slightly overzealous RNG seeding?
Irving Popovetsky
irving at samurai.sfo.dead-dog.com
Thu Aug 31 13:30:36 EST 2000
Cool, that fixed it! I can't believe I missed that one ....
Thanks!
-Irving
On Thu, Aug 31, 2000 at 12:39:14PM +1100, Damien Miller wrote:
> On Wed, 30 Aug 2000, Irving Popovetsky wrote:
>
> > Hello again,
> >
> > I was testing today's SNAP (openssh-SNAP-20000830.tar.gz) in my
> > Solaris 2.6-8 environment, when I found some problems with the ssh2
> > support.
> >
> > While connecting, it seeds the RNG something like 32 times! And then
> > once connected, it seeds again 2 or 3 times with *every* keystroke! This
> > makes for some slow going. This happens on all of the Solaris boxes I
> > tried. Binary was compiled on 2.6 against OpenSSL 0.9.5a.
>
> Yes - my mistake:
>
> Index: bsd-arc4random.c
> ===================================================================
> RCS file: /var/cvs/openssh/bsd-arc4random.c,v
> retrieving revision 1.3
> retrieving revision 1.4
> diff -u -r1.3 -r1.4
> --- bsd-arc4random.c 2000/08/29 22:40:09 1.3
> +++ bsd-arc4random.c 2000/08/30 03:06:35 1.4
> @@ -37,7 +37,7 @@
> #define SEED_SIZE 20
>
> /* Number of bytes to reseed after */
> -#define REKEY_BYTES (1 >> 18)
> +#define REKEY_BYTES (1 << 18)
>
> static int rc4_ready = 0;
> static RC4_KEY rc4;
>
>
>
> --
> | ``The power of accurate observation is | Damien Miller <djm at mindrot.org>
> | commonly called cynicism by those who | @Work <djm at ibs.com.au>
> | have not got it'' - George Bernard Shaw | http://www.mindrot.org
>
More information about the openssh-unix-dev
mailing list