httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cliff Woolley <jwool...@apache.org>
Subject Re: prng seeding in mod_ssl 2.8.6
Date Fri, 10 May 2002 21:38:59 GMT
On Fri, 10 May 2002, Joe Orton wrote:

> On Fri, May 10, 2002 at 05:51:04PM +0100, Noel O'Kelly wrote:
> > We have a report of a  problem from 2.8.6 onwards due to a change in the
> > seeding of the PRNG which halves the
> > performance of SSL requests. Any update on this ???
>
> Hi, here's the fix we're using...
>
> Submitted by: Nalin Dahyabhai <nalin@redhat.com>
>
> --- mod_ssl/pkg.sslmod/ssl_engine_rand.c
> +++ mod_ssl/pkg.sslmod/ssl_engine_rand.c
> @@ -156,6 +156,9 @@
>                   */
>                  if (ap_scoreboard_image != NULL && SCOREBOARD_SIZE > 16)
{
>                      m = ((SCOREBOARD_SIZE / 2) - 1);
> +                    if (m > 1024) {
> +                        m = 1024;
> +                    }
>                      n = ssl_rand_choosenum(0, m);
>                      RAND_seed(((unsigned char *)ap_scoreboard_image)+n, m);
>                      nDone += m;


FYI, this problem does not affect Apache 2.0+mod_ssl.  It _would_ have,
because I forward-ported this change to Apache 2.0 between 2.0.32 and
2.0.33.

http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_rand.c.diff?r1=1.11&r2=1.12

But the group consensus was that we should *not* be using the scoreboard a
source of entropy at all because it's too easy for the client to
manipulate.  And then there's this problem.  At any rate, the patch was
reverted out of Apache 2.0 prior to 2.0.33.

http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_rand.c.diff?r1=1.12&r2=1.13

I'd suggest the same change in 2.8.9-dev: just get rid of the scoreboard
as a source of entropy altogether.

--Cliff


Mime
View raw message