Bareos Bug Tracker
Bareos Bug Tracker

View Issue Details Jump to Notes ] Related Changesets ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000838bareos-core[All Projects] file daemonpublic2017-07-25 22:432017-08-07 15:41
Reporterdebfx 
Assigned Tojoergs 
PrioritynormalSeveritymajorReproducibilityalways
StatusresolvedResolutionfixed 
PlatformLinuxOSDebianOS Version9
Product Version16.2.6 
Target VersionFixed in Version 
Summary0000838: File corruption with SHA1 signature
DescriptionBareos 16.2.6 corrupts files when Signature=SHA1 is set in the FileSet configuration.

Tested with 16.2.4 and 16.2.6 with the Debian package (that uses gnutls as crypto backend) and sqlite3.

Very short file don't seem to be corrupted. Attached is an example of a corrupted restored file.

Downstream bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869608 [^]
Steps To ReproduceCopied from Debian bug:


1) install bareos 16.2.4 client and server packages - all with
defaults.
2) run a SelfTest backup of the client/server.
3) Restore a file from this backup - everything should be fine.

4) now change
Signature = SHA1
in /etc/bareos/bareos-dir.d/fileset/SelfTest.conf

5) run another SelfTest Full backup
6) restore a file from this new backup

The restored file is corrupted.
TagsNo tags attached.
bareos-master: impactno
bareos-master: action
bareos-16.2: impactno
bareos-16.2: action
bareos-15.2: impactno
bareos-15.2: action
bareos-14.2: impactno
bareos-14.2: action
bareos-13.2: impactno
bareos-13.2: action
bareos-12.4: impactno
bareos-12.4: action
Attached Files? file icon upgrade-from-grub-legacy.corrupt [^] (1,524 bytes) 2017-07-25 22:43
? file icon upgrade-from-grub-legacy.org [^] (1,524 bytes) 2017-07-25 22:44
patch file icon 0001-bugfix-prevents-file-corruptions-by-SHA1.patch [^] (867 bytes) 2017-07-26 22:04 [Show Content]

- Relationships

-  Notes
(0002689)
tigerfoot (developer)
2017-07-26 07:12

This report started as a question on bareos-user ml
https://groups.google.com/forum/#!topic/bareos-users/ORFYCMF73tI [^]

I hope you know the Debian limitation due to gnutls use ?

http://doc.bareos.org/master/html/bareos-manual-main-reference.html#x1-481000B.1.3 [^]

And you don't have data encryption.

16.2.x is working on bareos.org / bareos.com builds with openSUSE dir,sd,fd and windows (2003-2016)
(0002690)
debfx (reporter)
2017-07-26 08:14

Yes, I'm aware of the feature limitations. However the amount of testing (or lack thereof) the gnutls backend receives is much more concerning to me.
(0002692)
joergs (administrator)
2017-07-26 18:36

It seam to work fine with packages from bareos.org/bareos.com.

gnutls (instead of openssl) is something we don't use in bareos.org/bareos.com packages, therefore it is not tested through our automated package testing and also not by https://github.com/bareos/bareos-regress. [^]

We already do automated testing of Bareos for all platforms we support. That are 37 Linux distribution (different releases + platforms), multiple Windows versions and Solaris. The Linux variants for all 3 different database backends.

We are not able to test it with all possible compile options.
(0002693)
joergs (administrator)
2017-07-26 22:09

The attached patch solves the issue. Please note, that the file in question have not been modified since 2014, therefore this bug must have been there all the time.

Again, this bug have never affected bareos.org/bareos.com packages.

It might be a good idea, to participate on https://github.com/bareos/bareos-regress. [^]
I've added a sha1 test there, and will publish it soon.
(0002698)
joergs (administrator)
2017-08-07 15:41

Fix committed to bareos bareos-16.2 branch with changesetid 7069.

- Related Changesets
bareos: bareos-16.2 38d0aec7
Timestamp: 2017-07-26 21:57:38
Author: joergs
Ported: N/A
Details ] Diff ]
bugfix: prevents file corruptions by SHA1

Fixes a bug when using SHA1 file signatures in Bareos version compiled
without openssl.

Fixes 0000838: File corruption with SHA1 signature
mod - src/lib/sha1.c Diff ] File ]

- Issue History
Date Modified Username Field Change
2017-07-25 22:43 debfx New Issue
2017-07-25 22:43 debfx File Added: upgrade-from-grub-legacy.corrupt
2017-07-25 22:44 debfx File Added: upgrade-from-grub-legacy.org
2017-07-26 07:12 tigerfoot Note Added: 0002689
2017-07-26 08:14 debfx Note Added: 0002690
2017-07-26 18:36 joergs Note Added: 0002692
2017-07-26 18:37 joergs bareos-master: impact => no
2017-07-26 18:37 joergs bareos-16.2: impact => no
2017-07-26 18:37 joergs bareos-15.2: impact => no
2017-07-26 18:37 joergs bareos-14.2: impact => no
2017-07-26 18:37 joergs bareos-13.2: impact => no
2017-07-26 18:37 joergs bareos-12.4: impact => no
2017-07-26 22:04 joergs File Added: 0001-bugfix-prevents-file-corruptions-by-SHA1.patch
2017-07-26 22:09 joergs Note Added: 0002693
2017-07-26 22:09 joergs Status new => resolved
2017-07-26 22:09 joergs Resolution open => fixed
2017-07-26 22:09 joergs Assigned To => joergs
2017-08-07 15:41 joergs Changeset attached => bareos bareos-16.2 38d0aec7
2017-08-07 15:41 joergs Note Added: 0002698


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker