On Wed, 14 May 2008, paul at clubi.ie wrote:
> Amazing tale though. There's just so much to marvel at here.. E.g.
> is anyone else bothered by the apparent strong dependence of the
> OpenSSL PRNG on uninitialised memory for entropy (since when does
> "uninitialised" == "random")?
Ah, oops, I should have kept reading before posting ;).
The problem was caused by the Debian maintainer not only fixing the
unintialised use of memory (in the "get random bytes" function -
which didnt matter too much), but also finding an identical line
elsewhere in the code and commenting that out too, for no good
reason. That line unfortunately was the LoC responsible for feeding
external, random input into the random-bits pool - effectively
disabling the RNG.
The problem wasn't noticed, I /think/, because the "get random bytes"
extraction function stirs in a tiny amount of entropy from getpid().
Paul Jakma paul at clubi.iepaul at jakma.org Key ID: 64A2FF6A
"Pascal is Pascal is Pascal is dog meat."
-- M. Devine and P. Larson, Computer Science 340
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!