X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/b6453d997b389fcff085e3c3751b388c678f6879..2d7536f69d3075ecf69c2ac24a4ca4bf8223f89f:/entropy.c diff --git a/entropy.c b/entropy.c index 431d5ea5..8b705397 100644 --- a/entropy.c +++ b/entropy.c @@ -24,8 +24,24 @@ #include "includes.h" +#include +#include + +#ifdef HAVE_SYS_STAT_H +# include +#endif + +#ifdef HAVE_FCNTL_H +# include +#endif +#include +#include +#include +#include + #include #include +#include #include "ssh.h" #include "misc.h" @@ -33,6 +49,7 @@ #include "atomicio.h" #include "pathnames.h" #include "log.h" +#include "buffer.h" /* * Portable OpenSSH PRNG seeding: @@ -45,8 +62,6 @@ * XXX: we should tell the child how many bytes we need. */ -RCSID("$Id$"); - #ifndef OPENSSL_PRNG_ONLY #define RANDOM_SEED_SIZE 48 static uid_t original_uid, original_euid; @@ -114,8 +129,8 @@ seed_rng(void) close(p[0]); if (waitpid(pid, &ret, 0) == -1) - fatal("Couldn't wait for ssh-rand-helper completion: %s", - strerror(errno)); + fatal("Couldn't wait for ssh-rand-helper completion: %s", + strerror(errno)); signal(SIGCHLD, old_sigchld); /* We don't mind if the child exits upon a SIGPIPE */ @@ -145,10 +160,35 @@ init_rng(void) "have %lx", OPENSSL_VERSION_NUMBER, SSLeay()); #ifndef OPENSSL_PRNG_ONLY - if ((original_uid = getuid()) == -1) - fatal("getuid: %s", strerror(errno)); - if ((original_euid = geteuid()) == -1) - fatal("geteuid: %s", strerror(errno)); + original_uid = getuid(); + original_euid = geteuid(); #endif } +#ifndef OPENSSL_PRNG_ONLY +void +rexec_send_rng_seed(Buffer *m) +{ + u_char buf[RANDOM_SEED_SIZE]; + + if (RAND_bytes(buf, sizeof(buf)) <= 0) { + error("Couldn't obtain random bytes (error %ld)", + ERR_get_error()); + buffer_put_string(m, "", 0); + } else + buffer_put_string(m, buf, sizeof(buf)); +} + +void +rexec_recv_rng_seed(Buffer *m) +{ + u_char *buf; + u_int len; + + buf = buffer_get_string_ret(m, &len); + if (buf != NULL) { + debug3("rexec_recv_rng_seed: seeding rng with %u bytes", len); + RAND_add(buf, len, len); + } +} +#endif