# define SSH_PRNG_COMMAND_FILE SSHDIR "/ssh_prng_cmds"
#endif
-
#ifdef HAVE___PROGNAME
extern char *__progname;
#else
double stir_gettimeofday(double entropy_estimate);
double stir_clock(double entropy_estimate);
double stir_rusage(int who, double entropy_estimate);
-double hash_command_output(entropy_cmd_t *src, char *hash);
+double hash_command_output(entropy_cmd_t *src, unsigned char *hash);
int get_random_bytes_prngd(unsigned char *buf, int len,
unsigned short tcp_port, char *socket_path);
msg[0] = 0x02;
msg[1] = len;
- if (atomicio(write, fd, msg, sizeof(msg)) != sizeof(msg)) {
+ if (atomicio(vwrite, fd, msg, sizeof(msg)) != sizeof(msg)) {
if (errno == EPIPE && errors < 10) {
close(fd);
errors++;
}
double
-hash_command_output(entropy_cmd_t *src, char *hash)
+hash_command_output(entropy_cmd_t *src, unsigned char *hash)
{
char buf[8192];
fd_set rdset;
case 0:
/* timer expired */
error_abort = 1;
+ kill(pid, SIGINT);
break;
case 1:
/* command input */
if (waitpid(pid, &status, 0) == -1) {
error("Couldn't wait for child '%s' completion: %s",
- src->cmdstring, strerror(errno));
+ src->cmdstring, strerror(errno));
return 0.0;
}
{
int c;
double entropy, total_entropy;
- char hash[SHA_DIGEST_LENGTH];
+ unsigned char hash[SHA_DIGEST_LENGTH];
total_entropy = 0;
for(c = 0; entropy_cmds[c].path != NULL; c++) {
/* mode 0600, owned by root or the current user? */
if (((st.st_mode & 0177) != 0) || !(st.st_uid == getuid())) {
debug("WARNING: PRNG seedfile %.100s must be mode 0600, "
- "owned by uid %d", filename, getuid());
+ "owned by uid %li", filename, (long int)getuid());
return 0;
}
prng_write_seedfile(void)
{
int fd;
- char seed[SEED_FILE_SIZE], filename[MAXPATHLEN];
+ unsigned char seed[SEED_FILE_SIZE];
+ char filename[MAXPATHLEN];
struct passwd *pw;
pw = getpwuid(getuid());
if (pw == NULL)
fatal("Couldn't get password entry for current user "
- "(%i): %s", getuid(), strerror(errno));
+ "(%li): %s", (long int)getuid(), strerror(errno));
/* Try to ensure that the parent directory is there */
snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir,
debug("writing PRNG seed to file %.100s", filename);
- RAND_bytes(seed, sizeof(seed));
+ if (RAND_bytes(seed, sizeof(seed)) <= 0)
+ fatal("PRNG seed extration failed");
/* Don't care if the seed doesn't exist */
prng_check_seedfile(filename);
debug("WARNING: couldn't access PRNG seedfile %.100s "
"(%.100s)", filename, strerror(errno));
} else {
- if (atomicio(write, fd, &seed, sizeof(seed)) < sizeof(seed))
+ if (atomicio(vwrite, fd, &seed, sizeof(seed)) < sizeof(seed))
fatal("problem writing PRNG seedfile %.100s "
"(%.100s)", filename, strerror(errno));
close(fd);
pw = getpwuid(getuid());
if (pw == NULL)
fatal("Couldn't get password entry for current user "
- "(%i): %s", getuid(), strerror(errno));
+ "(%li): %s", (long int)getuid(), strerror(errno));
snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir,
SSH_PRNG_SEED_FILE);
extern char *optarg;
LogLevel ll;
- __progname = get_progname(argv[0]);
+ __progname = ssh_get_progname(argv[0]);
log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
ll = SYSLOG_LEVEL_INFO;
if (!RAND_status())
fatal("Not enough entropy in RNG");
- RAND_bytes(buf, bytes);
+ if (RAND_bytes(buf, bytes) <= 0)
+ fatal("Couldn't extract entropy from PRNG");
if (output_hex) {
for(ret = 0; ret < bytes; ret++)
printf("%02x", (unsigned char)(buf[ret]));
printf("\n");
} else
- ret = atomicio(write, STDOUT_FILENO, buf, bytes);
+ ret = atomicio(vwrite, STDOUT_FILENO, buf, bytes);
memset(buf, '\0', bytes);
xfree(buf);
return ret == bytes ? 0 : 1;
}
-