diff options
author | Damien Miller <djm@mindrot.org> | 2002-01-22 21:57:53 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2002-01-22 21:57:53 +1100 |
commit | 6c21c51c487ec31ceb5b81b536c9516c5f20b5b0 (patch) | |
tree | e5fba473079d684039e0d6b2f0bd393b3e1b0186 /entropy.c | |
parent | 7b10ef48771bc3649b6e5ea0b021a2270a5d62f8 (diff) |
- (djm) autoconf hacking:
- We don't support --without-zlib currently, so don't allow it.
- Rework cryptographic random number support detection. We now detect
whether OpenSSL seeds itself. If it does, then we don't bother with
the ssh-rand-helper program. You can force the use of ssh-rand-helper
using the --with-rand-helper configure argument
- Simplify and clean up ssh-rand-helper configuration
Diffstat (limited to 'entropy.c')
-rw-r--r-- | entropy.c | 15 |
1 files changed, 12 insertions, 3 deletions
@@ -45,15 +45,17 @@ | |||
45 | * XXX: we should tell the child how many bytes we need. | 45 | * XXX: we should tell the child how many bytes we need. |
46 | */ | 46 | */ |
47 | 47 | ||
48 | #define RANDOM_SEED_SIZE 48 | 48 | RCSID("$Id: entropy.c,v 1.40 2002/01/22 10:57:54 djm Exp $"); |
49 | |||
50 | RCSID("$Id: entropy.c,v 1.39 2001/12/23 14:41:48 djm Exp $"); | ||
51 | 49 | ||
50 | #ifndef OPENSSL_PRNG_ONLY | ||
51 | #define RANDOM_SEED_SIZE 48 | ||
52 | static uid_t original_uid, original_euid; | 52 | static uid_t original_uid, original_euid; |
53 | #endif | ||
53 | 54 | ||
54 | void | 55 | void |
55 | seed_rng(void) | 56 | seed_rng(void) |
56 | { | 57 | { |
58 | #ifndef OPENSSL_PRNG_ONLY | ||
57 | int devnull; | 59 | int devnull; |
58 | int p[2]; | 60 | int p[2]; |
59 | pid_t pid; | 61 | pid_t pid; |
@@ -121,6 +123,10 @@ seed_rng(void) | |||
121 | 123 | ||
122 | RAND_add(buf, sizeof(buf), sizeof(buf)); | 124 | RAND_add(buf, sizeof(buf), sizeof(buf)); |
123 | memset(buf, '\0', sizeof(buf)); | 125 | memset(buf, '\0', sizeof(buf)); |
126 | |||
127 | #endif /* OPENSSL_PRNG_ONLY */ | ||
128 | if (RAND_status() != 1) | ||
129 | fatal("PRNG is not seeded"); | ||
124 | } | 130 | } |
125 | 131 | ||
126 | void | 132 | void |
@@ -134,8 +140,11 @@ init_rng(void) | |||
134 | fatal("OpenSSL version mismatch. Built against %lx, you " | 140 | fatal("OpenSSL version mismatch. Built against %lx, you " |
135 | "have %lx", OPENSSL_VERSION_NUMBER, SSLeay()); | 141 | "have %lx", OPENSSL_VERSION_NUMBER, SSLeay()); |
136 | 142 | ||
143 | #ifndef OPENSSL_PRNG_ONLY | ||
137 | if ((original_uid = getuid()) == -1) | 144 | if ((original_uid = getuid()) == -1) |
138 | fatal("getuid: %s", strerror(errno)); | 145 | fatal("getuid: %s", strerror(errno)); |
139 | if ((original_euid = geteuid()) == -1) | 146 | if ((original_euid = geteuid()) == -1) |
140 | fatal("geteuid: %s", strerror(errno)); | 147 | fatal("geteuid: %s", strerror(errno)); |
148 | #endif | ||
141 | } | 149 | } |
150 | |||