openssl@3.2.0 update makes psql crash when connecting with TLS #155651
Comments
Can you post the full output log you get? psql is known in the past to output pointer errors that are actually a consequence of earlier errors. |
|
psql: error: connection to server at |
|
I am also experiencing this issue |
|
I was able to connect to my local postgresql instance (without SSL), but unable to connect to any remote server (all using TLS). First I tried:
Based on the recent homebrew updates, I suspected openssl and the downgrade to 3.1.4 worked immediately. I don't know if the problem is related to the way the |
|
I can reproduce with an asdf-built postgresql against last night's broz@REDACTED:~/src/REDACTED$ type psql
psql is hashed (/Users/broz/.asdf/shims/psql)
broz@REDACTED:~/src/REDACTED$ otool -L /Users/broz/.asdf/installs/postgres/16.1/bin/psql
/Users/broz/.asdf/installs/postgres/16.1/bin/psql:
/Users/broz/.asdf/installs/postgres/16.1/lib/libpq.5.dylib (compatibility version 5.0.0, current version 5.16.0)
/opt/homebrew/opt/openssl@3/lib/libssl.3.dylib (compatibility version 3.0.0, current version 3.0.0)
/opt/homebrew/opt/openssl@3/lib/libcrypto.3.dylib (compatibility version 3.0.0, current version 3.0.0)
/usr/lib/libz.1.dylib (compatibility version 1.0.0, current version 1.2.12)
/usr/lib/libedit.3.dylib (compatibility version 2.0.0, current version 3.0.0)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1336.0.0)
broz@REDACTED:~/src/REDACTED$ psql ${PROD_DATABASE_URL}
psql: error: connection to server at "REDACTED" (REDACTED), port 5432 failed: FATAL: no PostgreSQL user name specified in startup packet
connection to server at "REDACTED" (REDACTED), port 5432 failed: FATAL: no PostgreSQL user name specified in startup packet
psql(36909,0x1dfdc9ec0) malloc: double free for ptr 0x14a809200
psql(36909,0x1dfdc9ec0) malloc: *** set a breakpoint in malloc_error_break to debug
Abort trap: 6
broz@REDACTED:~/src/REDACTED$ |
|
Does someone have the steps to downgrade to 3.1.4? |
Thanks this is useful. Looks like it's doing the SSL handshake but failing to send data properly afterwards for some reason. Will take a look. |
curl -L https://raw.githubusercontent.com/Homebrew/homebrew-core/e68186ba5a05a6ea9a30d6c7744de9a46bd3aadd/Formula/o/openssl@3.rb > openssl@3.rb && brew install openssl@3.rb That's the commit that upgraded the formula from 3.1.4 to 3.2. Feel free to confirm for yourself though. |
|
I might add that The problem might be an incompatibility between To be sure we need to test another distribution of |
|
I am currently debugging this issue from the Postgres side. Here is a backtrace when something seems to go wrong. openssl is overwriting memory in the PGconn struct, which we later free in freePGconn because we think we allocated the memory (which we originally did). |
|
Additional information: Our PGconn is reinterpreted as a bss_sock_st. |
|
Yes, this is a misuse of diff --git a/src/interfaces/libpq/fe-secure-openssl.c b/src/interfaces/libpq/fe-secure-openssl.c
index 4aeaf08312..e669bdbf1d 100644
--- a/src/interfaces/libpq/fe-secure-openssl.c
+++ b/src/interfaces/libpq/fe-secure-openssl.c
@@ -1815,11 +1815,6 @@ PQsslAttribute(PGconn *conn, const char *attribute_name)
* see sock_read() and sock_write() in OpenSSL's crypto/bio/bss_sock.c.
*/
-#ifndef HAVE_BIO_GET_DATA
-#define BIO_get_data(bio) (bio->ptr)
-#define BIO_set_data(bio, data) (bio->ptr = data)
-#endif
-
/* protected by ssl_config_mutex */
static BIO_METHOD *my_bio_methods;
@@ -1828,7 +1823,7 @@ my_sock_read(BIO *h, char *buf, int size)
{
int res;
- res = pqsecure_raw_read((PGconn *) BIO_get_data(h), buf, size);
+ res = pqsecure_raw_read((PGconn *) BIO_get_app_data(h), buf, size);
BIO_clear_retry_flags(h);
if (res < 0)
{
@@ -1858,7 +1853,7 @@ my_sock_write(BIO *h, const char *buf, int size)
{
int res;
- res = pqsecure_raw_write((PGconn *) BIO_get_data(h), buf, size);
+ res = pqsecure_raw_write((PGconn *) BIO_get_app_data(h), buf, size);
BIO_clear_retry_flags(h);
if (res < 0)
{
@@ -1968,7 +1963,7 @@ my_SSL_set_fd(PGconn *conn, int fd)
SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
goto err;
}
- BIO_set_data(bio, conn);
+ BIO_set_app_data(bio, conn);
SSL_set_bio(conn->ssl, bio, bio);
BIO_set_fd(bio, fd, BIO_NOCLOSE);(+ could also remove configure checks for |
|
Can I get your name and email to credit you as co-author (or whatever you want me to put in the Co-authored-by trailer)? I think your patch may require changes to support older versions of openssl. Or I can review your patch when you send it to the pgsql-hackers mailing list. |
|
Actually, openssl 1.1.1 has BIO_{get,set,}_app_data(), so all good on your patch. |
|
Yeah it should have been around since the SSLeay days, though haven't actually tested every older version. Here's a full commit with my name & email attached as the author: Bo98/postgres@93f5791. Name & email should also be visible on my profile: https://github.com/Bo98. Please forward and modify as necessary - I've not fully looked into the patching process upstream and will be out for a few hours. |
|
@Bo98 thanks for your work on this! I will CC you on the email that I send to the list. |
|
For those curious: https://www.postgresql.org/message-id/CX9SU44GH3P4.17X6ZZUJ5D40N@neon.tech. |
Thanks so much for this. FYI to anyone who runs this: the first time I ran this, it didn't work, giving the error: Following these instructions and running |
|
I'm getting the same thing... one other note that pg_dump can dump my local database, but connecting remotely, I get: pg_dump: error: connection to server at "....rds.amazonaws.com" (x.x.x.x), port 5432 failed: FATAL: no PostgreSQL user name specified in startup packet |
|
Connecting locally is not going through openssl, so you don't experience the same problems. Apply the patch I posted to the mailing list if you want openssl 3.2 support. |
|
Homebrew's Postgreses now are compatible with openssl 3.2, please run |
It has one in upstream OpenSSL. The most recent OpenSSL release is hitting a compatibility issue with postgres, which seems like it'll get fixed by postgres using BIO_get_app_data. Add it on our end too. https://www.postgresql.org/message-id/CAN55FZ1eDDYsYaL7mv%2BoSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ%40mail.gmail.com Homebrew/homebrew-core#155651 Change-Id: I5bf226cc3506a114cd62f885a8c15006512dfc65 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/64227 Auto-Submit: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: Bob Beck <bbe@google.com>
It has one in upstream OpenSSL. The most recent OpenSSL release is hitting a compatibility issue with postgres, which seems like it'll get fixed by postgres using BIO_get_app_data. Add it on our end too. https://www.postgresql.org/message-id/CAN55FZ1eDDYsYaL7mv%2BoSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ%40mail.gmail.com Homebrew/homebrew-core#155651 Change-Id: I5bf226cc3506a114cd62f885a8c15006512dfc65 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/64227 Auto-Submit: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: Bob Beck <bbe@google.com> (cherry picked from commit 2139aba2e3e28cd1cdefbd9b48e2c31a75441203)
It has one in upstream OpenSSL. The most recent OpenSSL release is hitting a compatibility issue with postgres, which seems like it'll get fixed by postgres using BIO_get_app_data. Add it on our end too. https://www.postgresql.org/message-id/CAN55FZ1eDDYsYaL7mv%2BoSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ%40mail.gmail.com Homebrew/homebrew-core#155651 Change-Id: I5bf226cc3506a114cd62f885a8c15006512dfc65 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/64227 Auto-Submit: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: Bob Beck <bbe@google.com> (cherry picked from commit 2139aba2e3e28cd1cdefbd9b48e2c31a75441203) (cherry picked from commit 4861a03)
* Give BIO an ex_data It has one in upstream OpenSSL. The most recent OpenSSL release is hitting a compatibility issue with postgres, which seems like it'll get fixed by postgres using BIO_get_app_data. Add it on our end too. https://www.postgresql.org/message-id/CAN55FZ1eDDYsYaL7mv%2BoSLUij2h_u6hvD4Qmv-7PK7jkji0uyQ%40mail.gmail.com Homebrew/homebrew-core#155651 Change-Id: I5bf226cc3506a114cd62f885a8c15006512dfc65 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/64227 Auto-Submit: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: Bob Beck <bbe@google.com> (cherry picked from commit 2139aba2e3e28cd1cdefbd9b48e2c31a75441203) (cherry picked from commit 4861a03) * run clang-format and add test for BIO ex_data (cherry picked from commit c5b7335) * Fix postgres integration CI (#1330) postgres/postgres@c82207a broke some of the error string expectations we have for postgres. (cherry picked from commit 730e6e4) --------- Co-authored-by: David Benjamin <davidben@google.com>
|
This has helped me fix my error. Thank you so much for this post <3 |
|
Do we know where between php, pgsql, OpenSSL and Brew this bug arises? |
|
@thomas-shirley it was in pgsql. OpenSSL just exposed an incorrect API usage within pgsql |
|
Homebrew's build of PostgreSQL has this bug fixed. For builds from other vendors, you'll need to wait for a new release or ask the builder to incorporate the patch. |
This patch changes the OpenSSL version for the OS X builds to 3.1.4 since recent PostgreSQL versions contain a bug in the SSL handling and crash on OS X when OpenSSL 3.2.0 is used. See: Homebrew/homebrew-core#155651
This patch changes the OpenSSL version for the OS X builds to 3.1.4 since recent PostgreSQL versions contain a bug in the SSL handling and crash on OS X when OpenSSL 3.2.0 is used. See: Homebrew/homebrew-core#155651
This patch changes the OpenSSL version for the OS X builds to 3.1.4 since recent PostgreSQL versions contain a bug in the SSL handling and crash on OS X when OpenSSL 3.2.0 is used. See: Homebrew/homebrew-core#155651
|
hello ! i am still facing this issue i have done everything you did but still get the error using an engine with postgres + psycopg2 Thanks |
This patch changes the OpenSSL version for the OS X builds to 3.1.4 since recent PostgreSQL versions contain a bug in the SSL handling and crash on OS X when OpenSSL 3.2.0 is used. See: Homebrew/homebrew-core#155651
This patch changes the OpenSSL version for the OS X builds to 3.1.4 since recent PostgreSQL versions contain a bug in the SSL handling and crash on OS X when OpenSSL 3.2.0 is used. See: Homebrew/homebrew-core#155651
This patch changes the OpenSSL version for the OS X builds to 3.1.4 since recent PostgreSQL versions contain a bug in the SSL handling and crash on OS X when OpenSSL 3.2.0 is used. See: Homebrew/homebrew-core#155651
If you installed |
|
it fixed the issue, thanks a lot
|
|
FWIW, it seems possible that postgres fix for this issue will be in the yet to be stamped 14.11 |
brew gist-logs <formula>link ORbrew configANDbrew doctoroutputVerification
brew doctoroutput" saysYour system is ready to brew.and am still able to reproduce my issue.brew updateand am still able to reproduce my issue.brew doctorand that did not fix my problem.What were you trying to do (and why)?
I'm trying to use
psqlfrompostgresql@16to connect to a server that requires TLS.What happened (include all command output)?
psqlis crashing with a pointer error.What did you expect to happen?
psqlshould connect successfully to a TLS postgresql server.Step-by-step reproduction instructions (by running
brewcommands)The text was updated successfully, but these errors were encountered: