FS#18564 - [openssl] 0.9.8m breaks encfs

Attached to Project: Arch Linux
Opened by Andreas (poison) - Thursday, 04 March 2010, 20:46 GMT
Last edited by Pierre Schmitz (Pierre) - Friday, 05 March 2010, 02:14 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Pierre Schmitz (Pierre)
Dan Griffiths (Ghost1227)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
Upon trying to mount:
20:56:24 (SSL_Cipher.cpp:832) encoding 28 bytes, got back 24 (0 in final_ex)
Error decoding volume key, password incorrect

Password is definately correct.
Downgrading to openssl-0.9.8l-1 fixes the problem

Additional info:
* package version(s)
core/openssl 0.9.8m-1

* config and/or log files etc.
encfs filesystem info:
---
Version 5 configuration; created by EncFS 1.3.2 (revision 20040813)
Filesystem cipher: "ssl/blowfish", version 2:1:1 (using 2:2:1)
Filename encoding: "nameio/block", version 3:0:1
Key Size: 160 bits
Block Size: 512 bytes
Each file contains 8 byte header with unique IV data.
Filenames encoded using IV chaining mode.

References:
---
Debian Bug#571810
debian-bugs-rc@lists.debian.org/msg211803.html"> http://www.mail-archive.com/debian-bugs-rc@lists.debian.org/msg211803.html


Steps to reproduce:
This task depends upon

Closed by  Pierre Schmitz (Pierre)
Friday, 05 March 2010, 02:14 GMT
Reason for closing:  Fixed
Comment by Andreas (poison) - Thursday, 04 March 2010, 20:49 GMT
sorry, flyspray messed up the URL.
http://groups.google.com/group/linux.debian.bugs.rc/browse_thread/thread/bfc0a462a88dbe57
Comment by Andreas (poison) - Thursday, 04 March 2010, 21:13 GMT
Of course I could have just posted http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571810 >.<
almost forgot:
community/encfs 1.5-9
Comment by Pierre Schmitz (Pierre) - Thursday, 04 March 2010, 21:40 GMT
I'll look into this. Just curious: Does this somehow corrupt your existing data or are you simply not able to access them until you downgrade or apply that patch?

For the record: The relevant upstream commit is http://cvs.openssl.org/chngview?cn=19336
Comment by Andreas (poison) - Thursday, 04 March 2010, 21:49 GMT
Hi ^^
The latter case :)
So far I didn't notice any corruption. Of course I don't keep checksums off all my files around.
But since I can't even mount with the new openssl version I doubt there is any writing and thus corruption going on.
thanks :)
Comment by Andreas (poison) - Thursday, 04 March 2010, 21:55 GMT
Now that you mentioned it and I took a closer look, there seem to be whole directories missing :/
Comment by Pierre Schmitz (Pierre) - Thursday, 04 March 2010, 22:38 GMT
Does openssl 0.9.8m-2 from [testing] solve the issue?
Comment by Markus (conky) - Friday, 05 March 2010, 00:16 GMT
nope the problem remains after upgrading...
i hope there was no corruption done, sensible data and last backup was 2 months ago :-(
Comment by Pierre Schmitz (Pierre) - Friday, 05 March 2010, 00:24 GMT
This is confusing as Debian reported that would fix the problem. Looks like I need to test encfs myself.

Edit: or do you get this error? http://code.google.com/p/encfs/issues/detail?id=60 This is different and related to boost, not openssl.
Comment by Markus (conky) - Friday, 05 March 2010, 00:37 GMT
ok, yes i meant this bugreport. i thought it is corresponding to this actual error
Comment by Pierre Schmitz (Pierre) - Friday, 05 March 2010, 00:43 GMT
Don't mix up openssl and boost related issues here. I am just interested if openssl 0.9.8m-2 fixes the problem mentioned by the creator of this bug report here.

The boost problem should be discussed at http://bugs.archlinux.org/task/18470

Loading...