Bug#387448: empty entropy pool leads to DOS

Yuri D'Elia wavexx at yuv.info
Thu Sep 14 12:57:38 UTC 2006


Package: exim4
Version: 4.63-3
Severity: important

I know this has been reported before to death [since gnutls is being used],
but I will just add another twist, since I'm tired of rebuilding exim with
OpenSSL manually.

GnuTLS drains the entropy pool much more quickly than OpenSSL. On server
systems without hardware generators, /dev/random drains very quickly, meaning
that exim will often block. But exim should NOT block, or even wait, in
STARTTLS. It is possible to make the system drain its entropy and then issue
several connections all waiting in STARTTLS, until the maximal number of
connection is reached. Combine this with the fact that it is possible to
maintain the connection alive for eternity with a SO_KEEPALIVE connection, and
also exim doesn't seem to terminate the process when the connection is closed
in this state, and you get very easy denial of service which will refuse all
further (including normal) connections.

This is a bug in exim. exim should NOT block in STARTTLS. keys must be
generated in background or by other means, and the unavailability of data at
STARTTLS should generate and immediate temporary failure to avoid other DOS
conditions.


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.9-ac11
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages exim4 depends on:
ii  exim4-base                    4.63-3     support files for all exim MTA (v4
ii  exim4-daemon-light            4.63-3     lightweight exim MTA (v4) daemon

exim4 recommends no packages.

-- no debconf information




More information about the Pkg-exim4-maintainers mailing list