On Thu, May 22, 2014 at 12:07:33AM +0100, Zé Loff wrote:
>
> I know, that subject's line is too long, but I didn't manage to phrase
> that in a shorter form. On the upside, it pretty much tells the whole
> story: elinks is creating a file on ~ whose name is the contents of
> ~/elinks/elinks.conf.
I can reproduce this, although it is not always in ~. Rather in ${CWD}.
This is actually a use after free (and maybe a security issue) introduced by
us when we were fixing RAND_egd() fallout. If we look at the patch to
init_ssl():
---8<---
$OpenBSD: patch-src_network_ssl_ssl_c,v 1.1 2014/04/19 17:59:38 sthen Exp $
--- src/network/ssl/ssl.c.orig Sat Apr 19 18:44:13 2014
+++ src/network/ssl/ssl.c Sat Apr 19 18:45:12 2014
@@ -49,11 +49,8 @@ init_openssl(struct module *module)
* cannot initialize the PRNG and so every attempt to use SSL fails.
* It's actually an OpenSSL FAQ, and according to them, it's up to the
* application coders to seed the RNG. -- William Yodlowsky */
- if (RAND_egd(RAND_file_name(f_randfile, sizeof(f_randfile))) < 0) {
- /* Not an EGD, so read and write to it */
- if (RAND_load_file(f_randfile, -1))
- RAND_write_file(f_randfile);
- }
+ if (RAND_load_file(f_randfile, -1))
+ RAND_write_file(f_randfile);
SSLeay_add_ssl_algorithms();
context = SSL_CTX_new(SSLv23_client_method());
---8<---
The removed RAND_egd check is side effecting! The nested call to
RAND_file_name() is populating f_randfile with the path to the RNG device
node. Without it, we end up using the uninitialised f_randfile buffer, which
happens to contain the the contents of your config file.
So, we end up passing the contents of a file named the same as the contents
of your elinks config file to RAND_{load,write}_file(). Looking at he
implementation of RAND_load_file(), the path is not even used by that call?!
The call to RAND_write_file() is then putting some junk in the file... Whut?
FWIW, the below patch fixes stops elinks from creating that weird file, but
I am not confident the RNG is correctly seeded by elinks.
Someone who understands OpenSSL should comment.
---8<---
Index: Makefile
===================================================================
RCS file: /home/edd/cvsync/ports/www/elinks/Makefile,v
retrieving revision 1.32
diff -u -p -r1.32 Makefile
--- Makefile 10 Oct 2013 20:10:51 -0000 1.32
+++ Makefile 30 May 2014 16:23:51 -0000
@@ -2,7 +2,7 @@
COMMENT= full-featured text WWW browser
DISTNAME= elinks-0.11.7
-REVISION= 7
+REVISION= 8
CATEGORIES= www
MASTER_SITES= http://elinks.cz/download/
Index: patches/patch-src_network_ssl_ssl_c
===================================================================
RCS file:
/home/edd/cvsync/ports/www/elinks/patches/patch-src_network_ssl_ssl_c,v
retrieving revision 1.1
diff -u -p -r1.1 patch-src_network_ssl_ssl_c
--- patches/patch-src_network_ssl_ssl_c 19 Apr 2014 17:59:38 -0000 1.1
+++ patches/patch-src_network_ssl_ssl_c 30 May 2014 16:18:08 -0000
@@ -1,7 +1,14 @@
$OpenBSD: patch-src_network_ssl_ssl_c,v 1.1 2014/04/19 17:59:38 sthen Exp $
---- src/network/ssl/ssl.c.orig Sat Apr 19 18:44:13 2014
-+++ src/network/ssl/ssl.c Sat Apr 19 18:45:12 2014
-@@ -49,11 +49,8 @@ init_openssl(struct module *module)
+--- src/network/ssl/ssl.c.orig Sat Aug 22 12:15:08 2009
++++ src/network/ssl/ssl.c Fri May 30 17:17:48 2014
+@@ -45,15 +45,15 @@ init_openssl(struct module *module)
+ {
+ unsigned char f_randfile[PATH_MAX];
+
++ if (RAND_file_name(f_randfile, sizeof(f_randfile)) == NULL)
++ return S_SSL_ERROR;
++
+ /* In a nutshell, on OS's without a /dev/urandom, the OpenSSL library
* cannot initialize the PRNG and so every attempt to use SSL fails.
* It's actually an OpenSSL FAQ, and according to them, it's up to the
* application coders to seed the RNG. -- William Yodlowsky */
---8<---
--
Best Regards
Edd Barrett
http://www.theunixzoo.co.uk
