Shibd crash
Description
Environment
Linux 2.6.18-53.el5PAE
Attachments
- 26 Jun 2009, 02:36 AM
- 25 Jun 2009, 04:09 PM
- 25 Jun 2009, 03:20 PM
- 25 Jun 2009, 03:20 PM
- 25 Jun 2009, 03:20 PM
- 25 Jun 2009, 04:50 AM
- 08 Jun 2009, 12:07 PM
- 08 Jun 2009, 12:07 PM
- 08 Jun 2009, 10:29 AM
Activity
Roger August 14, 2009 at 5:57 PM
I'm seeing this nesting problem using Apache XML Security, but it is not benign. Although the XML encrypted file can be decrypted in Java, it will not decrypt in .Net. .Net raises this error: "[CryptographicException: Unable to retrieve the decryption key.]" Seems to mess up the parsing. By manually editing the encrypted document (moving X509Data inside the Encrypted Key element, and wrapping the X509Data element in a second KeyInfo element), all becomes well, so it does appear to be the same type of problem.
—
Scott Cantor added a comment - 25/Jun/09 05:08 PM
Lots of fun here...was investigating another aspect of the message and there's another bug in the IdP. It's including the public key of the SP in the message by placing the X509Data element containing the certificate next to the EncryptedKey element instead of as a child element of a KeyInfo element inside the EncryptedKey.
This doesn't prevent decryption, but it violates the proper layout causing additional work for the SP, and is nonsensical from an XML Encryption point of view.
In other words, it's sending this:
EncryptedData
KeyInfo
EncryptedKey
X509Data (with SP's key)
The correct nesting is this:
EncryptedData
KeyInfo
EncryptedKey
KeyInfo
X509Data (with SP's key)
There is a small chance this is related to your crash (which would still be a bug in the SP), but I doubt it.
Scott Cantor June 26, 2009 at 2:44 PM
If you need additional help, please use the mailing list. In terms of your metadata, I don't know why I can't verify the signature, but if it works on your end that's fine. I will say you have a bug in your configuration caused by improperly stripping rules out of the SecurityPolicy at the bottom. You need to start over with a standard configuration to avoid security holes in your system.
With respect to the patch, I would suggest you NOT try to fix the problem other than by getting the IdP to stop sending a broken/invalid encryption message, but building a patched version requires checking out the branch from subversion and building it from source (or generating an RPM from that).
Sébastien PIAU June 26, 2009 at 2:36 AM
Scott,
I've send you the IDP metadata file I use. Do you wan't my shibboleth2.xml file too?
You'll find in attachment the shibd.log file from latest tests (which have generated the last stack trace when shibd crashes).
As you'll see, I didn't see any WARN message. Maybe the base64 file incorrect? I cannot send assertion myself with a browser. So, how can I do in order to get the assertion sending by the browser? For the moment, I copy/paste the decoded assertion from the shibd.log file the encode it in base 64...
How to use the patch you generated? By replacing the files in SRPM file and build the package again?
Thanks a lot for the debug works.
Scott Cantor June 25, 2009 at 10:37 PM
Scott Cantor June 25, 2009 at 5:13 PM
The bug is in xmltooling and is caused by a failure to clean up a pointer when a related object is deleted.
The trigger for this is the incorrect KeyInfo structure the IdP is producing that I described up above in a comment. It causes the decryption code to extract a public key from the top level KeyInfo object inside EncryptedData, which is useless since the encryption key is a wrapped symmetric key. That results in the code dropping into the key decryption routine, which then processes the EncryptedKey element and looks for a KeyInfo inside it. Since there is no such child, it "clears" the KeyInfo from an internal object, but fails to dispose of the pointer to the public key it extracted earlier, and continues to use it, resulting in a crash because the pointer is to a deleted object.
I'm moving the issue to xmltooling since that's the actual spot of the bug.
As I haven't access to the IdP link in order to authenticate and test the assertion, I try to replay the assertion from my own computer.
Shibd.log says :
2009-06-08 16:14:02 DEBUG OpenSAML.MessageDecoder.SAML2 [2]: message from (federation.gsk.com)
2009-06-08 16:14:02 DEBUG OpenSAML.MessageDecoder.SAML2 [2]: searching metadata for message issuer...
2009-06-08 16:14:02 DEBUG OpenSAML.SecurityPolicyRule.MessageFlow [2]: evaluating message flow policy (replay checking on, expiration 60)
2009-06-08 16:14:02 DEBUG XMLTooling.StorageService [2]: inserted record (_059c1567733d5ca73a76f8e7724802550e07) in context (MessageFlow)
2009-06-08 16:14:02 DEBUG Shibboleth.SSO.SAML2 [2]: processing message against SAML 2.0 SSO profile
2009-06-08 16:14:02 DEBUG XMLTooling.KeyInfoResolver.Inline [2]: resolving ds:X509Certificate
2009-06-08 16:14:02 DEBUG XMLTooling.KeyInfoResolver.Inline [2]: resolved 1 certificate(s)
And the fake assertion emitter receive a ListenerException :
shibsp::ListenerException at (https://OBFUSCATED/Shibboleth.sso/SAML2/POST)
Failure receiving response to remoted message (default/SAML2/POST)
Then if I try to ask shibboleth again, I receive :
shibsp::ListenerException at (https://OBFUSCATED/Shibboleth.sso/SAML2/POST)
Cannot connect to shibd process, a site adminstrator should be notified.
On the SP side Shibboleth is down :
[root@frfcqws941ix3r8 shibboleth]# ps -Al | grep shibd
[root@frfcqws941ix3r8 shibboleth]# service shibd start
Starting shibd: lock file found but no process running for pid 15460, continuing
Please find the assertion as attachment.
Please, let me know if you need more informations or data.