On Fri, Oct 25, 2013 at 01:49:20PM -0400, Jeffrey Walton wrote:
> Forgive me for my ignorance here. I'm surveying methods to fix the
> problems with OpenSSL's PRNG after a fork.
>
> It looks like Exim calls RAND_cleanup after a fork.
Sure.
> It also looks like OpenSSL's RAND_cleanup clears the state *and*
> replaces the random method with NULL. From rand_lib.c:
>
> void RAND_cleanup(void)
> {
> const RAND_METHOD *meth = RAND_get_rand_method();
> if (meth && meth->cleanup)
> meth->cleanup();
> RAND_set_rand_method(NULL);
> }
[ And for the RAND_SSLeay method, it clears the "initialized" boolean,
so that the generator performs internal reseeding via RAND_poll() next
time RAND_status() is called. ]
Yes, but then the next call to RAND_get_rand_method() will reset the
method to RAND_SSELeay():
const RAND_METHOD *RAND_get_rand_method(void)
{
if (!default_RAND_meth)
{
#ifndef OPENSSL_NO_ENGINE
ENGINE *e = ENGINE_get_default_RAND();
if(e)
{
default_RAND_meth = ENGINE_get_RAND(e);
if(!default_RAND_meth)
{
ENGINE_finish(e);
e = NULL;
}
}
if(e)
funct_ref = e;
else
#endif
default_RAND_meth = RAND_SSLeay();
}
return default_RAND_meth;
}
> That means the call to RAND_seed should that follows should fail:
> [...]
The rest of analysis is therefore invalid (conclusions based on a
false premise).
--
Viktor.
