- (djm) Seed PRNG at startup, rather than waiting for arc4random calls to

do it implicitly.
author: Damien Miller <djm@mindrot.org> 2001-03-19 09:38:15 +1100
committer: Damien Miller <djm@mindrot.org> 2001-03-19 09:38:15 +1100
commit: 60bc51735643baa1b7fb237ea56303fed454dadb (patch)
tree: 8ece761df99755046be27984f4ea8dcbca1d99d5
parent: b399be4436914e23dd066482a371e068f2724f5c (diff)
7 files changed, 40 insertions, 22 deletions
diff --git a/ChangeLog b/ChangeLog
index cddb4b3de..7d344e648 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20010319
+ - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to 
+   do it implicitly.
 20010318
 - (bal) Fixed scp type casing issue which causes "scp: protocol error: 
   size not delimited" fatal errors when tranfering.
@@ -4596,4 +4600,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.971 2001/03/18 02:43:16 tim Exp $
+$Id: ChangeLog,v 1.972 2001/03/18 22:38:15 djm Exp $
diff --git a/entropy.c b/entropy.c
index 665f77324..8bd540dc5 100644
--- a/entropy.c
+++ b/entropy.c
@@ -40,7 +40,7 @@
 #include "pathnames.h"
 #include "log.h"
-RCSID("$Id: entropy.c,v 1.35 2001/03/03 13:29:21 djm Exp $");
+RCSID("$Id: entropy.c,v 1.36 2001/03/18 22:38:16 djm Exp $");
 #ifndef offsetof
 # define offsetof(type, member) ((size_t) &((type *)0)->member)
@@ -68,7 +68,8 @@ RCSID("$Id: entropy.c,v 1.35 2001/03/03 13:29:21 djm Exp $");
 # define SAVED_IDS_WORK_WITH_SETEUID
 #endif
-void check_openssl_version(void) 
+void
+check_openssl_version(void) 
 {
        if (SSLeay() != OPENSSL_VERSION_NUMBER)
                fatal("OpenSSL version mismatch. Built against %lx, you "
@@ -83,7 +84,8 @@ void check_openssl_version(void)
 #ifdef USE_PRNGD
 /* Collect entropy from PRNGD/EGD */
-int get_random_bytes(unsigned char *buf, int len)
+int
+get_random_bytes(unsigned char *buf, int len)
 {
        int fd;
        char msg[2];
@@ -180,7 +182,8 @@ done:
 #else /* !USE_PRNGD */
 #ifdef RANDOM_POOL
 /* Collect entropy from /dev/urandom or pipe */
-int get_random_bytes(unsigned char *buf, int len)
+int
+get_random_bytes(unsigned char *buf, int len)
 {
        int random_pool;
@@ -226,7 +229,8 @@ seed_rng(void)
        memset(buf, '\0', sizeof(buf));
 }
-void init_rng(void) 
+void
+init_rng(void) 
 {
        check_openssl_version();
 }
@@ -403,8 +407,7 @@ stir_rusage(int who, double entropy_estimate)
 }
-static
+static int
-int
 _get_timeval_msec_difference(struct timeval *t1, struct timeval *t2) {
        int secdiff, usecdiff;
@@ -842,8 +845,10 @@ seed_rng(void)
        /* commands */
        old_sigchld_handler = mysignal(SIGCHLD, SIG_DFL);
-        debug("Seeded RNG with %i bytes from programs", (int)stir_from_programs());
+        debug("Seeded RNG with %i bytes from programs", 
-        debug("Seeded RNG with %i bytes from system calls", (int)stir_from_system());
+            (int)stir_from_programs());
+        debug("Seeded RNG with %i bytes from system calls", 
+            (int)stir_from_system());
        if (!RAND_status())
                fatal("Not enough entropy in RNG");
@@ -854,7 +859,8 @@ seed_rng(void)
                fatal("Couldn't initialise builtin random number generator -- exiting.");
 }
-void init_rng(void)
+void
+init_rng(void)
 {
        int original_euid;
diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c
index 87c7da5f7..2f3130700 100644
--- a/openbsd-compat/bsd-arc4random.c
+++ b/openbsd-compat/bsd-arc4random.c
@@ -24,7 +24,7 @@
 #include "includes.h"
-RCSID("$Id: bsd-arc4random.c,v 1.2 2001/02/09 01:55:36 djm Exp $");
+RCSID("$Id: bsd-arc4random.c,v 1.3 2001/03/18 22:38:16 djm Exp $");
 #ifndef HAVE_ARC4RANDOM
@@ -43,10 +43,15 @@ static RC4_KEY rc4;
 unsigned int arc4random(void)
 {
        unsigned int r = 0;
+        static int first_time = 1;
-        if (rc4_ready <= 0)
+        if (rc4_ready <= 0) {
+                if (!first_time)
+                        seed_rng();
+                first_time = 0;
                arc4random_stir();
-        
+        }
        RC4(&rc4, sizeof(r), (unsigned char *)&r, (unsigned char *)&r);
        rc4_ready -= sizeof(r);
@@ -57,17 +62,14 @@ unsigned int arc4random(void)
 void arc4random_stir(void)
 {
        unsigned char rand_buf[SEED_SIZE];
-        
-        memset(&rc4, 0, sizeof(rc4));
-        seed_rng();
-        RAND_bytes(rand_buf, sizeof(rand_buf));
+        memset(&rc4, 0, sizeof(rc4));
-        
+        if (!RAND_bytes(rand_buf, sizeof(rand_buf)))
+                fatal("Couldn't obtain random bytes (error %ld)",
+                    ERR_get_error());
        RC4_set_key(&rc4, sizeof(rand_buf), rand_buf);
        memset(rand_buf, 0, sizeof(rand_buf));
-        
        rc4_ready = REKEY_BYTES;
 }
 #endif /* !HAVE_ARC4RANDOM */
diff --git a/ssh-agent.c b/ssh-agent.c
index 5a774d570..8c4b5397c 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -740,6 +740,7 @@ main(int ac, char **av)
        __progname = get_progname(av[0]);
        init_rng();
+        seed_rng();
 #ifdef __GNU_LIBRARY__
        while ((ch = getopt(ac, av, "+cks")) != -1) {
diff --git a/ssh-keygen.c b/ssh-keygen.c
index b9ea01781..086b8ad4c 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -639,6 +639,7 @@ main(int ac, char **av)
        __progname = get_progname(av[0]);
        init_rng();
+        seed_rng();
        SSLeay_add_all_algorithms();
diff --git a/ssh.c b/ssh.c
index 74a2b75ac..c47d3dc05 100644
--- a/ssh.c
+++ b/ssh.c
@@ -576,6 +576,8 @@ main(int ac, char **av)
        /* reinit */
        log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 1);
+        seed_rng();
        if (options.user == NULL)
                options.user = xstrdup(pw->pw_name);
diff --git a/sshd.c b/sshd.c
index 2d6cbd09e..0a1048cd3 100644
--- a/sshd.c
+++ b/sshd.c
@@ -687,6 +687,8 @@ main(int ac, char **av)
            options.log_facility == -1 ? SYSLOG_FACILITY_AUTH : options.log_facility,
            !inetd_flag);
+        seed_rng();
        /* Read server configuration options from the configuration file. */
        read_server_config(&options, config_file_name);
author	Damien Miller <djm@mindrot.org>	2001-03-19 09:38:15 +1100
committer	Damien Miller <djm@mindrot.org>	2001-03-19 09:38:15 +1100
commit	60bc51735643baa1b7fb237ea56303fed454dadb (patch)
tree	8ece761df99755046be27984f4ea8dcbca1d99d5
parent	b399be4436914e23dd066482a371e068f2724f5c (diff)

diff --git a/ChangeLog b/ChangeLog index cddb4b3de..7d344e648 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -1,3 +1,7 @@
		1	20010319
		2	- (djm) Seed PRNG at startup, rather than waiting for arc4random calls to
		3	do it implicitly.
		4
1	20010318	5	20010318
2	- (bal) Fixed scp type casing issue which causes "scp: protocol error:	6	- (bal) Fixed scp type casing issue which causes "scp: protocol error:
3	size not delimited" fatal errors when tranfering.	7	size not delimited" fatal errors when tranfering.
@@ -4596,4 +4600,4 @@
4596	- Wrote replacements for strlcpy and mkdtemp	4600	- Wrote replacements for strlcpy and mkdtemp
4597	- Released 1.0pre1	4601	- Released 1.0pre1
4598		4602
4599	$Id: ChangeLog,v 1.971 2001/03/18 02:43:16 tim Exp $	4603	$Id: ChangeLog,v 1.972 2001/03/18 22:38:15 djm Exp $


diff --git a/entropy.c b/entropy.c index 665f77324..8bd540dc5 100644 --- a/entropy.c +++ b/entropy.c
@@ -40,7 +40,7 @@
40	#include "pathnames.h"	40	#include "pathnames.h"
41	#include "log.h"	41	#include "log.h"
42		42
43	RCSID("$Id: entropy.c,v 1.35 2001/03/03 13:29:21 djm Exp $");	43	RCSID("$Id: entropy.c,v 1.36 2001/03/18 22:38:16 djm Exp $");
44		44
45	#ifndef offsetof	45	#ifndef offsetof
46	# define offsetof(type, member) ((size_t) &((type *)0)->member)	46	# define offsetof(type, member) ((size_t) &((type *)0)->member)
@@ -68,7 +68,8 @@ RCSID("$Id: entropy.c,v 1.35 2001/03/03 13:29:21 djm Exp $");
68	# define SAVED_IDS_WORK_WITH_SETEUID	68	# define SAVED_IDS_WORK_WITH_SETEUID
69	#endif	69	#endif
70		70
71	void check_openssl_version(void)	71	void
		72	check_openssl_version(void)
72	{	73	{
73	if (SSLeay() != OPENSSL_VERSION_NUMBER)	74	if (SSLeay() != OPENSSL_VERSION_NUMBER)
74	fatal("OpenSSL version mismatch. Built against %lx, you "	75	fatal("OpenSSL version mismatch. Built against %lx, you "
@@ -83,7 +84,8 @@ void check_openssl_version(void)
83		84
84	#ifdef USE_PRNGD	85	#ifdef USE_PRNGD
85	/* Collect entropy from PRNGD/EGD */	86	/* Collect entropy from PRNGD/EGD */
86	int get_random_bytes(unsigned char *buf, int len)	87	int
		88	get_random_bytes(unsigned char *buf, int len)
87	{	89	{
88	int fd;	90	int fd;
89	char msg[2];	91	char msg[2];
@@ -180,7 +182,8 @@ done:
180	#else /* !USE_PRNGD */	182	#else /* !USE_PRNGD */
181	#ifdef RANDOM_POOL	183	#ifdef RANDOM_POOL
182	/* Collect entropy from /dev/urandom or pipe */	184	/* Collect entropy from /dev/urandom or pipe */
183	int get_random_bytes(unsigned char *buf, int len)	185	int
		186	get_random_bytes(unsigned char *buf, int len)
184	{	187	{
185	int random_pool;	188	int random_pool;
186		189
@@ -226,7 +229,8 @@ seed_rng(void)
226	memset(buf, '\0', sizeof(buf));	229	memset(buf, '\0', sizeof(buf));
227	}	230	}
228		231
229	void init_rng(void)	232	void
		233	init_rng(void)
230	{	234	{
231	check_openssl_version();	235	check_openssl_version();
232	}	236	}
@@ -403,8 +407,7 @@ stir_rusage(int who, double entropy_estimate)
403	}	407	}
404		408
405		409
406	static	410	static int
407	int
408	_get_timeval_msec_difference(struct timeval t1, struct timeval t2) {	411	_get_timeval_msec_difference(struct timeval t1, struct timeval t2) {
409	int secdiff, usecdiff;	412	int secdiff, usecdiff;
410		413
@@ -842,8 +845,10 @@ seed_rng(void)
842	/* commands */	845	/* commands */
843	old_sigchld_handler = mysignal(SIGCHLD, SIG_DFL);	846	old_sigchld_handler = mysignal(SIGCHLD, SIG_DFL);
844		847
845	debug("Seeded RNG with %i bytes from programs", (int)stir_from_programs());	848	debug("Seeded RNG with %i bytes from programs",
846	debug("Seeded RNG with %i bytes from system calls", (int)stir_from_system());	849	(int)stir_from_programs());
		850	debug("Seeded RNG with %i bytes from system calls",
		851	(int)stir_from_system());
847		852
848	if (!RAND_status())	853	if (!RAND_status())
849	fatal("Not enough entropy in RNG");	854	fatal("Not enough entropy in RNG");
@@ -854,7 +859,8 @@ seed_rng(void)
854	fatal("Couldn't initialise builtin random number generator -- exiting.");	859	fatal("Couldn't initialise builtin random number generator -- exiting.");
855	}	860	}
856		861
857	void init_rng(void)	862	void
		863	init_rng(void)
858	{	864	{
859	int original_euid;	865	int original_euid;
860		866


diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c index 87c7da5f7..2f3130700 100644 --- a/openbsd-compat/bsd-arc4random.c +++ b/openbsd-compat/bsd-arc4random.c
@@ -24,7 +24,7 @@
24		24
25	#include "includes.h"	25	#include "includes.h"
26		26
27	RCSID("$Id: bsd-arc4random.c,v 1.2 2001/02/09 01:55:36 djm Exp $");	27	RCSID("$Id: bsd-arc4random.c,v 1.3 2001/03/18 22:38:16 djm Exp $");
28		28
29	#ifndef HAVE_ARC4RANDOM	29	#ifndef HAVE_ARC4RANDOM
30		30
@@ -43,10 +43,15 @@ static RC4_KEY rc4;
43	unsigned int arc4random(void)	43	unsigned int arc4random(void)
44	{	44	{
45	unsigned int r = 0;	45	unsigned int r = 0;
		46	static int first_time = 1;
46		47
47	if (rc4_ready <= 0)	48	if (rc4_ready <= 0) {
		49	if (!first_time)
		50	seed_rng();
		51	first_time = 0;
48	arc4random_stir();	52	arc4random_stir();
49		53	}
		54
50	RC4(&rc4, sizeof(r), (unsigned char )&r, (unsigned char )&r);	55	RC4(&rc4, sizeof(r), (unsigned char )&r, (unsigned char )&r);
51		56
52	rc4_ready -= sizeof(r);	57	rc4_ready -= sizeof(r);
@@ -57,17 +62,14 @@ unsigned int arc4random(void)
57	void arc4random_stir(void)	62	void arc4random_stir(void)
58	{	63	{
59	unsigned char rand_buf[SEED_SIZE];	64	unsigned char rand_buf[SEED_SIZE];
60
61	memset(&rc4, 0, sizeof(rc4));
62
63	seed_rng();
64		65
65	RAND_bytes(rand_buf, sizeof(rand_buf));	66	memset(&rc4, 0, sizeof(rc4));
66		67	if (!RAND_bytes(rand_buf, sizeof(rand_buf)))
		68	fatal("Couldn't obtain random bytes (error %ld)",
		69	ERR_get_error());
67	RC4_set_key(&rc4, sizeof(rand_buf), rand_buf);	70	RC4_set_key(&rc4, sizeof(rand_buf), rand_buf);
68
69	memset(rand_buf, 0, sizeof(rand_buf));	71	memset(rand_buf, 0, sizeof(rand_buf));
70		72
71	rc4_ready = REKEY_BYTES;	73	rc4_ready = REKEY_BYTES;
72	}	74	}
73	#endif /* !HAVE_ARC4RANDOM */	75	#endif /* !HAVE_ARC4RANDOM */


diff --git a/ssh-agent.c b/ssh-agent.c index 5a774d570..8c4b5397c 100644 --- a/ssh-agent.c +++ b/ssh-agent.c
@@ -740,6 +740,7 @@ main(int ac, char **av)
740		740
741	__progname = get_progname(av[0]);	741	__progname = get_progname(av[0]);
742	init_rng();	742	init_rng();
		743	seed_rng();
743		744
744	#ifdef __GNU_LIBRARY__	745	#ifdef __GNU_LIBRARY__
745	while ((ch = getopt(ac, av, "+cks")) != -1) {	746	while ((ch = getopt(ac, av, "+cks")) != -1) {


diff --git a/ssh-keygen.c b/ssh-keygen.c index b9ea01781..086b8ad4c 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c
@@ -639,6 +639,7 @@ main(int ac, char **av)
639		639
640	__progname = get_progname(av[0]);	640	__progname = get_progname(av[0]);
641	init_rng();	641	init_rng();
		642	seed_rng();
642		643
643	SSLeay_add_all_algorithms();	644	SSLeay_add_all_algorithms();
644		645


diff --git a/ssh.c b/ssh.c index 74a2b75ac..c47d3dc05 100644 --- a/ssh.c +++ b/ssh.c
@@ -576,6 +576,8 @@ main(int ac, char **av)
576	/* reinit */	576	/* reinit */
577	log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 1);	577	log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 1);
578		578
		579	seed_rng();
		580
579	if (options.user == NULL)	581	if (options.user == NULL)
580	options.user = xstrdup(pw->pw_name);	582	options.user = xstrdup(pw->pw_name);
581		583


diff --git a/sshd.c b/sshd.c index 2d6cbd09e..0a1048cd3 100644 --- a/sshd.c +++ b/sshd.c
@@ -687,6 +687,8 @@ main(int ac, char **av)
687	options.log_facility == -1 ? SYSLOG_FACILITY_AUTH : options.log_facility,	687	options.log_facility == -1 ? SYSLOG_FACILITY_AUTH : options.log_facility,
688	!inetd_flag);	688	!inetd_flag);
689		689
		690	seed_rng();
		691
690	/* Read server configuration options from the configuration file. */	692	/* Read server configuration options from the configuration file. */
691	read_server_config(&options, config_file_name);	693	read_server_config(&options, config_file_name);
692		694