[22248] in bugtraq
qmail starttls patch does not seed the random number generator
daemon@ATHENA.MIT.EDU (Felix von Leitner)
Wed Aug 15 11:28:34 2001
Date: Wed, 15 Aug 2001 02:57:36 +0200
From: Felix von Leitner <felix-qmail@fefe.de>
To: qmail@list.cr.yp.to
Cc: jos-tls@kotnet.org, bugtraq@securityfocus.com
Message-ID: <20010815025736.A11987@codeblau.de>
Mail-Followup-To: qmail@list.cr.yp.to, jos-tls@kotnet.org,
bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
openssl-0.9.6b does not allow ssl/tls connections when the random number
has not been seeded. This is a good idea, and it exposes that the
starttls patch for qmail does not seed the random number generator.
Here is a small patch that fixes the problem in qmail-remote for systems
that support /dev/urandom (the same can be done for qmail-smtpd but I
can't test it right now). Not seeding the random number generator is a
serious bug and it completely compromises the cryptographic privacy of
TLS encrypted emails.
Felix
--- qmail-1.03/qmail-remote.c Wed Aug 15 02:52:23 2001
+++ qmail-1.03-diet/qmail-remote.c Wed Aug 15 02:43:07 2001
@@ -431,6 +431,13 @@
SSL_set_fd(ssl,smtpfd);
alarm(timeout);
+ {
+ int randfd=open_read("/dev/urandom");
+ char buf[64];
+ int len=read(randfd,buf,64);
+ close(randfd);
+ if (len>32) RAND_seed(buf,len);
+ }
r = SSL_connect(ssl); saveerrno = errno;
alarm(0);
if (flagtimedout)
