Re: severe error in SSH session key recovery patch

[Robert Varga <nite () HQ ALERT SK>]

On Sun, Feb 11, 2001 at 12:07:39PM -0500, Andrew Brown wrote:
> >  -- With the patch, the lifespan of the server key still does not go
> >     below one minute. As mentioned in CORE SDI's advisory, the number
> >     of server connections necessary to carry out the attack is
> >     normally very large but "the number of connections given is for
> >     the average case and specifics cases will fall below the
> >     average". This suggests that is not entirely out of the question
> >     for the attack to succeed within one minute. If that risk is not
> >     appropriate in one's environment, then other measures (which may
> >     include inetd/tcpserver but may also include desupporting use of
> >     SSH protocol 1.5) are needed.
>
> 1)    {
> 2)      static time_t last_kill_time = 0;
> 3)      if (time(NULL) - last_kill_time > 60 && getppid() != 1)
> 4)        {
> 5)         last_kill_time = time(NULL);
> 6)         kill(SIGALRM, getppid());
> 7)       }
> 8)      fatal("Bad result from rsa_private_decrypt");
> 9)    }

Am I missing something ? time(NULL) returns something (other than 0, till
2036 at least ;-)), meaning (time(NULL) - last_kill_time) will we GREATER
than 60 (remeber - has higher priority wrt evaluation than >). That in turn
assigns the current system time to last_kill_time. It is declared static,
meaning it will RETAIN its value after the function returns, making the
above code work perfectly for the time being (next ~30 years).

-- 
Kind regards,
Robert Varga
------------------------------------------------------------------------------
n () hq sk                                          http://hq.sk/~nite/gpgkey.txt

Attachment: _bin
Description: