Mailing List Archive

http://bugzilla.mindrot.org/show_bug.cgi?id=968





------- Additional Comments From dtucker@zip.com.au 2005-02-16 12:32 -------
Created an attachment (id=827)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=827&action=view)
add a dummy seed_rng to placate HP-UX's linker

Since the patch uses strlcpy the linker now must pull in libopenbsd-compat for
ssh-rand-helper for platforms that don't have it natively.

Unfortunately, it appears that the HP-UX linker wants to resolve all of the
external symbols even if they're only used in functions not ultimately used in
the binary, and blows up thusly:

gcc -o ssh-rand-helper ssh-rand-helper.o -L. -Lopenbsd-compat/
-L/usr/local/ssl/lib -lssh -lopenbsd-compat -lcrypto -lz -lnsl -lxnet -lsec
/usr/ccs/bin/ld: Unsatisfied symbols:
seed_rng (first referenced in
openbsd-compat//libopenbsd-compat.a(bsd-arc4random.o)) (code)

The attached patch adds a dummy seed_rng. With this patch and #760 it builds
OK.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=968


dtucker@zip.com.au changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #760| |ok+
Flag| |




------- Additional Comments From dtucker@zip.com.au 2005-02-16 12:35 -------
(From update of attachment 760)
OK, subject to comment #10.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=968





------- Additional Comments From djm@mindrot.org 2005-02-16 12:37 -------
(From update of attachment 827)
Instead of doing nothing, could you make it spectacularly fprintf(stderr) and
exit(1)? If ssh-rand-helper ever somehow starts using arc4random, then it would
do so with an unseeded RC4...

Otherwise OK




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=968





------- Additional Comments From dtucker@zip.com.au 2005-02-16 12:38 -------
(From update of attachment 827)
> arc4random calls seed_rng so we need a dummy seed_rng.

Should also mention it's specifically the arc4random in libopenbsd-compat.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=968





------- Additional Comments From djm@mindrot.org 2005-02-16 13:03 -------
Yes, that is a good idea. BTW the mkstemp+rename thing is in now, so please
commit your linker fix soon.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=968





------- Additional Comments From dtucker@zip.com.au 2005-02-16 13:08 -------
(In reply to comment #12)
> (From update of attachment 827 [edit])
> Instead of doing nothing, could you make it spectacularly fprintf(stderr) and
> exit(1)? If ssh-rand-helper ever somehow starts using arc4random, then it
> would do so with an unseeded RC4...

Unfortunately, it doesn't seem to be that simple. seed_rng() *does* get called
right after all the processing but immediately before the output is written
(although I don't understand why).

If you believe gdb it's called by OpenSSL's CRYPTO_free() but that seems pretty
wacky. I put a debug in seed_rng and set a breakpoint on it:

#0 seed_rng () at ../../ssh-rand-helper.c:901
#1 0x0000f78c in CRYPTO_free ()
#2 0x000079d8 in _gettemp (
path=0x7f7e0ec8 "/home/dtucker/.ssh/prng_seed.XXXXX13501",
doopen=0x7f7e1348, domkdir=0, slen=0)
at ../../../openbsd-compat/mktemp.c:105
#3 0x00007b70 in mkstemp (
path=0x2a10980 <Error reading address 0x2a10980: Bad address>)
at ../../../openbsd-compat/mktemp.c:61
#4 0x00005d40 in prng_write_seedfile () at ../../ssh-rand-helper.c:585
#5 0x000067d8 in main (argc=2, argv=0x7f7e0500) at ../../ssh-rand-helper.c:866

Hey, gettemp() *does* call arc4random(), which calls seed_rng() so it looks like
I was wrong in blaming the linker. Checking RAND_status() seems to be the right
thing to do.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=968


dtucker@zip.com.au changed:

What |Removed |Added
----------------------------------------------------------------------------
Attachment #827 is|0 |1
obsolete| |




------- Additional Comments From dtucker@zip.com.au 2005-02-16 13:16 -------
Created an attachment (id=828)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=828&action=view)
provide seed_rng() and document why it's needed

Here's a better patch for seed_rng which I'll commit shortly.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=968





------- Additional Comments From stephen.berliner@ngc.com 2005-02-17 07:49 -------
(In reply to comment #16)
> Created an attachment (id=828)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=828&action=view) [edit]
> provide seed_rng() and document why it's needed
> Here's a better patch for seed_rng which I'll commit shortly.


OK. Should I be recompiling a patched versin of ssh-rand-helper. Or am I
waiting to see a patched seed_rng.

BTW thanks for all of your efforts. I will be passing on all this information
to our SA's and Management for review because we should be pathch upgrading
our version of ssh when appropriate and I think that may be an issue in this
problem.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=968





------- Additional Comments From dtucker@zip.com.au 2005-02-17 09:25 -------
If you want to use the patches you need only apply #760 and the result should
build OK on Solaris 8. (If it doesn't, just apply #828 on top).

This may or may not help in your situation. For a real fix, apply Sun patch
112438-03 or install prngd.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=968


dtucker@zip.com.au changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED




------- Additional Comments From dtucker@zip.com.au 2005-02-23 22:11 -------
This is as fixed as we can make it, as mentioned previously the real fix is to
install the Solaris /dev/random patch or prngd.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=968





------- Additional Comments From stephen.berliner@ngc.com 2005-02-24 01:32 -------
(In reply to comment #19)
> This is as fixed as we can make it, as mentioned previously the real fix is
to
> install the Solaris /dev/random patch or prngd.

Thank You.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.