Patch: OpenSSH 2.1.0 under Solaris 8, Solaris 7 and other systems, too

Andre Lucas andre.lucas at dial.pipex.com
Sat May 13 00:36:33 EST 2000


Well spotted. Doh.

I think an even better way to fix this would be to save the string as
parsed from ssh_prng_cmds in the command's entropy_source_t, and print
that in debug messages. It's a tiny amount of memory for what is, as you
say, useful debugging info.

So useful, in fact, that the bug occurred when I added the second
parameter to Damien's prng code, likely as a temporary measure, and left
it in...

-Andre

Bladt Norbert wrote:
> 
> Hi !
> 
> Karsten Thygesen wrote:
> >>>>> "carl" == carl  <carl at bl.echidna.id.au> writes:
> 
> > carl> Marc, I'm seeing the same problem if I use the inbuilt entropy
> > carl> generator, but if I use SUNWski's /dev/random, it's fine.
> 
> > carl> ssh also coredumps if I use the built in entropy generator if I
> > carl> run it in verbose mode.
> 
> > carl> This is on a Sun SPARC 10 running Solaris 8
> 
> > The same goes for Solaris-7. I also switched to SUNWski and it works
> > just fine.
> 
> I found some time debugging the problem with using the built-in entropy
> generator in openssh-2.1.0. In the current condition, it should crash on
> every reasonable (?) system.
> 
> The problem is in entropy.c in a debug call with a string argument
> (%s) of 0, if the command in ssh_prng_commands has no arg.
> Interesting enough, there is a "#if 1" in front of the offending
> statement and there is a note "FIXME: turn this off later", too.
> Why turn it off, it should work now and is a useful information
> in debug mode.
> 
> Patch is following here - it works for me and my ssh_prng_cmds, YMMV:
> 
> *** entropy.c.orig      Tue May  2 01:56:41 2000
> --- entropy.c   Fri May 12 15:25:57 2000
> ***************
> *** 225,233 ****
> --- 225,238 ----
>                         } else {
>   /* FIXME: turn this off later */
>   #if 1
> +                               if (entropy_sources[c].args[2] != 0)
>                                 debug("Command '%s %s %s' disabled (badness
> %d)",
>                                         entropy_sources[c].path,
> entropy_sources[c].args[1],
>                                         entropy_sources[c].args[2],
> entropy_sources[c].badness);
> +                               else
> +                               debug("Command '%s %s' disabled (badness
> %d)",
> +                                       entropy_sources[c].path,
> entropy_sources[c].args[1],
> +                                       entropy_sources[c].badness);
>   #endif
> 
>                                 if (entropy_sources[c].badness > 0)
> 
> --
> Norbert Bladt
> ATAG debis Informatik, TZ1 - Z364
> Industriestrasse 1, CH 3052-Zollikofen
> E-Mail: norbert.bladt at adi.ch Tel.: +41 31 915 3964 Fax: +41 31 915 3640





More information about the openssh-unix-dev mailing list