You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Jim Jagielski <ji...@jaguNET.com> on 2012/09/01 17:47:44 UTC
Re: how to avoid balancer manager nonce?
Another alternative would be to have the nonce also possibly
set at config-time and, if unset, then use the uuid. That way
it could also be used as a sort of shared-secret ;)
ProxySet nonce="applepie!"
Longer term, I think that's a more "strategic" solution.
On Aug 31, 2012, at 2:14 PM, Stefan Fritsch <sf...@sfritsch.de> wrote:
> On Friday 31 August 2012, Eric Covener wrote:
>> I'm fighting a problem on new releases of AIX where in some
>> environments, /dev/random seems to run out of entropy way too
>> quick.
>>
>> I'd like a way to suppress the apr_uuid_get->
>> apr_generate_random_bytes() in mod_proxy_balancer used for the
>> balancer-manager nonce in affected environments.
>>
>> I was thinking a global "BalancerManager off" could be used for
>> this and would also have the upside of fixing the SetHandler
>> htaccess problem.
>>
>> Alternatives would be to find a weaker source for the nonce, or
>> allow tto opt out / use a hard-coded one.
>>
>> Any suggestions?
>
> For 2.4, you could use ap_random_insecure_bytes(). It should be good
> enough for a nonce.
>
> If you add a "BalancerManager off", it should be per directory, or at
> least per vhost. Otherwise it would not help that much with the
> SetHandler htaccess problem.
>
Re: how to avoid balancer manager nonce?
Posted by Ben Laurie <be...@links.org>.
On Wed, Sep 5, 2012 at 12:02 PM, Tony Stevenson <pc...@apache.org> wrote:
>
> On 5 Sep 2012, at 11:57, Jim Jagielski <ji...@jaguNET.com> wrote:
>
>> FWIW, I have time this week to impl this...
>>
>> Feedback/Concerns?
>
> Only the term 'nonce' - It has very unfortunate connotations from UK english. [1] :-)
Sadly, we lost that battle a long time ago, it is a term of art in
crypto/security - which is why, btw, I want to know what it is
actually used for, because generally predictable nonces are a _really
bad idea_, and that is what is currently proposed. I'm assuming that
whoever wrote the code wasn't a complete idiot and did not use
cryptographic randomness for no reason. But perhaps they did, as Jim
seems to think.
>
>
> [1] - http://en.wikipedia.org/wiki/Nonce_(slang)
>
>
>
>
> Cheers,
> Tony
>
> ----------------------------------
> Tony Stevenson
>
> tony@pc-tony.com
> tony@caret.cam.ac.uk
> pctony@apache.org
>
> http://www.pc-tony.com
>
> GPG - 1024D/51047D66
> ----------------------------------
>
Re: how to avoid balancer manager nonce?
Posted by Tony Stevenson <pc...@apache.org>.
On 5 Sep 2012, at 11:57, Jim Jagielski <ji...@jaguNET.com> wrote:
> FWIW, I have time this week to impl this...
>
> Feedback/Concerns?
Only the term 'nonce' - It has very unfortunate connotations from UK english. [1] :-)
[1] - http://en.wikipedia.org/wiki/Nonce_(slang)
Cheers,
Tony
----------------------------------
Tony Stevenson
tony@pc-tony.com
tony@caret.cam.ac.uk
pctony@apache.org
http://www.pc-tony.com
GPG - 1024D/51047D66
----------------------------------
Re: how to avoid balancer manager nonce?
Posted by Jim Jagielski <ji...@jaguNET.com>.
CSRF against balancer_manager... Looks like jorton himself
was the person who first referenced and defined it as a nonce.
On Sep 5, 2012, at 7:08 AM, Ben Laurie <be...@links.org> wrote:
> On Wed, Sep 5, 2012 at 11:57 AM, Jim Jagielski <ji...@jagunet.com> wrote:
>> FWIW, I have time this week to impl this...
>>
>> Feedback/Concerns?
>
> I still want to know what the "nonce" is actually for! Are you going
> to make me read the code and guess?
>
>>
>> On Sep 1, 2012, at 11:47 AM, Jim Jagielski <ji...@jaguNET.com> wrote:
>>
>>> Another alternative would be to have the nonce also possibly
>>> set at config-time and, if unset, then use the uuid. That way
>>> it could also be used as a sort of shared-secret ;)
>>>
>>> ProxySet nonce="applepie!"
>>>
>>> Longer term, I think that's a more "strategic" solution.
>>>
>>> On Aug 31, 2012, at 2:14 PM, Stefan Fritsch <sf...@sfritsch.de> wrote:
>>>
>>>> On Friday 31 August 2012, Eric Covener wrote:
>>>>> I'm fighting a problem on new releases of AIX where in some
>>>>> environments, /dev/random seems to run out of entropy way too
>>>>> quick.
>>>>>
>>>>> I'd like a way to suppress the apr_uuid_get->
>>>>> apr_generate_random_bytes() in mod_proxy_balancer used for the
>>>>> balancer-manager nonce in affected environments.
>>>>>
>>>>> I was thinking a global "BalancerManager off" could be used for
>>>>> this and would also have the upside of fixing the SetHandler
>>>>> htaccess problem.
>>>>>
>>>>> Alternatives would be to find a weaker source for the nonce, or
>>>>> allow tto opt out / use a hard-coded one.
>>>>>
>>>>> Any suggestions?
>>>>
>>>> For 2.4, you could use ap_random_insecure_bytes(). It should be good
>>>> enough for a nonce.
>>>>
>>>> If you add a "BalancerManager off", it should be per directory, or at
>>>> least per vhost. Otherwise it would not help that much with the
>>>> SetHandler htaccess problem.
>>>>
>>>
>>
>
Re: how to avoid balancer manager nonce?
Posted by Ben Laurie <be...@links.org>.
On Wed, Sep 5, 2012 at 11:57 AM, Jim Jagielski <ji...@jagunet.com> wrote:
> FWIW, I have time this week to impl this...
>
> Feedback/Concerns?
I still want to know what the "nonce" is actually for! Are you going
to make me read the code and guess?
>
> On Sep 1, 2012, at 11:47 AM, Jim Jagielski <ji...@jaguNET.com> wrote:
>
>> Another alternative would be to have the nonce also possibly
>> set at config-time and, if unset, then use the uuid. That way
>> it could also be used as a sort of shared-secret ;)
>>
>> ProxySet nonce="applepie!"
>>
>> Longer term, I think that's a more "strategic" solution.
>>
>> On Aug 31, 2012, at 2:14 PM, Stefan Fritsch <sf...@sfritsch.de> wrote:
>>
>>> On Friday 31 August 2012, Eric Covener wrote:
>>>> I'm fighting a problem on new releases of AIX where in some
>>>> environments, /dev/random seems to run out of entropy way too
>>>> quick.
>>>>
>>>> I'd like a way to suppress the apr_uuid_get->
>>>> apr_generate_random_bytes() in mod_proxy_balancer used for the
>>>> balancer-manager nonce in affected environments.
>>>>
>>>> I was thinking a global "BalancerManager off" could be used for
>>>> this and would also have the upside of fixing the SetHandler
>>>> htaccess problem.
>>>>
>>>> Alternatives would be to find a weaker source for the nonce, or
>>>> allow tto opt out / use a hard-coded one.
>>>>
>>>> Any suggestions?
>>>
>>> For 2.4, you could use ap_random_insecure_bytes(). It should be good
>>> enough for a nonce.
>>>
>>> If you add a "BalancerManager off", it should be per directory, or at
>>> least per vhost. Otherwise it would not help that much with the
>>> SetHandler htaccess problem.
>>>
>>
>
Re: how to avoid balancer manager nonce?
Posted by Jim Jagielski <ji...@jaguNET.com>.
FWIW, I have time this week to impl this...
Feedback/Concerns?
On Sep 1, 2012, at 11:47 AM, Jim Jagielski <ji...@jaguNET.com> wrote:
> Another alternative would be to have the nonce also possibly
> set at config-time and, if unset, then use the uuid. That way
> it could also be used as a sort of shared-secret ;)
>
> ProxySet nonce="applepie!"
>
> Longer term, I think that's a more "strategic" solution.
>
> On Aug 31, 2012, at 2:14 PM, Stefan Fritsch <sf...@sfritsch.de> wrote:
>
>> On Friday 31 August 2012, Eric Covener wrote:
>>> I'm fighting a problem on new releases of AIX where in some
>>> environments, /dev/random seems to run out of entropy way too
>>> quick.
>>>
>>> I'd like a way to suppress the apr_uuid_get->
>>> apr_generate_random_bytes() in mod_proxy_balancer used for the
>>> balancer-manager nonce in affected environments.
>>>
>>> I was thinking a global "BalancerManager off" could be used for
>>> this and would also have the upside of fixing the SetHandler
>>> htaccess problem.
>>>
>>> Alternatives would be to find a weaker source for the nonce, or
>>> allow tto opt out / use a hard-coded one.
>>>
>>> Any suggestions?
>>
>> For 2.4, you could use ap_random_insecure_bytes(). It should be good
>> enough for a nonce.
>>
>> If you add a "BalancerManager off", it should be per directory, or at
>> least per vhost. Otherwise it would not help that much with the
>> SetHandler htaccess problem.
>>
>
Re: how to avoid balancer manager nonce?
Posted by Ben Laurie <be...@links.org>.
On Sat, Sep 1, 2012 at 8:13 PM, Jim Jagielski <ji...@jagunet.com> wrote:
>
> On Sep 1, 2012, at 12:39 PM, Ben Laurie <be...@links.org> wrote:
>
>> On Sat, Sep 1, 2012 at 4:47 PM, Jim Jagielski <ji...@jagunet.com> wrote:
>>> Another alternative would be to have the nonce also possibly
>>> set at config-time and, if unset, then use the uuid. That way
>>> it could also be used as a sort of shared-secret ;)
>>>
>>> ProxySet nonce="applepie!"
>>>
>>> Longer term, I think that's a more "strategic" solution.
>>
>> What? Nonces are one-time use only, by definition.
>>
>
> Then we change the name from "nonce" to something else... Preventing
> or arguing against a solid, reliable fix and enhancement because
> it's called something is pretty bogus.
Sure, if its not a nonce, fine by me. Is it not a nonce? What is its purpose?
> Or the other thing, other than renaming it, is to not be so
> pedantic... after all, how long did we have 'MaxRequestsPerChild'? ;)
Whatever. The core problem is that /dev/random blocks, and we've
already seen that working around this leads to problems.
>
>> Better, IMO, would be to either use insecure random, or, better still,
>> seed a PRNG from secure random once and use that from then on (for all
>> randomness).
>>
>> Or switch to FreeBSD where /dev/random does not block :-)
>>
>>> On Aug 31, 2012, at 2:14 PM, Stefan Fritsch <sf...@sfritsch.de> wrote:
>>>
>>>> On Friday 31 August 2012, Eric Covener wrote:
>>>>> I'm fighting a problem on new releases of AIX where in some
>>>>> environments, /dev/random seems to run out of entropy way too
>>>>> quick.
>>>>>
>>>>> I'd like a way to suppress the apr_uuid_get->
>>>>> apr_generate_random_bytes() in mod_proxy_balancer used for the
>>>>> balancer-manager nonce in affected environments.
>>>>>
>>>>> I was thinking a global "BalancerManager off" could be used for
>>>>> this and would also have the upside of fixing the SetHandler
>>>>> htaccess problem.
>>>>>
>>>>> Alternatives would be to find a weaker source for the nonce, or
>>>>> allow tto opt out / use a hard-coded one.
>>>>>
>>>>> Any suggestions?
>>>>
>>>> For 2.4, you could use ap_random_insecure_bytes(). It should be good
>>>> enough for a nonce.
>>>>
>>>> If you add a "BalancerManager off", it should be per directory, or at
>>>> least per vhost. Otherwise it would not help that much with the
>>>> SetHandler htaccess problem.
>>>>
>>>
>>
>
Re: how to avoid balancer manager nonce?
Posted by Jim Jagielski <ji...@jaguNET.com>.
On Sep 1, 2012, at 12:39 PM, Ben Laurie <be...@links.org> wrote:
> On Sat, Sep 1, 2012 at 4:47 PM, Jim Jagielski <ji...@jagunet.com> wrote:
>> Another alternative would be to have the nonce also possibly
>> set at config-time and, if unset, then use the uuid. That way
>> it could also be used as a sort of shared-secret ;)
>>
>> ProxySet nonce="applepie!"
>>
>> Longer term, I think that's a more "strategic" solution.
>
> What? Nonces are one-time use only, by definition.
>
Then we change the name from "nonce" to something else... Preventing
or arguing against a solid, reliable fix and enhancement because
it's called something is pretty bogus.
Or the other thing, other than renaming it, is to not be so
pedantic... after all, how long did we have 'MaxRequestsPerChild'? ;)
> Better, IMO, would be to either use insecure random, or, better still,
> seed a PRNG from secure random once and use that from then on (for all
> randomness).
>
> Or switch to FreeBSD where /dev/random does not block :-)
>
>> On Aug 31, 2012, at 2:14 PM, Stefan Fritsch <sf...@sfritsch.de> wrote:
>>
>>> On Friday 31 August 2012, Eric Covener wrote:
>>>> I'm fighting a problem on new releases of AIX where in some
>>>> environments, /dev/random seems to run out of entropy way too
>>>> quick.
>>>>
>>>> I'd like a way to suppress the apr_uuid_get->
>>>> apr_generate_random_bytes() in mod_proxy_balancer used for the
>>>> balancer-manager nonce in affected environments.
>>>>
>>>> I was thinking a global "BalancerManager off" could be used for
>>>> this and would also have the upside of fixing the SetHandler
>>>> htaccess problem.
>>>>
>>>> Alternatives would be to find a weaker source for the nonce, or
>>>> allow tto opt out / use a hard-coded one.
>>>>
>>>> Any suggestions?
>>>
>>> For 2.4, you could use ap_random_insecure_bytes(). It should be good
>>> enough for a nonce.
>>>
>>> If you add a "BalancerManager off", it should be per directory, or at
>>> least per vhost. Otherwise it would not help that much with the
>>> SetHandler htaccess problem.
>>>
>>
>
Re: how to avoid balancer manager nonce?
Posted by Ben Laurie <be...@links.org>.
On Sat, Sep 1, 2012 at 4:47 PM, Jim Jagielski <ji...@jagunet.com> wrote:
> Another alternative would be to have the nonce also possibly
> set at config-time and, if unset, then use the uuid. That way
> it could also be used as a sort of shared-secret ;)
>
> ProxySet nonce="applepie!"
>
> Longer term, I think that's a more "strategic" solution.
What? Nonces are one-time use only, by definition.
Better, IMO, would be to either use insecure random, or, better still,
seed a PRNG from secure random once and use that from then on (for all
randomness).
Or switch to FreeBSD where /dev/random does not block :-)
> On Aug 31, 2012, at 2:14 PM, Stefan Fritsch <sf...@sfritsch.de> wrote:
>
>> On Friday 31 August 2012, Eric Covener wrote:
>>> I'm fighting a problem on new releases of AIX where in some
>>> environments, /dev/random seems to run out of entropy way too
>>> quick.
>>>
>>> I'd like a way to suppress the apr_uuid_get->
>>> apr_generate_random_bytes() in mod_proxy_balancer used for the
>>> balancer-manager nonce in affected environments.
>>>
>>> I was thinking a global "BalancerManager off" could be used for
>>> this and would also have the upside of fixing the SetHandler
>>> htaccess problem.
>>>
>>> Alternatives would be to find a weaker source for the nonce, or
>>> allow tto opt out / use a hard-coded one.
>>>
>>> Any suggestions?
>>
>> For 2.4, you could use ap_random_insecure_bytes(). It should be good
>> enough for a nonce.
>>
>> If you add a "BalancerManager off", it should be per directory, or at
>> least per vhost. Otherwise it would not help that much with the
>> SetHandler htaccess problem.
>>
>