Bug#387448: empty entropy pool leads to DOS
Yuri D'Elia
wavexx at yuv.info
Sat Sep 16 16:09:35 UTC 2006
On 16 Sep 2006, at 15:39, Andreas Metzler wrote:
> Hello,
> Do you have gnutls-bin installed at all?
>
> The only thing causing exim to block on STARTTLS is key and dh-param
> generation. Both is done offline (/etc/cron.daily/exim4-base invoking
> /usr/share/exim4/exim4_refresh_gnutls-params which uses certtool).
I noticed that gnutls-bin was "suggested" after the maintainer reply.
Since I already have openssl installed, I simply ignored the
suggestion. I'm happy the parameters can be generated outside of
exim, as this downgrades the severity (somewhat) of the problem.
Upstream quickly tagged as this as "can't be done": I'd say this
simply wrong. Everything can be done, provided enough time is given.
Generating the keys outside of exim is one solution, and it's already
implemented. If exim insists on supporting keys generation in
STARTTLS, special handling MUST be implemented to avoid the DoS
condition, because generating keys IS supposed to wait indefinitely.
IMHO, refusing to generate the keys on-the-fly and emitting a
temporary local problem until the keys are ready avoids the race
without requiring heavy modifications on the exim side. The other
peer can always refuse to initiate the transfer until tls is ready.
Until this is fixed, exim supports flawed behavior. This is not
debian related however, so I'll manage with upstream directly.
About Debian. Since the race _can_ be avoided (my bad I didn't
notice), I'd say that it's a priority to inform users enough. A
simple Suggest isn't enough, as proven by the reports already filed.
Maybe examples/exim-gencert in exim4-base should call the cron job in
order to generate the keys immediately. README.Debian, instead of
suggesting to check /dev/random, should inform that generation of
keys in STARTTLS is subject to dossability, and thus, when setting up
TLS and generating the certificates, the relative keys should be
generated immediately too (this should be enough since README.Debian
is referenced in main/03_exim4-config_tlsoptions), mentioning that
gnutls-bin is _required_ to perform the task.
Also note that openssl can be used to generate the keys (in fact, I'm
using openssl now), which is a problem less.
Maybe the Suggest: can also be raised to a Recommend too.
More information about the Pkg-exim4-maintainers
mailing list