Re: qmail starttls patch does not seed the random number generator

[Frederik Vermeulen <jos-tls () kotnet org>]

Felix von Leitner wrote:
> openssl-0.9.6b does not allow ssl/tls connections when the random number
> has not been seeded.  This is a good idea, and it exposes that the
> starttls patch for qmail does not seed the random number generator.

I (patch maintainer) second the response of Brian Hatch in
<20010815105637.A30794 () ifokr org>. On systems that
support /dev/urandom, the openssl library uses it to seed the
PRNG, without the need to call RAND_seed in the application. On other
systems, it will fail to set up a TLS connection as you
reported. This is also the case with openssl versions < 0.9.6b.
I see no security problem with this behavior.

The openssl library provides the possibility to provide PRNG
seeding in the application. This moves the problem of providing a
platform specific PRNG seeding function from the cryptographic
library to the application programmer. The third way is to have
the PRNG seeding code in an entropy gathering daemon (EGD). This
keeps the application code platform-independent (only EGD
interfacing code is needed).

You report that your system has /dev/urandom, but openssl does not
use it. Are you sure  DEVRANDOM in openssl/e_os.h was defined to
/dev/urandom when openssl was compiled?

Regards,

Frederik