Debian messed OpenSSL (again)
Hi everyone,
The version of OpenSSL distributed with Debian 6 applies this patch:
Index: openssl-0.9.8k/crypto/rand/md_rand.c
===================================================================
--- openssl-0.9.8k.orig/crypto/rand/md_rand.c 2008-09-16
13:50:05.000000000 +0200
+++ openssl-0.9.8k/crypto/rand/md_rand.c 2009-07-19
11:36:05.000000000 +0200
@@ -477,8 +477,10 @@
MD_Update(&m,local_md,MD_DIGEST_LENGTH);
MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
#ifndef PURIFY
+#if 0 /* Don't add uninitialised data. */
MD_Update(&m,buf,j); /* purify complains */
#endif
+#endif
k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
if (k > 0)
{
(valgrind.patch)
This essentially cripples the ssleay_rand_bytes() and
ssleay_rand_pseudo_bytes() functions, which in turn are used extensively
throughout the code for salt generation, initialization vectors, writing
private keys, etc... under the names of RAND_bytes() and
RAND_pseudo_bytes().
Please note that this is essentially the second half of the same patch
that was already retracted for crippling OpenSSL a few years ago, and
while this is less damaging, since at least RAND_add() still works,
there are still function where only RAND_bytes() or RAND_pseudo_bytes()
are used, like for example EVP_CIPHER_CTX_rand_key(). And in those who
also use RAND_add() it still weakens the algorithm by discarding one
source of random data.
I believe that this patch should be reverted.
Ciao,
Vincenzo
Reply to: