From owner-freebsd-bugs@FreeBSD.ORG  Sun Mar 12 03:03:52 2006
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 917BD16A51A
	for <freebsd-bugs@hub.freebsd.org>;
	Sun, 12 Mar 2006 03:03:52 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AEF5244097
	for <freebsd-bugs@hub.freebsd.org>;
	Sun, 12 Mar 2006 03:00:46 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k2C30kf6053422
	for <freebsd-bugs@freefall.freebsd.org>; Sun, 12 Mar 2006 03:00:46 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k2C30k1p053421;
	Sun, 12 Mar 2006 03:00:46 GMT (envelope-from gnats)
Resent-Date: Sun, 12 Mar 2006 03:00:46 GMT
Resent-Message-Id: <200603120300.k2C30k1p053421@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Doug White <dwhite@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7F91E16A438
	for <freebsd-gnats-submit@FreeBSD.org>;
	Sun, 12 Mar 2006 02:57:26 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C49794620A
	for <freebsd-gnats-submit@FreeBSD.org>;
	Sun, 12 Mar 2006 01:43:49 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id k2C1hn9C083318
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 12 Mar 2006 01:43:49 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id k2C1hnSR083316;
	Sun, 12 Mar 2006 01:43:49 GMT (envelope-from nobody)
Message-Id: <200603120143.k2C1hnSR083316@www.freebsd.org>
Date: Sun, 12 Mar 2006 01:43:49 GMT
From: Doug White <dwhite@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-2.3
Cc: 
Subject: bin/94377: /etc/rc.d/sshd improperly tests random dev state
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Mar 2006 03:03:52 -0000


>Number:         94377
>Category:       bin
>Synopsis:       /etc/rc.d/sshd improperly tests random dev state
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Mar 12 03:00:46 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Doug White
>Release:        FreeBSD 6.1-PRERELEASE (GENERIC) #0: Thu Mar  9 15:08:53 PST 2006
>Organization:
Gumbysoft
>Environment:
FreeBSD overseer.testrack.ixsystems.com 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #0: Thu Mar  9 15:08:53 PST 2006     dwhite@:/usr/obj/usr/src/sys/GENERIC  i386

>Description:
/etc/rc.d/sshd tests whether the kern.random.sys.seeded sysctl is set before prompting the user to seed the random device. The test incorrectly checks if the sysctl returns an empty string rather than checking if its value is zero. Since a numeric sysctl always returns a value if the call was successful, this leads to unnecessary PRNG state resets and user input. On my test machine it actually prevented the script from generating the keys if insufficient input was given to the PRNG initialization prompt.
>How-To-Repeat:
I found this by installing a system with sshd disabled in sysinstall, but it can be duplicated by shutting down ssh, removing the host keys, then running '/etc/rc.d/sshd start'.
>Fix:
(this patch is also available at http://people.freebsd.org/~dwhite/patches/sshd.20060310.patch)

This patch fixes the issue identified in this PR and also correctly against sysctl failing and returning an empty string (if its somehow called while the random device is not loaded, for instance).


===================================================================
RCS file: /home/ncvs/src/etc/rc.d/sshd,v
retrieving revision 1.9
diff -u -r1.9 sshd
--- sshd        23 Oct 2005 14:06:53 -0000      1.9
+++ sshd        12 Mar 2006 01:40:44 -0000
@@ -23,7 +23,7 @@
 {
        (
        seeded=`sysctl -n kern.random.sys.seeded 2>/dev/null`
-       if [ "${seeded}" != "" ] ; then
+       if [ "x${seeded}" != "x" ] && [ ${seeded} -eq 0 ] ; then
                warn "Setting entropy source to blocking mode."
                echo "===================================================="
                echo "Type a full screenful of random junk to unblock"

>Release-Note:
>Audit-Trail:
>Unformatted: