GnuTLS (libgrypt really) and Postfix

Victor Duchovni Victor.Duchovni at MorganStanley.com
Fri Feb 10 15:15:32 EST 2006 

On Fri, Feb 10, 2006 at 09:15:26AM -0800, John Gilmore wrote:

> Subject: GnuTLS 1.2.10 - Security release

If I may be granted the segue, the Postfix documentation has recently
been updated to include the following text:

    NOTE: Do not use Gnu TLS. It will spontaneously terminate a process
    with exit status code 2, instead of properly reporting problems to
    Postfix, so that it can log them to the maillog file.

This was discovered when the Postfix cleanup(8) daemon was reported
exiting in LDAP initialization.  The system LDAP library was linked
against GnuTLS, and /dev/urandom was missing from the chroot jail.

The real culprit is libgcrypt, whose log_fatal() macro terminates the
calling process. This is undesirable in a general purpose library. If
the authors of GnuTLS have any influence on the design/implementation
of libgcrypt, I hope they will make an effort to see this issue addressed.

  cipher/cipher.c: log_fatal("cipher_encrypt: invalid mode %d\n", c->mode );
  cipher/cipher.c: log_fatal ("cipher_decrypt: invalid mode %d\n", c->mode );
  cipher/dsa.c: log_fatal("DSA:: sign, verify failed\n");
  cipher/elgamal.c: log_fatal("ElGamal operation: encrypt, decrypt failed\n");
  cipher/elgamal.c: log_fatal("ElGamal operation: sign, verify failed\n");
  cipher/primegen.c: log_fatal ("can't generate a prime with less than %d bits\n", 16);
  cipher/random.c: log_fatal ("failed to create the pool lock: %s\n", strerror (err) );
  cipher/random.c: log_fatal ("failed to create the nonce buffer lock: %s\n",
  cipher/random.c: log_fatal ("failed to acquire the pool lock: %s\n", strerror (err));
  cipher/random.c: log_fatal ("failed to release the pool lock: %s\n", strerror (err));
  cipher/random.c: log_fatal ("failed to acquire the pool lock: %s\n", strerror (err));
  cipher/random.c: log_fatal ("failed to release the pool lock: %s\n", strerror (err));
  cipher/random.c: log_fatal(_("can't read `%s': %s\n"), seed_file_name,strerror(errno) );
  cipher/random.c: log_fatal ("failed to acquire the pool lock: %s\n", strerror (err));
  cipher/random.c: log_fatal ("failed to release the pool lock: %s\n", strerror (err));
  cipher/random.c: log_fatal (_("no entropy gathering module detected\n"));
  cipher/random.c: log_fatal ("failed to acquire the pool lock: %s\n", strerror (err));
  cipher/random.c: log_fatal ("failed to acquire the pool lock: %s\n", strerror (err));
  cipher/random.c: log_fatal ("No way to gather entropy for the RNG\n");
  cipher/random.c: log_fatal ("failed to acquire the nonce buffer lock: %s\n",
  cipher/random.c: log_fatal ("failed to release the nonce buffer lock: %s\n",
  cipher/rndegd.c: log_fatal ("EGD socketname is too long\n");
  cipher/rndegd.c: log_fatal("can't create unix domain socket: %s\n", strerror(errno) );
  cipher/rndegd.c: log_fatal("can't connect to EGD socket `%s': %s\n",
  cipher/rndegd.c: log_fatal("can't write to the EGD: %s\n", strerror(errno) );
  cipher/rndegd.c: log_fatal("can't write to the EGD: %s\n", strerror(errno) );
  cipher/rndlinux.c: log_fatal ("can't open %s: %s\n", name, strerror(errno) );
  cipher/rndlinux.c: log_fatal("stat() off %s failed: %s\n", name, strerror(errno) );
  cipher/rndlinux.c: log_fatal("invalid random device!\n" );
  cipher/rndlinux.c: log_fatal("read error on random device: %s\n", strerror(errno));
  cipher/rndw32.c: log_fatal ( "rndw32: can't get module handle\n" );
  cipher/rndw32.c: log_fatal ( "rndw32: failed to get a toolhelp function\n" );
  cipher/rndw32.c: log_fatal ( "rndw32: failed to take a toolhelp snapshot\n" );
  cipher/rndw32.c: log_fatal("can't run on a W32s platform\n" );
  cipher/rsa.c: log_fatal("RSA operation: public, secret failed\n");
  cipher/rsa.c: log_fatal("RSA operation: secret, public failed\n");
  src/secmem.c: log_fatal ("failed to reset uid: %s\n", strerror (errno));
  src/secmem.c: log_fatal ("can't allocate memory pool of %u bytes\n",
  src/secmem.c: log_fatal ("failed to drop setuid\n");

-- 

 /"\ ASCII RIBBON                  NOTICE: If received in error,
 \ / CAMPAIGN     Victor Duchovni  please destroy and notify
  X AGAINST       IT Security,     sender. Sender does not waive
 / \ HTML MAIL    Morgan Stanley   confidentiality or privilege,
                                   and use is prohibited.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list