refactor libcrypto initialisation

Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually supports it. Move all libcrypto initialisation to a single function, and call that from seed_rng() that is called early in each tool's main(). Prompted by patch from Rosen Penev
author: Damien Miller <djm@mindrot.org> 2018-11-23 10:40:06 +1100
committer: Damien Miller <djm@mindrot.org> 2018-11-23 10:42:05 +1100
commit: 42c5ec4b97b6a1bae70f323952d0646af16ce710 (patch)
tree: 6d85f7daebb7241b80bc91126f433dca62e850e8 /entropy.c
parent: 5b60b6c02009547a3e2a99d4886965de2a4719da (diff)
1 files changed, 22 insertions, 13 deletions
diff --git a/entropy.c b/entropy.c
index fc710ec23..97e836087 100644
--- a/entropy.c
+++ b/entropy.c
@@ -56,6 +56,8 @@
 #include "sshbuf.h"
 #include "ssherr.h"
+#define RANDOM_SEED_SIZE 48
 /*
 * Portable OpenSSH PRNG seeding:
 * If OpenSSL has not "internally seeded" itself (e.g. pulled data from
@@ -64,8 +66,6 @@
 */
 #ifndef OPENSSL_PRNG_ONLY
-#define RANDOM_SEED_SIZE 48
 /*
 * Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon
 * listening either on 'tcp_port', or via Unix domain socket at *
@@ -216,9 +216,11 @@ rexec_recv_rng_seed(struct sshbuf *m)
 void
 seed_rng(void)
 {
-#ifndef OPENSSL_PRNG_ONLY
        unsigned char buf[RANDOM_SEED_SIZE];
-#endif
+        /* Initialise libcrypto */
+        ssh_libcrypto_init();
        if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER,
            OpenSSL_version_num()))
                fatal("OpenSSL version mismatch. Built against %lx, you "
@@ -226,27 +228,34 @@ seed_rng(void)
                    OpenSSL_version_num());
 #ifndef OPENSSL_PRNG_ONLY
-        if (RAND_status() == 1) {
+        if (RAND_status() == 1)
                debug3("RNG is ready, skipping seeding");
-                return;
+        else {
+                if (seed_from_prngd(buf, sizeof(buf)) == -1)
+                        fatal("Could not obtain seed from PRNGd");
+                RAND_add(buf, sizeof(buf), sizeof(buf));
        }
-        if (seed_from_prngd(buf, sizeof(buf)) == -1)
-                fatal("Could not obtain seed from PRNGd");
-        RAND_add(buf, sizeof(buf), sizeof(buf));
-        memset(buf, '\0', sizeof(buf));
 #endif /* OPENSSL_PRNG_ONLY */
        if (RAND_status() != 1)
                fatal("PRNG is not seeded");
+        /* Ensure arc4random() is primed */
+        arc4random_buf(buf, sizeof(buf));
+        explicit_bzero(buf, sizeof(buf));
 }
 #else /* WITH_OPENSSL */
-/* Handled in arc4random() */
+/* Acutal initialisation is handled in arc4random() */
 void
 seed_rng(void)
 {
+        unsigned char buf[RANDOM_SEED_SIZE];
+        /* Ensure arc4random() is primed */
+        arc4random_buf(buf, sizeof(buf));
+        explicit_bzero(buf, sizeof(buf));
 }
 #endif /* WITH_OPENSSL */
author	Damien Miller <djm@mindrot.org>	2018-11-23 10:40:06 +1100
committer	Damien Miller <djm@mindrot.org>	2018-11-23 10:42:05 +1100
commit	42c5ec4b97b6a1bae70f323952d0646af16ce710 (patch)
tree	6d85f7daebb7241b80bc91126f433dca62e850e8 /entropy.c
parent	5b60b6c02009547a3e2a99d4886965de2a4719da (diff)

diff --git a/entropy.c b/entropy.c index fc710ec23..97e836087 100644 --- a/entropy.c +++ b/entropy.c
@@ -56,6 +56,8 @@
56	#include "sshbuf.h"	56	#include "sshbuf.h"
57	#include "ssherr.h"	57	#include "ssherr.h"
58		58
		59	#define RANDOM_SEED_SIZE 48
		60
59	/*	61	/*
60	* Portable OpenSSH PRNG seeding:	62	* Portable OpenSSH PRNG seeding:
61	* If OpenSSL has not "internally seeded" itself (e.g. pulled data from	63	* If OpenSSL has not "internally seeded" itself (e.g. pulled data from
@@ -64,8 +66,6 @@
64	*/	66	*/
65	#ifndef OPENSSL_PRNG_ONLY	67	#ifndef OPENSSL_PRNG_ONLY
66		68
67	#define RANDOM_SEED_SIZE 48
68
69	/*	69	/*
70	* Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon	70	* Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon
71	* listening either on 'tcp_port', or via Unix domain socket at *	71	* listening either on 'tcp_port', or via Unix domain socket at *
@@ -216,9 +216,11 @@ rexec_recv_rng_seed(struct sshbuf *m)
216	void	216	void
217	seed_rng(void)	217	seed_rng(void)
218	{	218	{
219	#ifndef OPENSSL_PRNG_ONLY
220	unsigned char buf[RANDOM_SEED_SIZE];	219	unsigned char buf[RANDOM_SEED_SIZE];
221	#endif	220
		221	/* Initialise libcrypto */
		222	ssh_libcrypto_init();
		223
222	if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER,	224	if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER,
223	OpenSSL_version_num()))	225	OpenSSL_version_num()))
224	fatal("OpenSSL version mismatch. Built against %lx, you "	226	fatal("OpenSSL version mismatch. Built against %lx, you "
@@ -226,27 +228,34 @@ seed_rng(void)
226	OpenSSL_version_num());	228	OpenSSL_version_num());
227		229
228	#ifndef OPENSSL_PRNG_ONLY	230	#ifndef OPENSSL_PRNG_ONLY
229	if (RAND_status() == 1) {	231	if (RAND_status() == 1)
230	debug3("RNG is ready, skipping seeding");	232	debug3("RNG is ready, skipping seeding");
231	return;	233	else {
		234	if (seed_from_prngd(buf, sizeof(buf)) == -1)
		235	fatal("Could not obtain seed from PRNGd");
		236	RAND_add(buf, sizeof(buf), sizeof(buf));
232	}	237	}
233
234	if (seed_from_prngd(buf, sizeof(buf)) == -1)
235	fatal("Could not obtain seed from PRNGd");
236	RAND_add(buf, sizeof(buf), sizeof(buf));
237	memset(buf, '\0', sizeof(buf));
238
239	#endif /* OPENSSL_PRNG_ONLY */	238	#endif /* OPENSSL_PRNG_ONLY */
		239
240	if (RAND_status() != 1)	240	if (RAND_status() != 1)
241	fatal("PRNG is not seeded");	241	fatal("PRNG is not seeded");
		242
		243	/* Ensure arc4random() is primed */
		244	arc4random_buf(buf, sizeof(buf));
		245	explicit_bzero(buf, sizeof(buf));
242	}	246	}
243		247
244	#else /* WITH_OPENSSL */	248	#else /* WITH_OPENSSL */
245		249
246	/* Handled in arc4random() */	250	/* Acutal initialisation is handled in arc4random() */
247	void	251	void
248	seed_rng(void)	252	seed_rng(void)
249	{	253	{
		254	unsigned char buf[RANDOM_SEED_SIZE];
		255
		256	/* Ensure arc4random() is primed */
		257	arc4random_buf(buf, sizeof(buf));
		258	explicit_bzero(buf, sizeof(buf));
250	}	259	}
251		260
252	#endif /* WITH_OPENSSL */	261	#endif /* WITH_OPENSSL */