirect leak of 40 byte(s) in 2 object(s) allocated from: #0 0x4b94e8 in malloc (/home/ondrej/Projects/bind9/conftest+0x4b94e8) #1 0x7f24ebc9413f in EC_GROUP_set_seed (/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1+0x10413f) SUMMARY: AddressSanitizer: 2720 byte(s) leaked in 58 allocation(s).
Thu, 30 Nov 2017 10:24:17 -0500 Ondrej Sury <ondrej@isc.org> - Status changed from 'open' to 'rejected'
Thu, 30 Nov 2017 11:07:16 -0500 Francis Dupont <Francis_Dupont@isc.org> - Given to Ondrej Sury <ondrej@isc.org>