[openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
[jaenicke - Wed Apr 30 15:46:39 2003]: [jaenicke - Mon Apr 28 10:56:55 2003]: I consider this to be a bug in the AIX 5.2 select() routine. Please file a bug report. In the meantime I have received information from Craig Anthony [EMAIL PROTECTED]. The AIX 5.2 implementation of select() cannot handle the /dev/[u]random devices and therefore fails. On 4 June 2003 a fix for this issue (APAR IY43851) will be available. The fix has been released in the meantime. I therefore close this ticket. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
Hi! No patch should be required, not even AIX can be that weird. An official specification for select() is available at http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/commtrf1/select.htm Ok, is it maybe a PEBKAC. But I cannot find an explanation for the following behavior: I use the little programm that Anders Liljegren mailed at http://www.mail-archive.com/[EMAIL PROTECTED]/msg30771.html about 2 weeks ago. #include string.h #include stdlib.h #include openssl/rand.h int main(void) { exit(RAND_status()); } Both times openssl is configured with ./Configure aix43-gcc and compiled with gcc-3.2.1 and the IBM linker. The first test is without the patch, the second with the patch. Any ideas? Andreas Walter truss ./ssl-test execve(./ssl-test, 0x2FF22BA4, 0x2FF22BAC) argc: 1 __loadx(0x0A04, 0xD03399AC, 0x0003, 0x1000, 0x2D1D) = 0x _getpid() = 22600 _getpid() = 22600 open(/dev/urandom, O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3 _select(4, 0x2FF20A50, 0x, 0x, 0x2FF22A58) = 0 close(3)= 0 open(/dev/random, O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3 _select(4, 0x2FF20A50, 0x, 0x, 0x2FF22A58) = 0 close(3)= 0 open(/dev/srandom, O_RDONLY|O_NOCTTY|O_NONBLOCK) Err#2 ENOENT socket(1, 1, 0) = 3 connext(3, 0x2FF20850, 19) Err#2 ENOENT close(3)= 0 socket(1, 1, 0) = 3 connext(3, 0x2FF20850, 15) Err#2 ENOENT close(3)= 0 socket(1, 1, 0) = 3 connext(3, 0x2FF20850, 15) Err#2 ENOENT close(3)= 0 socket(1, 1, 0) = 3 connext(3, 0x2FF20850, 14) Err#2 ENOENT close(3)= 0 _getpid() = 22600 sbrk(0x)= 0x2000B4A8 sbrk(0x0008)= 0x2000B4A8 sbrk(0x00010010)= 0x2000B4B0 getuidx(2) = 0 _getpid() = 22600 _getpid() = 22600 kfcntl(1, F_GETFL, 0x20008F54) = 2 kfcntl(2, F_GETFL, 0x) = 2 _exit(0) truss ./ssl-test-aixpatch execve(./ssl-test-aixpatch, 0x2FF22B9C, 0x2FF22BA4) argc: 1 __loadx(0x0A04, 0xD03399AC, 0x0003, 0x1000, 0x2D35) = 0x _getpid() = 24072 _getpid() = 24072 open(/dev/urandom, O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3 _select(1, 0x2FF20A40, 0x, 0x, 0x2FF22A48) = 0 kread(3, @ Z ??- G ?806 W V '.., 32) = 32 close(3)= 0 _getpid() = 24072 sbrk(0x)= 0x2000B4D4 sbrk(0x000C)= 0x2000B4D4 sbrk(0x00010010)= 0x2000B4E0 _getpid() = 24072 getuidx(2) = 0 _getpid() = 24072 _getpid() = 24072 kfcntl(1, F_GETFL, 0x20008F6C) = 67110914 kfcntl(2, F_GETFL, 0x) = 67110914 _exit(1) __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
According to your truss output, neither version should work at all; select is returning 0 in every case which means that no descriptors are ready. Perhaps AIX's /dev/urandom device driver doesn't support select() functionality. That would certainly be stupid, but not unheard of. Your patch introduces a bug - since you only told select to check 1 descriptor, and descriptor number 1 isn't actually set in the fdset, the select simply times out. This is what the return value 0 means from select. The if/else clause in this function (hell, the whole loop) is written badly and doesn't distinguish a timeout from an actual failure. In your case, it treats the timeout as success and proceeds to read from the descriptor, even though it should actually skip the read. I really don't see what the point of using select() here is in the first place. The fd has already been set to Non-Blocking; either the driver will honor it or it won't. There's nothing more you can do. If you read from /dev/urandom and don't get the number of bytes you wanted, you're screwed anyway. -- Howard Chu Chief Architect, Symas Corp. Director, Highland Sun http://www.symas.com http://highlandsun.com/hyc Symas: Premier OpenSource Development and Support -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] via RT Hi! No patch should be required, not even AIX can be that weird. An official specification for select() is available at http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/c ommtrf1/select.htm Ok, is it maybe a PEBKAC. But I cannot find an explanation for the following behavior: I use the little programm that Anders Liljegren mailed at http://www.mail-archive.com/[EMAIL PROTECTED]/msg30771 .html about 2 weeks ago. #include string.h #include stdlib.h #include openssl/rand.h int main(void) { exit(RAND_status()); } Both times openssl is configured with ./Configure aix43-gcc and compiled with gcc-3.2.1 and the IBM linker. The first test is without the patch, the second with the patch. Any ideas? Andreas Walter truss ./ssl-test execve(./ssl-test, 0x2FF22BA4, 0x2FF22BAC) argc: 1 __loadx(0x0A04, 0xD03399AC, 0x0003, 0x1000, 0x2D1D) = 0x _getpid() = 22600 _getpid() = 22600 open(/dev/urandom, O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3 _select(4, 0x2FF20A50, 0x, 0x, 0x2FF22A58) = 0 close(3)= 0 open(/dev/random, O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3 _select(4, 0x2FF20A50, 0x, 0x, 0x2FF22A58) = 0 close(3)= 0 open(/dev/srandom, O_RDONLY|O_NOCTTY|O_NONBLOCK) Err#2 ENOENT socket(1, 1, 0) = 3 connext(3, 0x2FF20850, 19) Err#2 ENOENT close(3)= 0 socket(1, 1, 0) = 3 connext(3, 0x2FF20850, 15) Err#2 ENOENT close(3)= 0 socket(1, 1, 0) = 3 connext(3, 0x2FF20850, 15) Err#2 ENOENT close(3)= 0 socket(1, 1, 0) = 3 connext(3, 0x2FF20850, 14) Err#2 ENOENT close(3)= 0 _getpid() = 22600 sbrk(0x)= 0x2000B4A8 sbrk(0x0008)= 0x2000B4A8 sbrk(0x00010010)= 0x2000B4B0 getuidx(2) = 0 _getpid() = 22600 _getpid() = 22600 kfcntl(1, F_GETFL, 0x20008F54) = 2 kfcntl(2, F_GETFL, 0x) = 2 _exit(0) truss ./ssl-test-aixpatch execve(./ssl-test-aixpatch, 0x2FF22B9C, 0x2FF22BA4) argc: 1 __loadx(0x0A04, 0xD03399AC, 0x0003, 0x1000, 0x2D35) = 0x _getpid() = 24072 _getpid() = 24072 open(/dev/urandom, O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3 _select(1, 0x2FF20A40, 0x, 0x, 0x2FF22A48) = 0 kread(3, @ Z ??- G ?806 W V '.., 32) = 32 close(3)= 0 _getpid() = 24072 sbrk(0x)= 0x2000B4D4 sbrk(0x000C)= 0x2000B4D4 sbrk(0x00010010)= 0x2000B4E0 _getpid() = 24072 getuidx(2) = 0 _getpid() = 24072 _getpid()
RE: [openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
The current code is pretty ineffective. Since select() only tells you that at least 1 byte is available, you still need to do a read to determine how many bytes are actually there. Given that the descriptor is already open non-blocking, this would probably be better: --- rand_unix.c.O Thu Nov 28 00:08:40 2002 +++ rand_unix.c Wed Apr 2 01:15:22 2003 @@ -164,33 +164,25 @@ int r; fd_set fset; - do + r=read(fd,(unsigned char *)tmpbuf+n, + ENTROPY_NEEDED-n); + if (r 0) + n += r; + if (n ENTROPY_NEEDED) { FD_ZERO(fset); FD_SET(fd, fset); r = -1; - if (select(fd+1,fset,NULL,NULL,t) 0) - t.tv_usec=0; - else if (FD_ISSET(fd, fset)) + if (select(fd+1,fset,NULL,NULL,t) == 1) { r=read(fd,(unsigned char *)tmpbuf+n, ENTROPY_NEEDED-n); if (r 0) n += r; - } - /* Some Unixen will update t, some - won't. For those who won't, give - up here, otherwise, we will do - this once again for the remaining - time. */ - if (t.tv_usec == 10*1000) - t.tv_usec=0; + } } - while ((r 0 || (errno == EINTR || errno == EAGAIN)) -t.tv_usec != 0 n ENTROPY_NEEDED); - close(fd); } } I removed the loop; I doubt another one or two milliseconds will make any difference if it fails to fulfill the original read requests. -- Howard Chu Chief Architect, Symas Corp. Director, Highland Sun http://www.symas.com http://highlandsun.com/hyc Symas: Premier OpenSource Development and Support __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
No patch should be required, not even AIX can be that weird. An official specification for select() is available at http://www.opengroup.org/onlinepubs/007908799/xsh/select.html __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
[bodo - Tue Apr 1 16:58:47 2003]: No patch should be required, not even AIX can be that weird. An official specification for select() is available at http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/commtrf1/select.htm This was the wrong link, I meant the www.opengroup.org link that appears my other message ... __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
Hello! Since 5.2 AIX supports /dev/random and /dev/urandom. Openssl don't use it because the select system call works different on AIX than on linux. As described in the following URL, the select system call expects the number of file describtors as first parameter in AIX. Linux expects the highst numbered fd +1. http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/commtrf1/select.htm So I made a #ifdef and hardcoded the first parameter to 1 for AIX. I'm not sure if this will have any side effects, especially for versions 5.2 but I don't think so. The attached patch will do the change on the file openssl-0.9.7a/crypto/rand/rand_unix.c. Anders Liljegren tested it also on AIX 5.2 and found no problems. Bye Andreas Walter diff -u openssl-0.9.7a/crypto/rand/rand_unix.c-orig openssl-0.9.7a/crypto/rand/rand_unix.c --- openssl-0.9.7a/crypto/rand/rand_unix.c-orig 2003-03-28 14:23:01.0 +0100 +++ openssl-0.9.7a/crypto/rand/rand_unix.c 2003-03-28 14:45:19.0 +0100 @@ -170,7 +170,14 @@ FD_SET(fd, fset); r = -1; +#ifdef AIX /* First paramater on AIX Specifies the number of file descriptors and message +* queues to check. See also: +* http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/commtrf1/select.htm +*/ + if (select(1,fset,NULL,NULL,t) 0) +#else if (select(fd+1,fset,NULL,NULL,t) 0) +#endif t.tv_usec=0; else if (FD_ISSET(fd, fset)) { __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Lutz Jaenicke via RT On Mon, Mar 31, 2003 at 10:54:31AM +0200, [EMAIL PROTECTED] via RT wrote: Since 5.2 AIX supports /dev/random and /dev/urandom. Openssl don't use it because the select system call works different on AIX than on linux. As described in the following URL, the select system call expects the number of file describtors as first parameter in AIX. Linux expects the highst numbered fd +1. http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/c ommtrf1/select.htm Are you sure? select() is around since UNIX exists, that means the early 70s, maybe longer. I am not that good when it comes to UNIX history :-) I would not believe that IBM would break more or less all programs by chaning the select() API in an incompatible way. This is a non-issue; they are two different ways of saying the same thing. The AIX description is the same one all Unix systems with select() have used since... 4.2BSD. I don't recall if 4.1 had select() or not. Think about it. The fdset is a bit field. The nfds parameter tells select how far into the field it needs to look. Each bit corresponds to one fd. If you have fd#0, that corresponds to bit #1. This is why the number of fds is *always* the highest numbered fd +1. -- Howard Chu Chief Architect, Symas Corp. Director, Highland Sun http://www.symas.com http://highlandsun.com/hyc Symas: Premier OpenSource Development and Support __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
select() expects the first parameter to contain the number of fd's to be checked in all flavours of Unix. Andreas is confusing the number of fd's to be checked (n) with the numbering of fd's (0 -(n-1)). This may explain some bugs :-) Chris Brook -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Lutz Jaenicke via RT Sent: Monday, March 31, 2003 1:56 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom On Mon, Mar 31, 2003 at 10:54:31AM +0200, [EMAIL PROTECTED] via RT wrote: Since 5.2 AIX supports /dev/random and /dev/urandom. Openssl don't use it because the select system call works different on AIX than on linux. As described in the following URL, the select system call expects the number of file describtors as first parameter in AIX. Linux expects the highst numbered fd +1. http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/commtrf1/select ..htm Are you sure? select() is around since UNIX exists, that means the early 70s, maybe longer. I am not that good when it comes to UNIX history :-) I would not believe that IBM would break more or less all programs by chaning the select() API in an incompatible way. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
This is a non-issue; they are two different ways of saying the same thing. The AIX description is the same one all Unix systems with select() have used since... 4.2BSD. I don't recall if 4.1 had select() or not. Think about it. The fdset is a bit field. The nfds parameter tells select how far into the field it needs to look. Each bit corresponds to one fd. If you have fd#0, that corresponds to bit #1. This is why the number of fds is *always* the highest numbered fd +1. They are *not* the same thing. I may have only one fd with a value of 100. IBM's select asks that nfdsmsgs (the first parameter) be set to 1. (kind like poll) Linux/BSD requires it be set to 101. Not all implementations of fd_set's and hence select() use bit arrays (win32 does not either but it ignores the first parameter of select). And the behaviour of select() is not consistant across implementations either. Linux has a different behaviour from the standard BSD/UNIX/win32. Just ask anyone who's tried to code select for a non-blocking socket connect -lee __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
select() expects the first parameter to contain the number of fd's to be checked in all flavours of Unix. No. It is 1+(maxfd). Traditioanlly they are the same, but for long-running servers that open and close things and have holes they won't be. /r$ __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dilkie, Lee This is a non-issue; they are two different ways of saying the same thing. The AIX description is the same one all Unix systems with select() have used since... 4.2BSD. I don't recall if 4.1 had select() or not. Think about it. The fdset is a bit field. The nfds parameter tells select how far into the field it needs to look. Each bit corresponds to one fd. If you have fd#0, that corresponds to bit #1. This is why the number of fds is *always* the highest numbered fd +1. They are *not* the same thing. Wrong. I may have only one fd with a value of 100. IBM's select asks that nfdsmsgs (the first parameter) be set to 1. (kind like poll) Wrong. Linux/BSD requires it be set to 101. Not all implementations of fd_set's and hence select() use bit arrays (win32 does not either but it ignores the first parameter of select). The man page on the referenced URL states that the fdset is a bitmask. Please re-read the documentation: http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/basetrf2/select. htm#HDRA15691187 Quoting from the above page: NfdsmsgsSpecifies the number of file descriptors and the number of message queues to check. The low-order 16 bits give the length of a bit mask that specifies which file descriptors to check; the high-order 16 bits give the size of an array that contains message queue identifiers. If either half of the Nfdsmsgs parameter is equal to a value of 0, the corresponding bit mask or array is assumed not to be present. The Nfds parameter is the length of the bitmask. This is exactly the same definition as on BSD. Changing this definition would totally break compatibility with all Unix networking software written to date. They're not that stupid. And the behaviour of select() is not consistant across implementations either. Linux has a different behaviour from the standard BSD/UNIX/win32. Just ask anyone who's tried to code select for a non-blocking socket connect Linux was never originally intended to be Just Like Unix. It has been forced into that direction by later generations of hackers, but some of its early design decisions remain to this day. So it goes. As someone once said, Those who don't understand Unix are doomed to reimplement it, badly. -- Howard Chu Chief Architect, Symas Corp. Director, Highland Sun http://www.symas.com http://highlandsun.com/hyc Symas: Premier OpenSource Development and Support __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #558] Patch Openssl 0.9.7a for AIX 5.2 to use /dev/urandom
On Mon, Mar 31, 2003 at 10:54:31AM +0200, [EMAIL PROTECTED] via RT wrote: Since 5.2 AIX supports /dev/random and /dev/urandom. Openssl don't use it because the select system call works different on AIX than on linux. As described in the following URL, the select system call expects the number of file describtors as first parameter in AIX. Linux expects the highst numbered fd +1. http://publibn.boulder.ibm.com/doc_link/en_US/a_doc_lib/libs/commtrf1/select.htm Are you sure? select() is around since UNIX exists, that means the early 70s, maybe longer. I am not that good when it comes to UNIX history :-) I would not believe that IBM would break more or less all programs by chaning the select() API in an incompatible way. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]