Package: release.debian.org Severity: normal User: [email protected] Usertags: pu
Hi! Recently, the random number generator predictability was discovered in yaws_session_server module of YAWS web server (see [1] and [2]). I'd like to fix this bug in stable (the debdiff is attached). The change also fixes grave bug in the YAWS mail application (it currently can't read its config). [1] http://sourceforge.net/mailarchive/forum.php?thread_name=20120624072521.GA22850%40k2r.org&forum_name=erlyaws-list [2] http://erlang.org/pipermail/erlang-questions/2012-June/067566.html -- System Information: Debian Release: 6.0.5 APT prefers proposed-updates APT policy: (990, 'proposed-updates'), (990, 'stable') Architecture: i386 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores) Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash
diff -u yaws-1.88/debian/changelog yaws-1.88/debian/changelog --- yaws-1.88/debian/changelog +++ yaws-1.88/debian/changelog @@ -1,3 +1,10 @@ +yaws (1.88-2+squeeze1) stable-security; urgency=low + + * Added a patch which fixes insufficient random numbers generator strength. + * Fixed a grave bug with config loading in YAWS mail application. + + -- Sergei Golovan <[email protected]> Sun, 24 Jun 2012 12:36:19 +0400 + yaws (1.88-2) unstable; urgency=low * Split out Yaws application to a separate package erlang-yaws, which diff -u yaws-1.88/debian/patches/series yaws-1.88/debian/patches/series --- yaws-1.88/debian/patches/series +++ yaws-1.88/debian/patches/series @@ -9,0 +10,2 @@ +random.diff +mail.diff only in patch2: unchanged: --- yaws-1.88.orig/debian/patches/mail.diff +++ yaws-1.88/debian/patches/mail.diff @@ -0,0 +1,26 @@ +Author: Sergei Golovan +Description: Patch fixes the YAWS mail application config loading. +Last-modified:Sun, 24 Jun 2012 12:08:14 +0400 + +--- yaws-1.88.orig/applications/mail/src/mail.erl ++++ yaws-1.88/applications/mail/src/mail.erl +@@ -2603,7 +2603,7 @@ + Cfg; + read_config(FD, Cfg, Lno, Chars) -> + Next = io:get_line(FD, ''), +- case yaws_config:toks(Chars) of ++ case yaws_config:toks(Lno, Chars) of + [] -> + read_config(FD, Cfg, Lno+1, Next); + ["ttl", '=', IntList] -> +--- yaws-1.88.orig/src/yaws_config.erl ++++ yaws-1.88/src/yaws_config.erl +@@ -25,7 +25,7 @@ + update_sconf/2, delete_sconf/2, + eq_sconfs/2, soft_setconf/4, hard_setconf/2, + can_hard_gc/2, can_soft_setconf/4, +- can_soft_gc/2, verify_upgrade_args/2]). ++ can_soft_gc/2, verify_upgrade_args/2, toks/2]). + + %% where to look for yaws.conf + paths() -> only in patch2: unchanged: --- yaws-1.88.orig/debian/patches/random.diff +++ yaws-1.88/debian/patches/random.diff @@ -0,0 +1,132 @@ +Author: Upstream & Sergei Golovan +Description: Patch replaces random:uniform/1 calls by crypto:rand_bytes/1 + which is more secure. +Last-modified: Sun, 24 Jun 2012 12:36:11 +0400 + +--- yaws-1.88.orig/applications/mail/src/smtp.erl ++++ yaws-1.88/applications/mail/src/smtp.erl +@@ -88,7 +88,10 @@ + lists:flatten( + io_lib:format("~s_~2.2.0w_~s_~w_~2.2.0w:~2.2.0w:~2.2.0w_~w", + [weekday(Y,Mo,D), D, int_to_mt(Mo), +- Y,H,M,S,random:uniform(5000)])). ++ Y,H,M,S,bin2int(crypto:rand_bytes(4))])). ++ ++bin2int(Bin) -> ++ lists:foldl(fun(N, Acc) -> Acc * 256 + N end, 0, binary_to_list(Bin)). + + + smtp_init(Server, From, Recipients) -> +--- yaws-1.88.orig/applications/mail/src/mail.erl ++++ yaws-1.88/applications/mail/src/mail.erl +@@ -1053,8 +1053,6 @@ + end. + + session_manager_init() -> +- {X,Y,Z} = seed(), +- random:seed(X, Y, Z), + session_manager([], now(), read_config()). + + session_manager(C0, LastGC0, Cfg) -> +@@ -1078,7 +1076,7 @@ + end, + session_manager(C, LastGC, Cfg); + {new_session, Session, From} -> +- Cookie = integer_to_list(random:uniform(1 bsl 50)), ++ Cookie = integer_to_list(bin2int(crypto:rand_bytes(16))), + From ! {session_manager, Cookie}, + session_manager([{Cookie, Session#session{cookie=Cookie}, + now()}|C], LastGC, Cfg); +@@ -1219,15 +1217,6 @@ + diff({M1,S1,_}, {M2,S2,_}) -> + (M2-M1)*1000000+(S2-S1). + +-seed() -> +- case (catch list_to_binary( +- os:cmd("dd if=/dev/urandom ibs=12 count=1 2>/dev/null"))) of +- <<X:32, Y:32, Z:32>> -> +- {X, Y, Z}; +- _ -> +- now() +- end. +- + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + retr(Server, User, Password, Nr) -> +@@ -1959,7 +1948,10 @@ + lists:flatten( + io_lib:format("~s_~2.2.0w_~s_~w_~2.2.0w:~2.2.0w:~2.2.0w_~w", + [weekday(Y1,Y2,Mo,D), D, int_to_mt(Mo), +- y(Y1,Y2),H,M,S,random:uniform(5000)])). ++ y(Y1,Y2),H,M,S,bin2int(crypto:rand_bytes(4))])). ++ ++bin2int(Bin) -> ++ lists:foldl(fun(N, Acc) -> Acc * 256 + N end, 0, binary_to_list(Bin)). + + date_and_time_to_string(DAT) -> + case validate_date_and_time(DAT) of +--- yaws-1.88.orig/applications/chat/src/chat.erl ++++ yaws-1.88/applications/chat/src/chat.erl +@@ -148,7 +148,7 @@ + end, + chat_server(Users); + {new_session, User, From} -> +- Cookie = integer_to_list(random:uniform(1 bsl 50)), ++ Cookie = integer_to_list(bin2int(crypto:rand_bytes(16))), + Session = #user{cookie=Cookie, user=User, color=pick_color()}, + From ! {session_manager, Cookie, Session}, + chat_server([Session|Users]); +@@ -187,6 +187,9 @@ + 5000 -> + chat_server(Users) + end. ++ ++bin2int(Bin) -> ++ lists:foldl(fun(N, Acc) -> Acc * 256 + N end, 0, binary_to_list(Bin)). + + + %% +--- yaws-1.88.orig/src/yaws_session_server.erl ++++ yaws-1.88/src/yaws_session_server.erl +@@ -136,8 +136,6 @@ + %% {stop, Reason} + %%---------------------------------------------------------------------- + init([]) -> +- {X,Y,Z} = seed(), +- random:seed(X, Y, Z), + ets:new(?MODULE, [set, named_table, public, {keypos, 2}]), + start_long_timer(), + {ok, undefined, to()}. +@@ -154,18 +152,6 @@ + 2 * 60 * 1000. + + +-%% pretty good seed, but non portable +-seed() -> +- case (catch list_to_binary( +- os:cmd("dd if=/dev/urandom ibs=12 count=1 2>/dev/null"))) of +- <<X:32, Y:32, Z:32>> -> +- {X, Y, Z}; +- _ -> +- now() +- end. +- +- +- + %%---------------------------------------------------------------------- + %% Func: handle_call/3 + %% Returns: {reply, Reply, State} | +@@ -176,9 +162,12 @@ + %% {stop, Reason, State} (terminate/2 is called) + %%---------------------------------------------------------------------- + ++ ++bin2int(Bin) -> ++ lists:foldl(fun(N, Acc) -> Acc * 256 + N end, 0, binary_to_list(Bin)). + + handle_call({new_session, Opaque, TTL, Cleanup}, From, State) -> +- N = random:uniform(16#ffffffffffffffff), %% 64 bits ++ N = bin2int(crypto:rand_bytes(16)), + Cookie = atom_to_list(node()) ++ [$-|integer_to_list(N)], + handle_call({new_session, Opaque, TTL, Cleanup, Cookie}, From, State); +
