Re: [Bug-wget] [PATCH] OpenSSL TLSv1+ regression in wget-1.16

[Jérémie Courrèges-Anglas]

Hi,

Tim Rühsen <address@hidden> writes:

> Am Mittwoch, 3. Dezember 2014, 12:36:33 schrieb Jérémie Courrèges-Anglas:
>> Hi,
>> 
>> Giuseppe Scrivano <address@hidden> writes:
>> 
>> [...]
>> 
>> > we should also hide --rand-egd from wget --help and do not accept this
>> > option when HAVE_RAND_EGD is not set.
>> 
>> I thought about that and took the lazy approach: the option is still
>> available even if gnutls is used, even though it's a nop.  Why then
>> change the interface if libressl is used instead of openssl/gnutls?
>> 
>> Or maybe this was merely overlooked and openssl should really be
>> a special case here, dunno.
>
> IMHO, we should accept --rand-egd to not introduce regressions.
> But instead of silently ignoring the users demand, we should print a warning 
> about the LibreSSL/RAND_egd() issue.

LibreSSL doesn't have any issue wrt RAND_egd().  This function was
deleted on purpose.

> Maybe saying, that a modern /dev/random 
> is more secure than the EGD ?
>
> It would not be nice if someone loses security without being warned.

LibreSSL users won't lose anything.  LibreSSL does the right thing wrt
RNG initialization, consumer applications don't need to mess with this.

If you *really* want to print a warning message for LibreSSL users
please make it rude. :)

>> Or... another alternative would be to get rid of RAND_egd altogether,
>> with --egd-file staying for compat for a few releases. :)
>
> The question here is, where and in which way is EGD still useful !?
> Maybe it is already obsolete on very most systems ?
> We should keep this in mind for 1.17+.

Looking at the openssl code, it looks like egd is automatically queried
- since 2001 - if /dev/*random didn't return enough bytes.  See
rand_unix.c

Your call...  I wouldn't bother about that stuff in your place.

-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

signature.asc
Description: PGP signature