Post New Topic  Post A Reply
my profile | register | search | faq | forum home
  next oldest topic   next newest topic
» MacOSX - forked.net   » Compile Problems   » Interm. Porting 1: Fixing OpenSSL Apps

UBBFriend: Email this page to someone!    
Author Topic: Interm. Porting 1: Fixing OpenSSL Apps
jasont
Member
Member # 16

posted August 16, 2001 07:32 AM      Profile for jasont     Send New Private Message      Edit/Delete Post  Reply With Quote 
During your not so everyday experiences (I will only hack on sundays) you may come across certain applications that take advantage of openssl. A lot of the time these applications will work fine. However, many applications ported from certain operating systems <reindeer abusers> will not. This is because some <it looks like you blew a seal> applications look for something vaguely like dev/random on <that's only vanilla ice cream> those operating systems. Normally that isn't a problem, but if you can't (for some innocent reason) pass arguments to the application for openssl then you have a small problem.

If you see something like this:

code:

warning, not much extra random data, consider using the -rand option
Generating RSA private key, 512 bit long modulus
1292:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:538:
1292:error:04069003:rsa routines:RSA_generate_key:BN lib:rsa_gen.c:182:

Then you have three options

1) See if the application supports passing an argument to openssl and pass the rand one (see option 3)
2) If the key size is small you may be able to use the application (WHICH CAN BE PACKAGED WITH AN INSTALLER) Entropy Gathering Daemon (project http://sourceforge.net/projects/egd/). This *big hint* is effective only after it has had a while to...for lack of a better phrase... gather entropy. It is best used as a startup item (you will need to hand edit hostconfig if you somehow get an installer). Some post-startup applications will actually look for this and try to use it on bsd systems.
3) Change the source code.
If you're going to change the source code then make sure you can already make the application before hacking it. DO NOT MOVE ANY FILES AFTER YOU MAKE IT. You're looking for something like:

code:

openssl genrsa

You can always search your files for openssl or backtrack through your apps #<includes> files to find it. Once you find it you'll need to edit it to point to a random file.

OpenSSL takes random files as : seperated lists. A not so great example is:

code:

23421321:5I3HAD4BETTER234321:5GET432MENTIONE
D642623564235523432:90239FOR320923009302:dfj
alkdfjsaflksa:u9i0132THISONE4rajsdkfla:908ud
asfsa23:80982093rfjdildfas:fasd89f080928354r
ialjdfs:9080981234:7800


All on one line.

It's a good idea to just call this file rand so you know not to mess w/ it later.
Now you simply need to change your application to point to it by editing the openssl call to look more like

code:

openssl genrsa -rand /FULL/PATH/TO/rand

Since you kept your working build directory you can usually do a make clean and then a make again to get your ported app to work.

[ August 16, 2001: Message edited by: jasont ]


Posts: 50 | From: Palo Alto, CA | Registered: Aug 2001  |  IP: Logged

All times are Pacific Time  

Post New Topic  Post A Reply Close Topic    Move Topic    Delete Topic next oldest topic   next newest topic
Hop To:

Contact Us | macosx.forked.net

Powered by Infopop Corporation
Ultimate Bulletin BoardTM 6.1.0.2