Date: Sun, 12 Mar 2006 01:43:49 GMT From: Doug White <dwhite@FreeBSD.org> To: freebsd-gnats-submit@FreeBSD.org Subject: bin/94377: /etc/rc.d/sshd improperly tests random dev state Message-ID: <200603120143.k2C1hnSR083316@www.freebsd.org> Resent-Message-ID: <200603120300.k2C30k1p053421@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 94377 >Category: bin >Synopsis: /etc/rc.d/sshd improperly tests random dev state >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Mar 12 03:00:46 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Doug White >Release: FreeBSD 6.1-PRERELEASE (GENERIC) #0: Thu Mar 9 15:08:53 PST 2006 >Organization: Gumbysoft >Environment: FreeBSD overseer.testrack.ixsystems.com 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #0: Thu Mar 9 15:08:53 PST 2006 dwhite@:/usr/obj/usr/src/sys/GENERIC i386 >Description: /etc/rc.d/sshd tests whether the kern.random.sys.seeded sysctl is set before prompting the user to seed the random device. The test incorrectly checks if the sysctl returns an empty string rather than checking if its value is zero. Since a numeric sysctl always returns a value if the call was successful, this leads to unnecessary PRNG state resets and user input. On my test machine it actually prevented the script from generating the keys if insufficient input was given to the PRNG initialization prompt. >How-To-Repeat: I found this by installing a system with sshd disabled in sysinstall, but it can be duplicated by shutting down ssh, removing the host keys, then running '/etc/rc.d/sshd start'. >Fix: (this patch is also available at http://people.freebsd.org/~dwhite/patches/sshd.20060310.patch) This patch fixes the issue identified in this PR and also correctly against sysctl failing and returning an empty string (if its somehow called while the random device is not loaded, for instance). =================================================================== RCS file: /home/ncvs/src/etc/rc.d/sshd,v retrieving revision 1.9 diff -u -r1.9 sshd --- sshd 23 Oct 2005 14:06:53 -0000 1.9 +++ sshd 12 Mar 2006 01:40:44 -0000 @@ -23,7 +23,7 @@ { ( seeded=`sysctl -n kern.random.sys.seeded 2>/dev/null` - if [ "${seeded}" != "" ] ; then + if [ "x${seeded}" != "x" ] && [ ${seeded} -eq 0 ] ; then warn "Setting entropy source to blocking mode." echo "====================================================" echo "Type a full screenful of random junk to unblock" >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200603120143.k2C1hnSR083316>