LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Impact of the Debian OpenSSL vulnerability

Impact of the Debian OpenSSL vulnerability

Posted May 17, 2008 12:10 UTC (Sat) by pflugstad (subscriber, #224)
In reply to: Impact of the Debian OpenSSL vulnerability by ianburrell
Parent article: Impact of the Debian OpenSSL vulnerability

Yes, this is exactly what happened.

OpenSSL has an internal random number generator. It uses MD5, SHA or some other hash (that's what the MD_Update function is that was commented out: Message Digests or hash function) over a pool of data.

When you first start up OpenSSL, and periodically during it's use, it/you add (or seed) more entropy to the pool by calling RAND_add. Typically, you'd call RAND_add, passing it a buffer of data from /dev/random or /dev/urandom. You keep doing this until until it got to a certain level of entropy. And then periodically call it again as entropy is used up.

Well, RAND_add maps to one of the functions that was patched by Debian to remove the MD_Update line that takes the provided buffer and stirs it into the pool. So basically, the only entropy left in the pool are basic things the OpenSSL like the process id.

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds