On jeu, 2008-05-15 at 23:38 +0200, Steffen Schulz wrote: > or what its worth...I see 3.5 problems that accumulated into this > mess: > > - OpenSSL is complex and critical but the code is little documented. > Code pieces like the ones in question should have warning-labels > printed all over them and a distinguished place and interface. There was a #ifndef PURIFY just before the instruction commented by #if 0. > - There are published algorithms for good PRNGs, no need to help > yourself with adding unintialized memory and praying the OS does a > good job already. You talk about the first instruction which doesn't add entropy in every case, but doesn't hurt (except the lintian warning). The problem was with the second one, which added the entropy pool the content of a now initialized buffer. > - I don't know how much of an effort was made, to get the fix into > upstream, but it seems it wasn't enough. Not enough to get a > sufficient level of peer review. Instead it was decided to manage > yet > another debian-specific patch. There wasn't any fix, that's why. The “#ifdef PURIFY” was there for a reason. This issue is complex, not much people understand it 100% correctly (I'm not in those people), but please don't repeat wrong stuff seen here and there. Cheers, -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part