similar to: RAND_bytes return value

Hi, Yesterday I tried to replace the system openssl in a gentoo system with libressl. With openssh an interesting issue popped up: * RAND_bytes in libressl calls arc4random * arc4random is a compat function both in openssh and libressl * arc4random from openssh uses RAND_bytes So what's happening is a recursion. arc4random wants to use RAND_bytes and RAND_bytes wants to use arc4random. The

Hi, There seems to be a problem with the arc4random code on mips/mipsel, producing the following error message: Couldn't obtain random bytes (error 604389476) To quote the bug submitter: "On mips and mipsel, the above error message is frequently seen when calling ssh with a command, usually several times in rapid succession, although that is not always the case. The error appears to

Hi, I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with FIPS 140-2 OpenSSL. These are based on previously reported patches by Steve Marquess <marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>, for ver. OpenSSH 3.8. Note that these patches are NOT OFFICIAL, and MAY be used freely by anyone. Issues [partially] handled: SSL FIPS Self test. RC4,

I am trying to compile OpenSSH 4.0p1 on a new Solaris 10 system using the OpenSSL that comes w/ the OS (0.9.7d) as well as MIT Krb5 1.4.1 (for various reasons we are not using Sun's Krb5 implementation): ./configure --prefix=/usr/local --with-kerberos5=/usr/local/krb5 --with-ssl-dir=/usr/sfw And it looks to be bombing here (adding in random support?): -=- gmake[1]: Entering directory

This morning dovecot died with the following messages in the errorlog. Any solution to this problem? I am using Fedora Core 1 on a SMP i686 box. imap-login: Mar 30 08:08:00 Fatal: RAND_bytes() failed: error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded dovecot: Mar 30 08:08:00 Error: Login process died too

fyi (i'm behind in following the passord expire efforts). ----- Forwarded message from Logu <logsnaath at gmx.net> ----- Date: Sat, 7 Dec 2002 02:42:52 +0530 From: "Logu" <logsnaath at gmx.net> To: <stevesk at cvs.openbsd.org> Cc: <kumaresh_ind at gmx.net> Subject: Password expiry related clarification in OpenSSH3.5p1 Hello Stevesk, We are using

I've been seeing the Dovecot/SSL/Fedora 1 problem. I have a dovecot server which tends to die at least once a day, with messages like these :- May 24 13:44:44 mail pop3-login: RAND_bytes() failed: error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded May 24 13:44:44 mail dovecot: Login process died too early - shutting down I noticed Timo's email about this at:

Hi. SunOS 4 is one system that relies on the strerror() in bsd-misc.[ch]. However, that replacement function does not have the right prototype. This is fixed in the patch below. There was also an error with sys_errlist not being explicitely declared. Also fixed. There was another weird link-time problem with bsd-misc.o being at the same time used by some *.o in libssh.a and using itself

Hi, with current test releases SSL doesn't work anymore for me on AIX 4.3 with dovecot-0.99.10-test14. It worked with 0.99.9.1. dovecot: Jun 23 19:42:23 Info: Dovecot starting up imap-login: Jun 23 19:42:25 Fatal: RAND_bytes() failed: error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded imap-login: Jun 23 19:42:25 Fatal: RAND_bytes() failed: error:24064064:random number

tags 516774 = patch tags 516294 = upstream thanks Hi! Please find attached a diff closing #516774 by adding mkstemp(3), again with a minimalistic pseudo-arc4random(3) behind it. I?ve revisited the code. An mkstemp testsuite from the ?net shows it works, except for not caring how many ?X?en are in the template. Addressing #516294, it allows compiling and linking an mksh from today?s CVS against

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced:

I woke up this morning and my dovecot server had died with the following in the dovecot.log file: pop3-login: Jan 23 10:23:08 Fatal: RAND_bytes() failed: error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded dovecot: Jan 23 10:23:08 Error: Login process died too early - shutting down dovecot: Jan 23 10:23:08 Error: child 16321 (login) returned error 89 How can I find out

Hi, I have been working on a portable LibreSSL build tree for a little while to test the waters: http://github.com/busterb/libressl Someone noticed an issue with the arc4random implementation that I originally grabbed from libbsd https://github.com/busterb/libressl/issues/1 So, I looked at how OpenSSH handles it, and noticed that it uses the random functions from OpenSSL unconditionally to seed

Now that ssh-rand-helper has been segregated into a separate program, I'd like to revisit an old question about its entropy gathering. - would it be desirable to make it possible for ssh-rand-helper to fall back to external commands if PRNGD cannot be reached, instead of choosing one or the other at compile time? - When using PRNGD, the program gets 48 bytes of entropy from PRNGD,

All, How can I get at the daily snapshots? When I go to the website, www.openssh.com, and follow the Linux link to portable.html and then go to request the daily snapshot from http://bass.directhit.com/openssh_snap/, I get prompted for a user id and password. Needless to say, I ain't got. That's real useful. Use to be, I could get the snapshots from the ftp site. Then things

I'm trying to understand the rational behind the arc4random() and arc4random_stir() functions in the OpenSSH source tree. On a system that has a good random number generator, say an in kernel /dev/random what extra functionality is this stuff providing ? Would it be acceptable to replace the calls to arc4random() with reading from /dev/random and drop the arc4random_stir() all together ?

I'm seeing broken transfers when attempting large amounts of data. I have read the issues.html file about the transfer dying issues, which claims, " Sometimes fatal error messages from the remote machine can be lost on the way to the client; you should investigate on the server for something stopping the transmission. The most common cause is that the destination disk is full."

First error: head file related. Strangely, this code has been there a while, which makes me think that the HAVE_ARC4RANDOM is somehow now showing up as set whereas perhaps it didn't used to be. tfiala at tfiala2:~/lldb/svn/lgs/build$ make make[1]: Entering directory `/mnt/ssd/work/svn/lgs/build/lib/Support' llvm[1]: Compiling Process.cpp for Debug+Asserts build In file included from

Here http://llvm.org/docs/ExceptionHandling.html#llvm_eh_selector llvm.eh.selector is declared like this: i32 %llvm.eh.selector <http://llvm.org/docs/ExceptionHandling.html#llvm_eh_selector>(i8*, i8*, i8*, ...) But when clang++ (rev.121360) writes the module with exceptions, it writes it out like this: declare i32 @llvm.eh.selector(i8*, i8*, ...) nounwind Why there is such descrepancy?