On Thu, May 22, 2014 at 12:07:33AM +0100, Zé Loff wrote: > > I know, that subject's line is too long, but I didn't manage to phrase > that in a shorter form. On the upside, it pretty much tells the whole > story: elinks is creating a file on ~ whose name is the contents of > ~/elinks/elinks.conf.
I can reproduce this, although it is not always in ~. Rather in ${CWD}. This is actually a use after free (and maybe a security issue) introduced by us when we were fixing RAND_egd() fallout. If we look at the patch to init_ssl(): ---8<--- $OpenBSD: patch-src_network_ssl_ssl_c,v 1.1 2014/04/19 17:59:38 sthen Exp $ --- src/network/ssl/ssl.c.orig Sat Apr 19 18:44:13 2014 +++ src/network/ssl/ssl.c Sat Apr 19 18:45:12 2014 @@ -49,11 +49,8 @@ init_openssl(struct module *module) * cannot initialize the PRNG and so every attempt to use SSL fails. * It's actually an OpenSSL FAQ, and according to them, it's up to the * application coders to seed the RNG. -- William Yodlowsky */ - if (RAND_egd(RAND_file_name(f_randfile, sizeof(f_randfile))) < 0) { - /* Not an EGD, so read and write to it */ - if (RAND_load_file(f_randfile, -1)) - RAND_write_file(f_randfile); - } + if (RAND_load_file(f_randfile, -1)) + RAND_write_file(f_randfile); SSLeay_add_ssl_algorithms(); context = SSL_CTX_new(SSLv23_client_method()); ---8<--- The removed RAND_egd check is side effecting! The nested call to RAND_file_name() is populating f_randfile with the path to the RNG device node. Without it, we end up using the uninitialised f_randfile buffer, which happens to contain the the contents of your config file. So, we end up passing the contents of a file named the same as the contents of your elinks config file to RAND_{load,write}_file(). Looking at he implementation of RAND_load_file(), the path is not even used by that call?! The call to RAND_write_file() is then putting some junk in the file... Whut? FWIW, the below patch fixes stops elinks from creating that weird file, but I am not confident the RNG is correctly seeded by elinks. Someone who understands OpenSSL should comment. ---8<--- Index: Makefile =================================================================== RCS file: /home/edd/cvsync/ports/www/elinks/Makefile,v retrieving revision 1.32 diff -u -p -r1.32 Makefile --- Makefile 10 Oct 2013 20:10:51 -0000 1.32 +++ Makefile 30 May 2014 16:23:51 -0000 @@ -2,7 +2,7 @@ COMMENT= full-featured text WWW browser DISTNAME= elinks-0.11.7 -REVISION= 7 +REVISION= 8 CATEGORIES= www MASTER_SITES= http://elinks.cz/download/ Index: patches/patch-src_network_ssl_ssl_c =================================================================== RCS file: /home/edd/cvsync/ports/www/elinks/patches/patch-src_network_ssl_ssl_c,v retrieving revision 1.1 diff -u -p -r1.1 patch-src_network_ssl_ssl_c --- patches/patch-src_network_ssl_ssl_c 19 Apr 2014 17:59:38 -0000 1.1 +++ patches/patch-src_network_ssl_ssl_c 30 May 2014 16:18:08 -0000 @@ -1,7 +1,14 @@ $OpenBSD: patch-src_network_ssl_ssl_c,v 1.1 2014/04/19 17:59:38 sthen Exp $ ---- src/network/ssl/ssl.c.orig Sat Apr 19 18:44:13 2014 -+++ src/network/ssl/ssl.c Sat Apr 19 18:45:12 2014 -@@ -49,11 +49,8 @@ init_openssl(struct module *module) +--- src/network/ssl/ssl.c.orig Sat Aug 22 12:15:08 2009 ++++ src/network/ssl/ssl.c Fri May 30 17:17:48 2014 +@@ -45,15 +45,15 @@ init_openssl(struct module *module) + { + unsigned char f_randfile[PATH_MAX]; + ++ if (RAND_file_name(f_randfile, sizeof(f_randfile)) == NULL) ++ return S_SSL_ERROR; ++ + /* In a nutshell, on OS's without a /dev/urandom, the OpenSSL library * cannot initialize the PRNG and so every attempt to use SSL fails. * It's actually an OpenSSL FAQ, and according to them, it's up to the * application coders to seed the RNG. -- William Yodlowsky */ ---8<--- -- Best Regards Edd Barrett http://www.theunixzoo.co.uk