- (djm) autoconf hacking:

   - We don't support --without-zlib currently, so don't allow it.
   - Rework cryptographic random number support detection. We now detect
     whether OpenSSL seeds itself. If it does, then we don't bother with
     the ssh-rand-helper program. You can force the use of ssh-rand-helper
     using the --with-rand-helper configure argument
   - Simplify and clean up ssh-rand-helper configuration

5 files changed, 191 insertions, 156 deletions

diff --git a/ChangeLog b/ChangeLog
index 731337317..7b58218cb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+20020122
+ - (djm) autoconf hacking:
+   - We don't support --without-zlib currently, so don't allow it.
+   - Rework cryptographic random number support detection. We now detect 
+     whether OpenSSL seeds itself. If it does, then we don't bother with 
+     the ssh-rand-helper program. You can force the use of ssh-rand-helper
+     using the --with-rand-helper configure argument
+   - Simplify and clean up ssh-rand-helper configuration
+
 20020121
  - (djm) Rework ssh-rand-helper:
    - Reduce quantity of ifdef code, in preparation for ssh_rand_conf
@@ -7144,4 +7153,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1721 2002/01/21 12:44:12 djm Exp $
+$Id: ChangeLog,v 1.1722 2002/01/22 10:57:53 djm Exp $
diff --git a/Makefile.in b/Makefile.in
index 287b5ab1b..58bf424b5 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.192 2001/12/25 04:32:58 stevesk Exp $
+# $Id: Makefile.in,v 1.193 2002/01/22 10:57:54 djm Exp $
 
 prefix=@prefix@
 exec_prefix=@exec_prefix@
@@ -42,6 +42,7 @@ EXEEXT=@EXEEXT@
 SSH_MODE= @SSHMODE@
 
 INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@
+INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
 
 @NO_SFTP@SFTP_PROGS=sftp-server$(EXEEXT) sftp$(EXEEXT)
 
@@ -201,7 +202,9 @@ install-files: scard-install
         $(INSTALL) -m 0755 -s ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen
         $(INSTALL) -m 0755 -s ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan
         $(INSTALL) -m 0755 -s sshd $(DESTDIR)$(sbindir)/sshd
-        $(INSTALL) -m 0755 -s ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper
+        if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \
+                $(INSTALL) -m 0755 -s ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \
+        fi
         @NO_SFTP@$(INSTALL) -m 0755 -s sftp $(DESTDIR)$(bindir)/sftp
         @NO_SFTP@$(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(SFTP_SERVER)
         $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
diff --git a/acconfig.h b/acconfig.h
index 766a92687..caf30149f 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -1,4 +1,4 @@
-/* $Id: acconfig.h,v 1.120 2001/12/07 17:20:48 mouring Exp $ */
+/* $Id: acconfig.h,v 1.121 2002/01/22 10:57:54 djm Exp $ */
 
 #ifndef _CONFIG_H
 #define _CONFIG_H
@@ -86,9 +86,6 @@
 /* Define if you want IRIX kernel jobs */
 #undef WITH_IRIX_JOBS
 
-/* Location of random number pool  */
-#undef RANDOM_POOL
-
 /* Location of PRNGD/EGD random number socket */
 #undef PRNGD_SOCKET
 
@@ -326,6 +323,9 @@
 /* Define if you want smartcard support */
 #undef SMARTCARD
 
+/* Define if you want to use OpenSSL's internally seeded PRNG only */
+#undef OPENSSL_PRNG_ONLY
+
 @BOTTOM@
 
 /* ******************* Shouldn't need to edit below this line ************** */
diff --git a/configure.ac b/configure.ac
index 0ed1ddddf..9cc7dc97c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-i# $Id: configure.ac,v 1.10 2002/01/14 08:01:06 djm Exp $
+i# $Id: configure.ac,v 1.11 2002/01/22 10:57:54 djm Exp $
 
 AC_INIT
 AC_CONFIG_SRCDIR([ssh.c])
@@ -336,6 +336,9 @@ dnl zlib is required
 AC_ARG_WITH(zlib,
         [  --with-zlib=PATH        Use zlib in PATH],
         [
+                if test "x$withval" != "xno" ; then
+                        AC_MSG_ERROR([*** zlib is required ***])
+                fi
                 if test -d "$withval/lib"; then
                         if test -n "${need_dash_r}"; then
                                 LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
@@ -815,6 +818,144 @@ if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then
         AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
 fi
 
+
+### Configure cryptographic random number support
+
+# Check wheter OpenSSL seeds itself
+AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded])
+AC_TRY_RUN(
+        [
+#include <string.h>
+#include <openssl/rand.h>
+int main(void) { return(RAND_status() == 1 ? 0 : 1); }
+        ],
+        [
+                OPENSSL_SEEDS_ITSELF=yes
+                AC_MSG_RESULT(yes)
+        ],
+        [
+                AC_MSG_RESULT(no)
+                # Default to use of the rand helper if OpenSSL doesn't
+                # seed itself
+                USE_RAND_HELPER=yes
+        ]
+)
+
+
+# Do we want to force the use of the rand helper?
+AC_ARG_WITH(rand-helper,
+        [  --with-rand-helper      Use subprocess to gather strong randomness ],
+        [
+                if test "x$withval" = "xno" ; then
+                        # Force use of OpenSSL's internal RNG, even if 
+                        # the previous test showed it to be unseeded.
+                        if test -z "$OPENSSL_SEEDS_ITSELF" ; then
+                                AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG])
+                                OPENSSL_SEEDS_ITSELF=yes
+                                USE_RAND_HELPER=""
+                        fi
+                else
+                        USE_RAND_HELPER=yes
+                fi
+        ],
+)       
+
+# Which randomness source do we use?
+if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then
+        # OpenSSL only
+        AC_DEFINE(OPENSSL_PRNG_ONLY)
+        RAND_MSG="OpenSSL internal ONLY"
+        INSTALL_SSH_RAND_HELPER=""
+elif test ! -z "$OPENSSL_SEEDS_ITSELF" -a ! -z "$USE_RAND_HELPER" ; then
+        # OpenSSL with fallback to rand helper
+        RAND_MSG="ssh-rand-helper"
+        INSTALL_SSH_RAND_HELPER="yes"
+fi
+AC_SUBST(INSTALL_SSH_RAND_HELPER)
+
+### Configuration of ssh-rand-helper
+
+# PRNGD TCP socket
+AC_ARG_WITH(prngd-port,
+        [  --with-prngd-port=PORT  read entropy from PRNGD/EGD TCP localhost:PORT],
+        [
+                if test ! -z "$withval" -a "x$withval" != "xno" ; then
+                        PRNGD_PORT="$withval"
+                        AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
+                fi
+        ]
+)
+
+# PRNGD Unix domain socket
+AC_ARG_WITH(prngd-socket,
+        [  --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
+        [
+                if test -z "$withval" ; then
+                        withval="/var/run/egd-pool"
+                fi
+                if test "x$withval" != "xno" ; then
+                        if test ! -z "$PRNGD_PORT" ; then
+                                AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket)
+                        fi
+                        if ! echo "$withval" | grep -q '^/' ; then 
+                                AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
+                        fi                      
+                        if ! test -r "$withval" ; then
+                                AC_MSG_WARN(Entropy socket is not readable)
+                        fi
+                        PRNGD_SOCKET="$withval"
+                        AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
+                fi
+        ]
+)
+
+# Change default command timeout for hashing entropy source
+entropy_timeout=200
+AC_ARG_WITH(entropy-timeout,
+        [  --with-entropy-timeout  Specify entropy gathering command timeout (msec)],
+        [
+                if test "x$withval" != "xno" ; then
+                        entropy_timeout=$withval
+                fi
+        ]       
+)
+
+AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
+
+# These programs are used by the command hashing source to gather entropy 
+OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
+OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
+OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
+OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
+OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
+OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
+OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
+OSSH_PATH_ENTROPY_PROG(PROG_W, w)
+OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
+OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
+OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
+OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
+OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
+OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
+OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
+OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
+
+# Where does ssh-rand-helper get its randomness from?
+INSTALL_SSH_PRNG_CMDS=""
+if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then
+        if test ! -z "$PRNGD_PORT" ; then
+                RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
+        elif test ! -z "$PRNGD_SOCKET" ; then
+                RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\""
+        else
+                RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)"
+                RAND_HELPER_CMDHASH=yes
+                INSTALL_SSH_PRNG_CMDS="yes"
+        fi
+fi
+AC_SUBST(INSTALL_SSH_PRNG_CMDS)
+
+
 # Cheap hack to ensure NEWS-OS libraries are arranged right.
 if test ! -z "$SONY" ; then
   LIBS="$LIBS -liberty";
@@ -1531,109 +1672,6 @@ AC_CHECK_FILE("/dev/ptc",
 )
 
 # Options from here on. Some of these are preset by platform above
-
-# Check for user-specified random device, otherwise check /dev/urandom
-AC_ARG_WITH(random,
-        [  --with-random=FILE      read entropy from FILE (default=/dev/urandom)],
-        [
-                if test "x$withval" != "xno" ; then
-                        RANDOM_POOL="$withval";
-                        if ! echo "$RANDOM_POOL" | grep -q '^/' ; then 
-                                AC_MSG_ERROR(You must specify an absolute path to the random device)
-                        fi                      
-                        if ! test -r "$RANDOM_POOL" ; then
-                                AC_MSG_WARN(Random device is not readable)
-                        fi
-                        AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
-                fi
-        ],
-        [
-                # Check for random device
-                AC_CHECK_FILE("/dev/urandom",
-                        [
-                                RANDOM_POOL="/dev/urandom"; 
-                                AC_SUBST(RANDOM_POOL)
-                                AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL")
-                        ]
-                )
-        ]
-)
-
-# Check for PRNGD/EGD pool file
-AC_ARG_WITH(prngd-port,
-        [  --with-prngd-port=PORT  read entropy from PRNGD/EGD localhost:PORT],
-        [
-                if test ! -z "$withval" -a "x$withval" != "xno" ; then
-                        PRNGD_PORT="$withval"
-                        AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT)
-                fi
-        ]
-)
-
-# Check for PRNGD/EGD pool file
-AC_ARG_WITH(prngd-socket,
-        [  --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)],
-        [
-                if test "x$withval" != "xno" ; then
-                        PRNGD_SOCKET="$withval"
-                        if echo "$PRNGD_SOCKET" | grep -q '^/' ; then 
-                                AC_MSG_ERROR(You must specify an absolute path to the entropy socket)
-                        fi                      
-                        if ! test -r "$PRNGD_SOCKET" ; then
-                                AC_MSG_WARN(Entropy socket is not readable)
-                        fi
-                        AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
-                fi
-        ],
-        [
-                # Check for existing socket only if we don't have a random device already
-                if test -z "$RANDOM_POOL" ; then
-                        AC_MSG_CHECKING(for PRNGD/EGD socket)
-                        # Insert other locations here
-                        for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
-                                if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
-                                        PRNGD_SOCKET="$sock"
-                                        AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET")
-                                        break;
-                                fi
-                        done
-                        if test ! -z "$PRNGD_SOCKET" ; then
-                                AC_MSG_RESULT($PRNGD_SOCKET)
-                        else
-                                AC_MSG_RESULT(not found)
-                        fi
-                fi
-        ]
-)
-
-
-# detect pathnames for entropy gathering commands, if we need them
-INSTALL_SSH_PRNG_CMDS=""
-rm -f prng_commands
-if (test -z "$RANDOM_POOL" && test -z "$PRNGD") ; then
-        INSTALL_SSH_PRNG_CMDS="yes"
-fi
-AC_SUBST(INSTALL_SSH_PRNG_CMDS)
-
-# These programs are used to gather entropy from
-OSSH_PATH_ENTROPY_PROG(PROG_LS, ls)
-OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat)
-OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp)
-OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig)
-OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat)
-OSSH_PATH_ENTROPY_PROG(PROG_PS, ps)
-OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar)
-OSSH_PATH_ENTROPY_PROG(PROG_W, w)
-OSSH_PATH_ENTROPY_PROG(PROG_WHO, who)
-OSSH_PATH_ENTROPY_PROG(PROG_LAST, last)
-OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog)
-OSSH_PATH_ENTROPY_PROG(PROG_DF, df)
-OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat)
-OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime)
-OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs)
-OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail)
-
-
 AC_ARG_WITH(mantype,
         [  --with-mantype=man|cat|doc  Set man page type],
         [
@@ -1825,12 +1863,13 @@ AC_ARG_WITH(4in6,
 )
 
 # Whether to enable BSD auth support
+BSD_AUTH_MSG=no
 AC_ARG_WITH(bsd-auth,
         [  --with-bsd-auth         Enable BSD auth support],
         [
                 if test "x$withval" != "xno" ; then     
                         AC_DEFINE(BSD_AUTH)
-                        bsd_auth=yes
+                        BSD_AUTH_MSG=yes
                 fi
         ]
 )
@@ -2097,44 +2136,17 @@ else
 fi      
 
 
-# Change default command timeout for builtin PRNG
-entropy_timeout=200
-AC_ARG_WITH(entropy-timeout,
-        [  --with-entropy-timeout  Specify entropy gathering command timeout (msec)],
-        [
-                if test "x$withval" != "xno" ; then
-                        entropy_timeout=$withval
-                fi
-        ]       
-)
-AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
-
-
 if test ! -z "$blibpath" ; then
         LDFLAGS="$LDFLAGS -blibpath:$blibpath"
         AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile])
 fi
 
 AC_EXEEXT
-
 AC_CONFIG_FILES([Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds])
 AC_OUTPUT
 
 # Print summary of options
 
-if test ! -z "$RANDOM_POOL" ; then
-        RAND_MSG="Device ($RANDOM_POOL)"
-else
-        if test ! -z "$PRNGD_PORT" ; then
-                RAND_MSG="PRNGD/EGD (port localhost:$PRNGD_PORT)"
-        elif test ! -z "$PRNGD_SOCKET" ; then
-                RAND_MSG="PRNGD/EGD (socket $PRNGD_SOCKET)"
-        else
-                RAND_MSG="Builtin (timeout $entropy_timeout)"
-                BUILTIN_RNG=1
-        fi
-fi
-
 # Someone please show me a better way :)
 A=`eval echo ${prefix}` ; A=`eval echo ${A}`
 B=`eval echo ${bindir}` ; B=`eval echo ${B}`
@@ -2154,7 +2166,6 @@ echo "               Askpass program: $E"
 echo "                  Manual pages: $F"
 echo "                      PID file: $G"
 echo "        sshd default user PATH: $H"
-echo "      Random number collection: $RAND_MSG"
 echo "                Manpage format: $MANTYPE"
 echo "                   PAM support: ${PAM_MSG}"
 echo "            KerberosIV support: $KRB4_MSG"
@@ -2166,9 +2177,10 @@ echo "          MD5 password support: $MD5_MSG"
 echo "   IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
 echo "      Use IPv4 by default hack: $IPV4_HACK_MSG"
 echo "       Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
-
-if test ! -z "$bsd_auth"; then
-        echo "              BSD Auth support: yes"
+echo "              BSD Auth support: $BSD_AUTH_MSG"
+echo "          Random number source: $RAND_MSG"
+if test ! -z "$USE_RAND_HELPER" ; then
+        echo " ssh-rand-helper collects from: $RAND_HELPER_MSG"
 fi
 
 echo ""
@@ -2183,22 +2195,24 @@ echo "         Libraries: ${LIBS}"
 echo ""
 
 if test "x$PAM_MSG" = "xyes" ; then
-        echo "PAM is enabled. You may need to install a PAM control file for sshd,"
-        echo "otherwise password authentication may fail. Example PAM control files"
-        echo "can be found in the contrib/ subdirectory"
+        echo "PAM is enabled. You may need to install a PAM control file "
+        echo "for sshd, otherwise password authentication may fail. "
+        echo "Example PAM control files can be found in the contrib/ " 
+        echo "subdirectory"
         echo ""
 fi
 
-if test ! -z "$BUILTIN_RNG" ; then
-        echo "WARNING: you are using the builtin random number collection service."
-        echo "Please read WARNING.RNG and request that your OS vendor includes"
-        echo "/dev/random in future versions of their OS."
+if test ! -z "$NO_SFTP"; then
+        echo "sftp-server will be disabled.  Your compiler does not "
+        echo "support 64bit integers."
         echo ""
 fi
 
-if test ! -z "$NO_SFTP"; then
-        echo "sftp-server will be disabled.  Your compiler does not support"
-        echo "64bit integers."
+if test ! -z "$RAND_HELPER_CMDHASH" ; then
+        echo "WARNING: you are using the builtin random number collection "
+        echo "service. Please read WARNING.RNG and request that your OS "
+        echo "vendor includes kernel-based random number collection in "
+        echo "future versions of your OS."
         echo ""
 fi
 
diff --git a/entropy.c b/entropy.c
index 86ea81aa2..03591f062 100644
--- a/entropy.c
+++ b/entropy.c
@@ -45,15 +45,17 @@
  * XXX: we should tell the child how many bytes we need.
  */
 
-#define RANDOM_SEED_SIZE 48
-
-RCSID("$Id: entropy.c,v 1.39 2001/12/23 14:41:48 djm Exp $");
+RCSID("$Id: entropy.c,v 1.40 2002/01/22 10:57:54 djm Exp $");
 
+#ifndef OPENSSL_PRNG_ONLY
+#define RANDOM_SEED_SIZE 48
 static uid_t original_uid, original_euid;
+#endif
 
 void
 seed_rng(void)
 {
+#ifndef OPENSSL_PRNG_ONLY
         int devnull;
         int p[2];
         pid_t pid;
@@ -121,6 +123,10 @@ seed_rng(void)
 
         RAND_add(buf, sizeof(buf), sizeof(buf));
         memset(buf, '\0', sizeof(buf));
+
+#endif /* OPENSSL_PRNG_ONLY */
+        if (RAND_status() != 1)
+                fatal("PRNG is not seeded");
 }
 
 void
@@ -134,8 +140,11 @@ init_rng(void)
                 fatal("OpenSSL version mismatch. Built against %lx, you "
                     "have %lx", OPENSSL_VERSION_NUMBER, SSLeay());
 
+#ifndef OPENSSL_PRNG_ONLY
         if ((original_uid = getuid()) == -1)
                 fatal("getuid: %s", strerror(errno));
         if ((original_euid = geteuid()) == -1)
                 fatal("geteuid: %s", strerror(errno));
+#endif
 }
+