* Florian Weimer: > It's the generation of the special server-side key used to support > "RSA export" clients which use 40-bit symmetric session keys. > > The following patch disables this feature; it should eliminate all use > of /dev/urandom. If you omit the hunk removing GNUTLS_KX_RSA_EXPORT, > the functionality should remain there and Exim will generate the the > key on demand, i.e. if a client tries to actually connect to the > server in RSA_EXPORT mode. This connection will potentially block, of > course, it won't prevent delivery of other mail. > > A better fix would be to instruct GnuTLS to use random bits which are > not cryptographically secure for the RSA_EXPORT key because this key > is insecure anyway (it's just 512 bits, after all).
Turns out the patch was broken. This one should be better. The comments above still apply. #! /bin/sh /usr/share/dpatch/dpatch-run ## 84_tls-entropy-fix.dpatch by <[EMAIL PROTECTED]> ## ## All lines beginning with `## DP:' are a description of the patch. ## DP: No description. @DPATCH@ diff -urNad exim4~/src/tls-gnu.c exim4/src/tls-gnu.c --- exim4~/src/tls-gnu.c 2006-01-30 14:25:35.000000000 +0100 +++ exim4/src/tls-gnu.c 2006-01-30 14:28:08.000000000 +0100 @@ -23,7 +23,6 @@ #define UNKNOWN_NAME "unknown" #define DH_BITS 768 -#define RSA_BITS 512 /* Values for verify_requirment and initialized */ @@ -35,7 +34,6 @@ static BOOL initialized = INITIALIZED_NOT; static host_item *client_host; -static gnutls_rsa_params rsa_params = NULL; static gnutls_dh_params dh_params = NULL; static gnutls_certificate_server_credentials x509_cred = NULL; @@ -55,7 +53,6 @@ GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, - GNUTLS_KX_RSA_EXPORT, 0 }; static int default_cipher_priority[16] = { @@ -291,14 +288,11 @@ init_rsa_dh(host_item *host) { int fd, ret; -gnutls_datum m, e, d, p, q, u, prime, generator; +gnutls_datum prime, generator; uschar filename[200]; /* Initialize the data structures for holding the parameters */ -ret = gnutls_rsa_params_init(&rsa_params); -if (ret < 0) return tls_error(US"init rsa_params", host, ret); - ret = gnutls_dh_params_init(&dh_params); if (ret < 0) return tls_error(US"init dh_params", host, ret); @@ -315,7 +309,6 @@ fd = Uopen(filename, O_RDONLY, 0); if (fd < 0) { - unsigned int rsa_bits = RSA_BITS; unsigned int dh_bits = DH_BITS; uschar tempfilename[sizeof(filename) + 10]; @@ -323,10 +316,6 @@ return tls_error(string_open_failed(errno, "%s for reading", filename), host, 0); - DEBUG(D_tls) debug_printf("generating %d bit RSA key...\n", RSA_BITS); - ret = gnutls_rsa_params_generate2(rsa_params, RSA_BITS); - if (ret < 0) return tls_error(US"RSA key generation", host, ret); - DEBUG(D_tls) debug_printf("generating %d bit Diffie-Hellman key...\n", DH_BITS); ret = gnutls_dh_params_generate2(dh_params, DH_BITS); @@ -342,20 +331,10 @@ host, 0); (void)fchown(fd, exim_uid, exim_gid); /* Probably not necessary */ - ret = gnutls_rsa_params_export_raw(rsa_params, &m, &e, &d, &p, &q, &u, - &rsa_bits); - if (ret < 0) return tls_error(US"RSA params export", host, ret); - ret = gnutls_dh_params_export_raw(dh_params, &prime, &generator, &dh_bits); if (ret < 0) return tls_error(US"DH params export", host, ret); - if (!write_datum(fd, &m) || - !write_datum(fd, &e) || - !write_datum(fd, &d) || - !write_datum(fd, &p) || - !write_datum(fd, &q) || - !write_datum(fd, &u) || - !write_datum(fd, &prime) || + if (!write_datum(fd, &prime) || !write_datum(fd, &generator)) return tls_error(US"TLS cache write failed", host, 0); @@ -365,35 +344,26 @@ return tls_error(string_sprintf("failed to rename %s as %s: %s", tempfilename, filename, strerror(errno)), host, 0); - DEBUG(D_tls) debug_printf("wrote RSA and D-H parameters to file\n"); + DEBUG(D_tls) debug_printf("wrote D-H parameters to file\n"); } /* File opened for reading; get the data */ else { - if (!read_datum(fd, &m) || - !read_datum(fd, &e) || - !read_datum(fd, &d) || - !read_datum(fd, &p) || - !read_datum(fd, &q) || - !read_datum(fd, &u) || - !read_datum(fd, &prime) || + if (!read_datum(fd, &prime) || !read_datum(fd, &generator)) return tls_error(US"TLS cache read failed", host, 0); (void)close(fd); - ret = gnutls_rsa_params_import_raw(rsa_params, &m, &e, &d, &p, &q, &u); - if (ret < 0) return tls_error(US"RSA params import", host, ret); - ret = gnutls_dh_params_import_raw(dh_params, &prime, &generator); if (ret < 0) return tls_error(US"DH params import", host, ret); - DEBUG(D_tls) debug_printf("read RSA and D-H parameters from file\n"); + DEBUG(D_tls) debug_printf("read D-H parameters from file\n"); } -DEBUG(D_tls) debug_printf("initialized RSA and D-H parameters\n"); +DEBUG(D_tls) debug_printf("initialized D-H parameters\n"); return OK; } @@ -524,7 +494,6 @@ /* Associate the parameters with the x509 credentials structure. */ gnutls_certificate_set_dh_params(x509_cred, dh_params); -gnutls_certificate_set_rsa_params(x509_cred, rsa_params); DEBUG(D_tls) debug_printf("initialized certificate stuff\n"); return OK; -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]