Re: [exim-dev] Question on OpenSSL random/fork fix

Top Page

Reply to this message
Author: Viktor Dukhovni
To: exim-dev
Subject: Re: [exim-dev] Question on OpenSSL random/fork fix
On Fri, Oct 25, 2013 at 01:49:20PM -0400, Jeffrey Walton wrote:

> Forgive me for my ignorance here. I'm surveying methods to fix the
> problems with OpenSSL's PRNG after a fork.
> It looks like Exim calls RAND_cleanup after a fork.


> It also looks like OpenSSL's RAND_cleanup clears the state *and*
> replaces the random method with NULL. From rand_lib.c:
> void RAND_cleanup(void)
>     {
>     const RAND_METHOD *meth = RAND_get_rand_method();
>     if (meth && meth->cleanup)
>         meth->cleanup();
>     RAND_set_rand_method(NULL);
>     }

[ And for the RAND_SSLeay method, it clears the "initialized" boolean,
so that the generator performs internal reseeding via RAND_poll() next
time RAND_status() is called. ]

Yes, but then the next call to RAND_get_rand_method() will reset the
method to RAND_SSELeay():

    const RAND_METHOD *RAND_get_rand_method(void)
        if (!default_RAND_meth)
            ENGINE *e = ENGINE_get_default_RAND();
                default_RAND_meth = ENGINE_get_RAND(e);
                    e = NULL;
                funct_ref = e;
                default_RAND_meth = RAND_SSLeay();
        return default_RAND_meth;

> That means the call to RAND_seed should that follows should fail:
> [...]

The rest of analysis is therefore invalid (conclusions based on a
false premise).