LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Cryptographic weakness on Debian systems

Cryptographic weakness on Debian systems

Posted May 13, 2008 20:30 UTC (Tue) by lambda (subscriber, #40735)
In reply to: Cryptographic weakness on Debian systems by bronson
Parent article: Cryptographic weakness on Debian systems

There were two lines that the Debian maintainer commented out; one that was pulling in some entropy from uninitialized buffers, and one that was the actual interface to seed the random number generator. It was perfectly reasonable to remove the line that was pulling in entropy from an uninitialized buffer; it was in the ssleay_rand_bytes function, which is supposed to use the provided buffer to output random bytes, and for some reason it happened to be using that uninitialized data to mix a little bit of extra entropy into the pool (you're not going to get very good entropy from that, but it's not particularly harmful, other than making tools like Valgrind complain).

But in the other case, in ssleay_rand_add, the buffer is an input buffer, and it is the very function used to seed the random number generator with actual entropy. Commenting that line out was completely and utterly wrong, and if someone was providing that function with an uninitialized buffer, it's the call site that should have been fixed, not that function. The amazing thing is that this passed whatever review processes Debian has in place, was sent to the openssl-dev mailing list, and still no one noticed. The openssl people are claiming that openssl- dev is the wrong place to send it, but even still, some of the people who replied on that thread have @openssl.org addresses, so it's a fairly reasonable assumption to make that the openssl developers did read that thread and had no problem with the patch.

(Log in to post comments)

Cryptographic weakness on Debian systems

Posted May 14, 2008 3:25 UTC (Wed) by drag (subscriber, #31333) [Link] 

That's pretty funny that the development mailing list ( *-dev == development in every other
mailing list in existance)  is the incorrect place to try to communicate with developers.

Were on OpenSSL's website do they give the correct place to try to talk to developers then?

Cryptographic weakness on Debian systems

Posted May 14, 2008 9:39 UTC (Wed) by branden (subscriber, #7029) [Link]

Were on OpenSSL's website do they give the correct place to try to talk to developers then?
They don't.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds