On Wed, Mar 3, 2010 at 6:08 PM, William Ahern <[email protected]> wrote: > On Wed, Mar 03, 2010 at 04:38:59PM -0500, Nick Mathewson wrote: >> >> * Libevent now uses a secure PRNG for the entropy that evdns needs to >> be secure. This is arc4random() on platforms that provide it, and our >> own copy of arc4random() on platforms that don't. You no longer need >> to replace the evdns transaction ID or random_bytes functions for >> security. >> > > I noticed that the compat version will expect to open a /dev randomness > device to stir. But this looks like it will fail for daemons which chroot. A > quick grep looks like arc4random_stir() isn't called anywhere (i.e. from a > libevent init routine). > > Two possible solution: > > (1) call arc4random_stir() from something which it is reasonable to expect > the application to call before chroot'ing. > > and/or > > (2) as Linux is probably by far the most common environment for libevent, > first try to grab bytes from sysctl. here's the relevant snippet from my own > portable arc4random implemention:
I'm not sure that the first approach is feasible; if you're using libevent and chrooting, there really is no Libevent function that you're guaranteed to call before a chroot. I've decided to go with a mixed approach based on your 2 and an additional 3. (2') Try the Linux sysctl as well as the OpenBSD sysctl as well as /dev/urandom on Unix boxen (where chroot matters). (3) Tell people that if they need to chroot and they need to use libevent in a way that requires a strong RNG, they need to initialize the RNG before they chroot. They can do this by calling evutil_secure_rng_init() and checking that the return value is zero. I've implemented both of these in a git branch called "arc4seed" at my personal repository at git://github.com/nmathewson/Libevent.git . Please have a look and let me know what you think? I've only tried it out on my Linux desktop; the BSD code (which uses the KERN_ARAND syscall) might need some love, and I might even have broken the windows stuff somehow. yrs, -- Nick *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe libevent-users in the body.
