Problems with Box Backup and OpenSSL 0.9.8d/e

[chris]

Several users have reported problems with Cipher EVPFinalFailure (5/6) errors after upgrading to OpenSSL 0.9.8e:

• Eric Cronin (1/5/2007, see  http://lists.warhead.org.uk/pipermail/boxbackup/2007-May/003469.html and  http://lists.warhead.org.uk/pipermail/boxbackup/2007-May/003470.html)
• Marco Bartholomew (27/4/2007, see  http://lists.warhead.org.uk/pipermail/boxbackup/2007-April/003455.html)

Marco reports that the bug is listed in Arch Linux at  http://archlinux.org/news/313/, which refers to:

•  http://www.mail-archive.com/openssl-users@openssl.org/msg48671.html
•  http://archlinux.org/pipermail/arch-dev-public/2007-April/000322.html
•  http://archlinux.org/pipermail/arch-dev-public/2007-April/000336.html

On May 1, 2007, at 2:17 PM, Eric Cronin wrote:

Looking into it more, its not surprising at all, the bug is entirely client-side having to do with encryption/decryption of blocks. Basically the bug introduced in 0.9.8e changes EVP_encrypt/EVP_decrypt such that they produce incompatible ciphertext from earlier versions or other implementations of blowfish.

The correct solution is NOT what I did, unless you know you are unable to upgrade/downgrade openssl for an extended period and need backups in the meantime: once a new version of openssl is installed on the client which corrects the bug your openssl 0.9.8e encrypted blocks will now be unreadable. The best solution is to downgrade to 0.9.8d or to patch 0.9.8e's source with  http://cvs.openssl.org/chngview?cn=15978, that one line patch is what broke compatibility.

There may be a separate issue with 0.9.8d, although it looks quite obscure:

•  http://lists.warhead.org.uk/pipermail/boxbackup/2007-April/003463.html

I believe that this is an external problem (with OpenSSL), but if anyone can confirm that it's not, then please let me know.

[chris]

Don't use OpenSSL 0.9.8e.