Re: PERL Module Problem...

2000-02-14 Thread Jean-Marc Desperrier 


Peter Gutmann wrote:

 Dr Stephen Henson [EMAIL PROTECTED] writes:

 Is there any circumstances where the environment isn't safe? I believe extra
 privs are normally needed to read another users processes environment.

 Under DEC Unixen you can read anyone's environment without any extra privs
 (ps -wwae or a variant thereof, depending on which vintage of OS you're on).

There's the same possibility on Linux and probably many other OS.

The program should overwrites it's sensible environment variables as soon as it
has read the content, therefore strongly reducing the problem.



__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: PERL Module Problem...

2000-02-14 Thread Salz, Rich 

The program should overwrites it's sensible environment variables as soon
as it
has read the content, therefore strongly reducing the problem.

Assuming the ones that "ps" shows are in userspace not kernel space.
Not always a safe assumption.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-13 Thread Rich Salz 

a file would be good, since i could create a fifo behind a firewall
directory and do a bunch of cat's to run a bunch of commands :)


__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-12 Thread Richard Levitte - VMS Whacker 

jaltman And why can't pipes be used in Windows?

Exactly my question.

jaltman Using a colon in this context should not be a problem since the first
jaltman colon is the tag separator.  After that the colon can be part of the
jaltman filename.

*LOL* I guess that's a d'uh on me...

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-161 43  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

PERL Module Problem...

2000-02-11 Thread Massimiliano Pala 

Hi all,

I have a problem while writing a PERL module. When I want to issue an
openssl command (that requires input) the following code (which works
in common PERL programs) does not pass the required input to openssl
so it waits for user input:

open(FD, "|$command" ) || return;
## Send Password
print FD "$passwd\n";

## Send Confirmation Password
print FD "$passwd\n";
close(FD);

Where command is, for example:

/usr/local/ssl/bin/openssl genrsa -des3 -out priv.key 512

The output I get is:

Generating RSA private key, 512 bit long modulus
...
.
e is 65537 (0x10001)
Enter PEM pass phrase:

but it should not hang asking for passwd as I pass it to openssl with
the print command. What's wrong here in ??

C'you,

Massimiliano Pala ([EMAIL PROTECTED])
 S/MIME Cryptographic Signature

Re: PERL Module Problem...

2000-02-11 Thread Richard Levitte - VMS Whacker 

madwolf I have a problem while writing a PERL module. When I want to issue an
madwolf openssl command (that requires input) the following code (which works
madwolf in common PERL programs) does not pass the required input to openssl
madwolf so it waits for user input:
madwolf 
madwolfopen(FD, "|$command" ) || return;
madwolf ## Send Password
madwolf print FD "$passwd\n";
madwolf 
madwolf ## Send Confirmation Password
madwolf print FD "$passwd\n";
madwolf close(FD);
[...]
madwolf but it should not hang asking for passwd as I pass it to openssl with
madwolf the print command. What's wrong here in ??

What's wrong is that you assume OpenSSL takes password input from
standard input.  This is not the case.  Instead, a separate handle to
the TTY is opened, and that is used as password input.  Under Unix,
the file used is "/dev/tty".  Under DOS, it's "con", and under VMS
it's "TT:".

In the current snapshot of OpenSSL, there's a new parameter that gives
you the possibility to give the password on the command line to most
utilities that need it, called -passin, -passout, -passin and -envpassin.
Check it out.

BTW, I wonder if there shouldn't be a mechanism to get the password
from stdin as well.  '-passin -' or yet another switch, like
'-pipepassin'?  '-passin' has a real danger if you consider what 'ps'
gives as output...

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-161 43  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-11 Thread Dr Stephen Henson 

Richard Levitte - VMS Whacker wrote:
 
 
 What's wrong is that you assume OpenSSL takes password input from
 standard input.  This is not the case.  Instead, a separate handle to
 the TTY is opened, and that is used as password input.  Under Unix,
 the file used is "/dev/tty".  Under DOS, it's "con", and under VMS
 it's "TT:".
 
 In the current snapshot of OpenSSL, there's a new parameter that gives
 you the possibility to give the password on the command line to most
 utilities that need it, called -passin, -passout, -passin and -envpassin.
 Check it out.
 

Most utilities?  I thought all the ones where it was useful were
covered. Have I missed one?

 BTW, I wonder if there shouldn't be a mechanism to get the password
 from stdin as well.  '-passin -' or yet another switch, like
 '-pipepassin'?  '-passin' has a real danger if you consider what 'ps'
 gives as output...
 

Yes thats why I added a warning to every man page about it. On some OSes
or setups its quite safe though.

Is there any circumstances where the environment isn't safe? I believe
extra privs are normally needed to read another users processes
environment.

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.

__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: PERL Module Problem...

2000-02-11 Thread Salz, Rich 

Is there any circumstances where the environment isn't safe?

I thought it was readily available on all BSD-derived Unices.  viz:
haggis 71 uname ; who ; echo i am `who am i` ; ps -wwe -tp1
BSD/OS
salzrttyp0   Feb 10 14:58   (camstig)
bowe ttyp1   Feb  7 08:36   (taco)
i am salzr ttyp0 Feb 10 14:58 (camstig)
  PID  TT  STAT  TIME COMMAND
  276  p1  Is+0:00.72 TERM=vt100 LINEMODE=real HOME=/usr/home/bowe
LOGNAME=b
owe SHELL=/bin/tcsh USER=bowe
PATH=/bin:/usr/bin:/usr/contrib/bin:/usr/X11/bin -
tcsh (tcsh)
haggis 72
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-11 Thread Richard Levitte - VMS Whacker 

drh Most utilities?  I thought all the ones where it was useful were
drh covered. Have I missed one?

I don't think enc has it...  At least I couldn't find it when I looked
20 minutes ago...

drh Is there any circumstances where the environment isn't safe? I believe
drh extra privs are normally needed to read another users processes
drh environment.

Not really, except under certain circumstances (some or most shells
combined with rather special characters in the password), using
environment variables is klunky, to say the best...  Also, if you want
to be paranoid, environment space does not go away for the duration of
the process' life, so if there's a way to read process memory, there's
a higher likelyhood that you can find a password through the
environment that process carries around (after all, the environment is
not hard to find, at all, just look for "USER=" or something like
that, and you'll probably find the rest of it around that point).  In
such cases, it is a lot safer to read in a password in a string in a
hopefully less easy to find place in process memory and immediately
zero that piece of memory after the password has been used.

I would trust passwords passed over stdin before anything passed in
the command line or environment, any time.  Not that stdin is perfect
either, mind you, but still...

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-161 43  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-11 Thread Peter Gutmann 

Dr Stephen Henson [EMAIL PROTECTED] writes:

Is there any circumstances where the environment isn't safe? I believe extra 
privs are normally needed to read another users processes environment.

Under DEC Unixen you can read anyone's environment without any extra privs
(ps -wwae or a variant thereof, depending on which vintage of OS you're on).

Peter.

__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-11 Thread Ben Laurie 

Dr Stephen Henson wrote:
 Is there any circumstances where the environment isn't safe? I believe
 extra privs are normally needed to read another users processes
 environment.

ps on Linux shows environments, but not being a Linux expert, I couldn't
say how that access is controlled.

Cheers,

Ben.

--
SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm

http://www.apache-ssl.org/ben.html

Y19100 no-prize winner!
http://www.ntk.net/index.cgi?back=2000/now0121.txt
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: PERL Module Problem...

2000-02-11 Thread Barnes, Michael L. 


 Is there any circumstances where the environment isn't safe? I believe
 extra privs are normally needed to read another users processes
 environment.

Yes, some oses dump core that is world readable and has env info
in the core file.

Mike
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: PERL Module Problem...

2000-02-11 Thread Barnes, Michael L. 

Enclosed is a sample of a module that I am working on, hope
this helps...

Hopefully outlook wont kill it.  It is not meant to necessarily
portable to other platforms, but just an example and hopefully
some input.

Mike


 -Original Message-
 From: Richard Levitte - VMS Whacker [mailto:[EMAIL PROTECTED]]
 Sent: Friday, February 11, 2000 12:53 PM
 To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Subject: Re: PERL Module Problem...
 
 
 madwolf I have a problem while writing a PERL module. When I 
 want to issue an
 madwolf openssl command (that requires input) the following 
 code (which works
 madwolf in common PERL programs) does not pass the required 
 input to openssl
 madwolf so it waits for user input:
 madwolf 
 madwolf  open(FD, "|$command" ) || return;
 madwolf ## Send Password
 madwolf print FD "$passwd\n";
 madwolf 
 madwolf ## Send Confirmation Password
 madwolf print FD "$passwd\n";
 madwolf close(FD);
 [...]
 madwolf but it should not hang asking for passwd as I pass 
 it to openssl with
 madwolf the print command. What's wrong here in ??
 
 What's wrong is that you assume OpenSSL takes password input from
 standard input.  This is not the case.  Instead, a separate handle to
 the TTY is opened, and that is used as password input.  Under Unix,
 the file used is "/dev/tty".  Under DOS, it's "con", and under VMS
 it's "TT:".
 
 In the current snapshot of OpenSSL, there's a new parameter that gives
 you the possibility to give the password on the command line to most
 utilities that need it, called -passin, -passout, -passin and 
 -envpassin.
 Check it out.
 
 BTW, I wonder if there shouldn't be a mechanism to get the password
 from stdin as well.  '-passin -' or yet another switch, like
 '-pipepassin'?  '-passin' has a real danger if you consider what 'ps'
 gives as output...
 
 -- 
 Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
 Redakteur@Stacken  \ S-161 43  BROMMA  \ T: +46-8-26 52 47
 \  SWEDEN   \ or +46-708-26 53 44
 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
 
 Unsolicited commercial email is subject to an archival fee of $400.
 See http://www.stacken.kth.se/~levitte/mail/ for more info.
 __
 OpenSSL Project http://www.openssl.org
 Development Mailing List   [EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]
 


 Certificate.pm

Re: PERL Module Problem...

2000-02-11 Thread Dr Stephen Henson 

OK. I'm convinced environment isn't always safe. I'll redo the options
to allow several choices.

I.e.

1. Command line.
2. Environment.
3. Standard input.

Any other suggestions e.g from a file or fd?

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.

__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-11 Thread Bodo Moeller 

Richard Levitte - VMS Whacker [EMAIL PROTECTED]:

[...]
 I would trust passwords passed over stdin before anything passed in
 the command line or environment, any time.  Not that stdin is perfect
 either, mind you, but still...

Environment variables must usually be considered public.  PGP
evaluates a PGPPASSFD environment variable and reads from the named
file descriptor; with this approach, you don't have to send passwords
and actual data through the same pipe.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: PERL Module Problem...

2000-02-11 Thread Richard Levitte - VMS Whacker 

SalzR I thought it was readily available on all BSD-derived Unices.  viz:
SalzR haggis 71 uname ; who ; echo i am `who am i` ; ps -wwe -tp1
SalzR BSD/OS
SalzR salzrttyp0   Feb 10 14:58   (camstig)
SalzR bowe ttyp1   Feb  7 08:36   (taco)
SalzR i am salzr ttyp0 Feb 10 14:58 (camstig)
SalzR   PID  TT  STAT  TIME COMMAND
SalzR   276  p1  Is+0:00.72 TERM=vt100 LINEMODE=real HOME=/usr/home/bowe
[...]

Even worse (read: easier) than I thought...

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-161 43  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-11 Thread Massimiliano Pala 

Thanks to all who sent me their help. I found it very singular that using inside
a cgi script the code works... :-D I will investigate deeply ... (If I have time
to ... )

C'you,

Massimiliano Pala ([EMAIL PROTECTED])
 S/MIME Cryptographic Signature

Re: PERL Module Problem...

2000-02-11 Thread Richard Levitte - VMS Whacker 

From: Dr Stephen Henson [EMAIL PROTECTED]

drh 1. Command line.
drh 2. Environment.
drh 3. Standard input.
drh 
drh Any other suggestions e.g from a file or fd?

Hmm.  There's no need to have the password in a file, that can as well
be piped in ('cat passwdfile | openssl x509 -passstdin ...' to take a
Unixly example, and yes, there's a way to do that on VMS as well).
However, a choice of FD (if something other than stdin) could be
fancy.

For inspiration, you can do that with PGP 2.6.3 by putting the fd
number in the environment variable FD (surprise! :-)).  Another way
might be to declare the fd through yet another parameter.

However, I'm not sure I see the absolute need for that kind of
fanciness...

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-161 43  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-11 Thread Richard Levitte - VMS Whacker 

From: [EMAIL PROTECTED] (Bodo Moeller)

bmoeller PGP evaluates a PGPPASSFD

That was the name!

bmoeller environment variable and reads from the named file
bmoeller descriptor; with this approach, you don't have to send
bmoeller passwords and actual data through the same pipe.

Good point.  I take back what I said earlier, since there seems to be
a good reason.

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-161 43  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-11 Thread Dr Stephen Henson 

Richard Levitte - VMS Whacker wrote:
 
 
 Hmm.  There's no need to have the password in a file, that can as well
 be piped in ('cat passwdfile | openssl x509 -passstdin ...' to take a
 Unixly example, and yes, there's a way to do that on VMS as well).

Yes but there's windoze to consider as well... I wish it could be
ignored too.

 However, a choice of FD (if something other than stdin) could be
 fancy.
 
 For inspiration, you can do that with PGP 2.6.3 by putting the fd
 number in the environment variable FD (surprise! :-)).  Another way
 might be to declare the fd through yet another parameter.
 
 However, I'm not sure I see the absolute need for that kind of
 fanciness...
 

I'm thinking of redoing this so its handled another way. Since there are
no releases with -passsin, -envpassin I'm free to break it :-)

Maybe something like

-pass{in,out} source:arg

which would have things like...

password:hello
env:ENV_PASSWD
fd:5
file:mypasswdfile.txt

All routed through a single app_get_passwd() function which should tidy
this all up a bit. Currenly all the apps are redundantly doing the same
thing.

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-11 Thread Richard Levitte - VMS Whacker 

From: Dr Stephen Henson [EMAIL PROTECTED]

drh Richard Levitte - VMS Whacker wrote:
drh  
drh  
drh  Hmm.  There's no need to have the password in a file, that can as well
drh  be piped in ('cat passwdfile | openssl x509 -passstdin ...' to take a
drh  Unixly example, and yes, there's a way to do that on VMS as well).
drh 
drh Yes but there's windoze to consider as well... I wish it could be
drh ignored too.

Uhmm, so pipes are out of the question in windoze?  Seriously?  What
about redirection?  I'm pretty sure I've seen examples of both...

drh Maybe something like
drh 
drh -pass{in,out} source:arg
drh 
drh which would have things like...
drh 
drh password:hello
drh env:ENV_PASSWD
drh fd:5
drh file:mypasswdfile.txt

Is a colon really the best choice?  In Windows/DOS and VMS, a colon is
an inherent and important part of the file spec. (probably more in VMS
than in Windows/DOS...)

Apart from that, I like the idea.

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-161 43  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: PERL Module Problem...

2000-02-11 Thread Jeffrey Altman 

 drh Richard Levitte - VMS Whacker wrote:
 drh  
 drh  
 drh  Hmm.  There's no need to have the password in a file, that can as well
 drh  be piped in ('cat passwdfile | openssl x509 -passstdin ...' to take a
 drh  Unixly example, and yes, there's a way to do that on VMS as well).
 drh 
 drh Yes but there's windoze to consider as well... I wish it could be
 drh ignored too.
 
 Uhmm, so pipes are out of the question in windoze?  Seriously?  What
 about redirection?  I'm pretty sure I've seen examples of both...

And why can't pipes be used in Windows?

 drh Maybe something like
 drh 
 drh -pass{in,out} source:arg
 drh 
 drh which would have things like...
 drh 
 drh password:hello
 drh env:ENV_PASSWD
 drh fd:5
 drh file:mypasswdfile.txt
 
 Is a colon really the best choice?  In Windows/DOS and VMS, a colon is
 an inherent and important part of the file spec. (probably more in VMS
 than in Windows/DOS...)
 
 Apart from that, I like the idea.

Using a colon in this context should not be a problem since the first
colon is the tag separator.  After that the colon can be part of the
filename.



Jeffrey Altman * Sr.Software Designer * Kermit-95 for Win32 and OS/2
 The Kermit Project * Columbia University
  612 West 115th St #716 * New York, NY * 10025
  http://www.kermit-project.org/k95.html * [EMAIL PROTECTED]


__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]