The result was a patch that silenced those pesky warnings for good.
Notice how the second part of the patch comments out a piece of code calling the MD_Update() function; a piece of code that is explicitly bracketed by a pair of #ifndef PURIFY/#endif directives. In other words, the “right” way to fix this is probably to ensure that PURIFY is set during compilation. The reason provided for the change: “/* purify complains */”. Perhaps it is now usual to ignore the immediate context of code.
The interesting thing about this “patch” is that it reduces the space of keys to 32767 values for each of the common key sizes. As pointed out by the folks over at Metasploit, this makes it easy to generate the full list of keys. In fact, it’s so easy that they provide the list as a convenient download for each common key size, about 250MB of data in all.
The consequence: all SSH and SSL keys generated on Debian 4.0 (etch) derived systems from September 2006 or so are rather easy to guess.
Corollary: any data encrypted using such keys during the last 18 months can now be decrypted by anyone.
Let’s hope people have not kept too many packet traces of SSH connections between machines that use affected keys.
Corollary: change affected keys immediately.