Regarding the optional OpenSSL integration for the portable version
William Ahern
william at 25thandClement.com
Sat May 3 05:40:00 EST 2014
On Fri, May 02, 2014 at 02:56:59PM +1000, Damien Miller wrote:
> On Thu, 1 May 2014, Brent Cook wrote:
>
> > Hi,
> >
> > I have been working on a portable LibreSSL build tree for a little
> > while to test the waters: http://github.com/busterb/libressl
> >
> > Someone noticed an issue with the arc4random
> > implementation that I originally grabbed from libbsd
> > https://github.com/busterb/libressl/issues/1
> >
> > So, I looked at how OpenSSH handles it, and noticed that it uses the
> > random functions from OpenSSL unconditionally to seed the state of its
> > version of arc4random.
>
> I haven't ported the no-OpenSSL changes yet and haven't thought about
> how I'll handle arc4random.
>
> I'll probably make an explicit arc4random_stir() function that we can
> call in various places. OpenBSD has put some effort in to ensure that
> the kernel PRNG is available in pretty much any context (privileged,
> unprivileged, in chroot without devices, etc.) and AFAIK no other OS
> does this.
NetBSD and FreeBSD (as of 10.0) both use a sysctl, just like OpenBSD. Linux
also has an obscure sysctl which pulls directly from the internal CSPRNG. So
all of these will work in a jail without /dev or /proc.
OS X still seeds itself from /dev/urandom in its arc4random implementation,
as it inherited FreeBSD's old code. Solaris sadly only has
/dev/urandom.
For my Lua bindings to OpenSSL I use all of these different mechanisms to
explicitly seed OpenSSL. The code is in randL_stir. Here's a direct link:
https://github.com/wahern/luaossl/blob/dd0ad8dc1b0962fc80dbf680aadaaaba6536c96b/src/openssl.c#L4008
More information about the openssh-unix-dev
mailing list