libgcrypt brain dead?
Hello,
A number of packages, such as openldap have been changed to support
gnutls, instead of openssl, to avoid licensing issues in openssl.
However, it appears that gnutls uses libgcrypt, and libgcrypt has
several serious design issues.
1. libgcrypt doesn't cleanup properly on dlclose, and apparently won't
fix the problem:
http://bugs.debian.org/543941
This makes gcrypt unsuitable in PAM or NSS.
I was told that the fix is to 'add "__attribute__((destructor))" to a
cleanup function'
2. libgcrypt drops root privileges if called setuid on the assumption
the only reason the program is setuid root is so it can lock memory.
Unfortunately this breaks every setuid program tat uses PAM when PAM
is configured to use ldap and ldap is configured to use gnutls,
because gnutls uses gcrypt.
https://bugs.launchpad.net/ubuntu/+source/schroot/+bug/486944
http://bugs.debian.org/566351
http://mid.gmane.org/878wbju9is.fsf@vigenere.g10code.de
Unfortunately, gcrypt is used by gnutls, which is used in ldap, which
is frequently used in PAM and NSS. So this is an issue. There might be
other NSS and PAM modules that use it too.
What is the solution? Should we go back to using openssl, at least
with libraries such as openldap that are commonly used in pam and nss
modules?
Or is there another way?
Alternatively, have I got something wrong?
--
Brian May <brian@microcomaustralia.com.au>
Reply to: