Re: PERL Module Problem...
Peter Gutmann wrote: Dr Stephen Henson [EMAIL PROTECTED] writes: Is there any circumstances where the environment isn't safe? I believe extra privs are normally needed to read another users processes environment. Under DEC Unixen you can read anyone's environment without any extra privs (ps -wwae or a variant thereof, depending on which vintage of OS you're on). There's the same possibility on Linux and probably many other OS. The program should overwrites it's sensible environment variables as soon as it has read the content, therefore strongly reducing the problem. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: PERL Module Problem...
The program should overwrites it's sensible environment variables as soon as it has read the content, therefore strongly reducing the problem. Assuming the ones that "ps" shows are in userspace not kernel space. Not always a safe assumption. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
a file would be good, since i could create a fifo behind a firewall directory and do a bunch of cat's to run a bunch of commands :) __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
jaltman And why can't pipes be used in Windows? Exactly my question. jaltman Using a colon in this context should not be a problem since the first jaltman colon is the tag separator. After that the colon can be part of the jaltman filename. *LOL* I guess that's a d'uh on me... -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-161 43 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
PERL Module Problem...
Hi all, I have a problem while writing a PERL module. When I want to issue an openssl command (that requires input) the following code (which works in common PERL programs) does not pass the required input to openssl so it waits for user input: open(FD, "|$command" ) || return; ## Send Password print FD "$passwd\n"; ## Send Confirmation Password print FD "$passwd\n"; close(FD); Where command is, for example: /usr/local/ssl/bin/openssl genrsa -des3 -out priv.key 512 The output I get is: Generating RSA private key, 512 bit long modulus ... . e is 65537 (0x10001) Enter PEM pass phrase: but it should not hang asking for passwd as I pass it to openssl with the print command. What's wrong here in ?? C'you, Massimiliano Pala ([EMAIL PROTECTED]) S/MIME Cryptographic Signature
Re: PERL Module Problem...
madwolf I have a problem while writing a PERL module. When I want to issue an madwolf openssl command (that requires input) the following code (which works madwolf in common PERL programs) does not pass the required input to openssl madwolf so it waits for user input: madwolf madwolfopen(FD, "|$command" ) || return; madwolf ## Send Password madwolf print FD "$passwd\n"; madwolf madwolf ## Send Confirmation Password madwolf print FD "$passwd\n"; madwolf close(FD); [...] madwolf but it should not hang asking for passwd as I pass it to openssl with madwolf the print command. What's wrong here in ?? What's wrong is that you assume OpenSSL takes password input from standard input. This is not the case. Instead, a separate handle to the TTY is opened, and that is used as password input. Under Unix, the file used is "/dev/tty". Under DOS, it's "con", and under VMS it's "TT:". In the current snapshot of OpenSSL, there's a new parameter that gives you the possibility to give the password on the command line to most utilities that need it, called -passin, -passout, -passin and -envpassin. Check it out. BTW, I wonder if there shouldn't be a mechanism to get the password from stdin as well. '-passin -' or yet another switch, like '-pipepassin'? '-passin' has a real danger if you consider what 'ps' gives as output... -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-161 43 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
Richard Levitte - VMS Whacker wrote: What's wrong is that you assume OpenSSL takes password input from standard input. This is not the case. Instead, a separate handle to the TTY is opened, and that is used as password input. Under Unix, the file used is "/dev/tty". Under DOS, it's "con", and under VMS it's "TT:". In the current snapshot of OpenSSL, there's a new parameter that gives you the possibility to give the password on the command line to most utilities that need it, called -passin, -passout, -passin and -envpassin. Check it out. Most utilities? I thought all the ones where it was useful were covered. Have I missed one? BTW, I wonder if there shouldn't be a mechanism to get the password from stdin as well. '-passin -' or yet another switch, like '-pipepassin'? '-passin' has a real danger if you consider what 'ps' gives as output... Yes thats why I added a warning to every man page about it. On some OSes or setups its quite safe though. Is there any circumstances where the environment isn't safe? I believe extra privs are normally needed to read another users processes environment. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: PERL Module Problem...
Is there any circumstances where the environment isn't safe? I thought it was readily available on all BSD-derived Unices. viz: haggis 71 uname ; who ; echo i am `who am i` ; ps -wwe -tp1 BSD/OS salzrttyp0 Feb 10 14:58 (camstig) bowe ttyp1 Feb 7 08:36 (taco) i am salzr ttyp0 Feb 10 14:58 (camstig) PID TT STAT TIME COMMAND 276 p1 Is+0:00.72 TERM=vt100 LINEMODE=real HOME=/usr/home/bowe LOGNAME=b owe SHELL=/bin/tcsh USER=bowe PATH=/bin:/usr/bin:/usr/contrib/bin:/usr/X11/bin - tcsh (tcsh) haggis 72 __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
drh Most utilities? I thought all the ones where it was useful were drh covered. Have I missed one? I don't think enc has it... At least I couldn't find it when I looked 20 minutes ago... drh Is there any circumstances where the environment isn't safe? I believe drh extra privs are normally needed to read another users processes drh environment. Not really, except under certain circumstances (some or most shells combined with rather special characters in the password), using environment variables is klunky, to say the best... Also, if you want to be paranoid, environment space does not go away for the duration of the process' life, so if there's a way to read process memory, there's a higher likelyhood that you can find a password through the environment that process carries around (after all, the environment is not hard to find, at all, just look for "USER=" or something like that, and you'll probably find the rest of it around that point). In such cases, it is a lot safer to read in a password in a string in a hopefully less easy to find place in process memory and immediately zero that piece of memory after the password has been used. I would trust passwords passed over stdin before anything passed in the command line or environment, any time. Not that stdin is perfect either, mind you, but still... -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-161 43 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
Dr Stephen Henson [EMAIL PROTECTED] writes: Is there any circumstances where the environment isn't safe? I believe extra privs are normally needed to read another users processes environment. Under DEC Unixen you can read anyone's environment without any extra privs (ps -wwae or a variant thereof, depending on which vintage of OS you're on). Peter. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
Dr Stephen Henson wrote: Is there any circumstances where the environment isn't safe? I believe extra privs are normally needed to read another users processes environment. ps on Linux shows environments, but not being a Linux expert, I couldn't say how that access is controlled. Cheers, Ben. -- SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm http://www.apache-ssl.org/ben.html Y19100 no-prize winner! http://www.ntk.net/index.cgi?back=2000/now0121.txt __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: PERL Module Problem...
Is there any circumstances where the environment isn't safe? I believe extra privs are normally needed to read another users processes environment. Yes, some oses dump core that is world readable and has env info in the core file. Mike __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: PERL Module Problem...
Enclosed is a sample of a module that I am working on, hope this helps... Hopefully outlook wont kill it. It is not meant to necessarily portable to other platforms, but just an example and hopefully some input. Mike -Original Message- From: Richard Levitte - VMS Whacker [mailto:[EMAIL PROTECTED]] Sent: Friday, February 11, 2000 12:53 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: PERL Module Problem... madwolf I have a problem while writing a PERL module. When I want to issue an madwolf openssl command (that requires input) the following code (which works madwolf in common PERL programs) does not pass the required input to openssl madwolf so it waits for user input: madwolf madwolf open(FD, "|$command" ) || return; madwolf ## Send Password madwolf print FD "$passwd\n"; madwolf madwolf ## Send Confirmation Password madwolf print FD "$passwd\n"; madwolf close(FD); [...] madwolf but it should not hang asking for passwd as I pass it to openssl with madwolf the print command. What's wrong here in ?? What's wrong is that you assume OpenSSL takes password input from standard input. This is not the case. Instead, a separate handle to the TTY is opened, and that is used as password input. Under Unix, the file used is "/dev/tty". Under DOS, it's "con", and under VMS it's "TT:". In the current snapshot of OpenSSL, there's a new parameter that gives you the possibility to give the password on the command line to most utilities that need it, called -passin, -passout, -passin and -envpassin. Check it out. BTW, I wonder if there shouldn't be a mechanism to get the password from stdin as well. '-passin -' or yet another switch, like '-pipepassin'? '-passin' has a real danger if you consider what 'ps' gives as output... -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-161 43 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] Certificate.pm
Re: PERL Module Problem...
OK. I'm convinced environment isn't always safe. I'll redo the options to allow several choices. I.e. 1. Command line. 2. Environment. 3. Standard input. Any other suggestions e.g from a file or fd? Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
Richard Levitte - VMS Whacker [EMAIL PROTECTED]: [...] I would trust passwords passed over stdin before anything passed in the command line or environment, any time. Not that stdin is perfect either, mind you, but still... Environment variables must usually be considered public. PGP evaluates a PGPPASSFD environment variable and reads from the named file descriptor; with this approach, you don't have to send passwords and actual data through the same pipe. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: PERL Module Problem...
SalzR I thought it was readily available on all BSD-derived Unices. viz: SalzR haggis 71 uname ; who ; echo i am `who am i` ; ps -wwe -tp1 SalzR BSD/OS SalzR salzrttyp0 Feb 10 14:58 (camstig) SalzR bowe ttyp1 Feb 7 08:36 (taco) SalzR i am salzr ttyp0 Feb 10 14:58 (camstig) SalzR PID TT STAT TIME COMMAND SalzR 276 p1 Is+0:00.72 TERM=vt100 LINEMODE=real HOME=/usr/home/bowe [...] Even worse (read: easier) than I thought... -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-161 43 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
Thanks to all who sent me their help. I found it very singular that using inside a cgi script the code works... :-D I will investigate deeply ... (If I have time to ... ) C'you, Massimiliano Pala ([EMAIL PROTECTED]) S/MIME Cryptographic Signature
Re: PERL Module Problem...
From: Dr Stephen Henson [EMAIL PROTECTED] drh 1. Command line. drh 2. Environment. drh 3. Standard input. drh drh Any other suggestions e.g from a file or fd? Hmm. There's no need to have the password in a file, that can as well be piped in ('cat passwdfile | openssl x509 -passstdin ...' to take a Unixly example, and yes, there's a way to do that on VMS as well). However, a choice of FD (if something other than stdin) could be fancy. For inspiration, you can do that with PGP 2.6.3 by putting the fd number in the environment variable FD (surprise! :-)). Another way might be to declare the fd through yet another parameter. However, I'm not sure I see the absolute need for that kind of fanciness... -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-161 43 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
From: [EMAIL PROTECTED] (Bodo Moeller) bmoeller PGP evaluates a PGPPASSFD That was the name! bmoeller environment variable and reads from the named file bmoeller descriptor; with this approach, you don't have to send bmoeller passwords and actual data through the same pipe. Good point. I take back what I said earlier, since there seems to be a good reason. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-161 43 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
Richard Levitte - VMS Whacker wrote: Hmm. There's no need to have the password in a file, that can as well be piped in ('cat passwdfile | openssl x509 -passstdin ...' to take a Unixly example, and yes, there's a way to do that on VMS as well). Yes but there's windoze to consider as well... I wish it could be ignored too. However, a choice of FD (if something other than stdin) could be fancy. For inspiration, you can do that with PGP 2.6.3 by putting the fd number in the environment variable FD (surprise! :-)). Another way might be to declare the fd through yet another parameter. However, I'm not sure I see the absolute need for that kind of fanciness... I'm thinking of redoing this so its handled another way. Since there are no releases with -passsin, -envpassin I'm free to break it :-) Maybe something like -pass{in,out} source:arg which would have things like... password:hello env:ENV_PASSWD fd:5 file:mypasswdfile.txt All routed through a single app_get_passwd() function which should tidy this all up a bit. Currenly all the apps are redundantly doing the same thing. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
From: Dr Stephen Henson [EMAIL PROTECTED] drh Richard Levitte - VMS Whacker wrote: drh drh drh Hmm. There's no need to have the password in a file, that can as well drh be piped in ('cat passwdfile | openssl x509 -passstdin ...' to take a drh Unixly example, and yes, there's a way to do that on VMS as well). drh drh Yes but there's windoze to consider as well... I wish it could be drh ignored too. Uhmm, so pipes are out of the question in windoze? Seriously? What about redirection? I'm pretty sure I've seen examples of both... drh Maybe something like drh drh -pass{in,out} source:arg drh drh which would have things like... drh drh password:hello drh env:ENV_PASSWD drh fd:5 drh file:mypasswdfile.txt Is a colon really the best choice? In Windows/DOS and VMS, a colon is an inherent and important part of the file spec. (probably more in VMS than in Windows/DOS...) Apart from that, I like the idea. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-161 43 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PERL Module Problem...
drh Richard Levitte - VMS Whacker wrote: drh drh drh Hmm. There's no need to have the password in a file, that can as well drh be piped in ('cat passwdfile | openssl x509 -passstdin ...' to take a drh Unixly example, and yes, there's a way to do that on VMS as well). drh drh Yes but there's windoze to consider as well... I wish it could be drh ignored too. Uhmm, so pipes are out of the question in windoze? Seriously? What about redirection? I'm pretty sure I've seen examples of both... And why can't pipes be used in Windows? drh Maybe something like drh drh -pass{in,out} source:arg drh drh which would have things like... drh drh password:hello drh env:ENV_PASSWD drh fd:5 drh file:mypasswdfile.txt Is a colon really the best choice? In Windows/DOS and VMS, a colon is an inherent and important part of the file spec. (probably more in VMS than in Windows/DOS...) Apart from that, I like the idea. Using a colon in this context should not be a problem since the first colon is the tag separator. After that the colon can be part of the filename. Jeffrey Altman * Sr.Software Designer * Kermit-95 for Win32 and OS/2 The Kermit Project * Columbia University 612 West 115th St #716 * New York, NY * 10025 http://www.kermit-project.org/k95.html * [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]