diff options
| author | Kevin Steves <stevesk@pobox.com> | 2001-02-05 12:42:17 +0000 |
|---|---|---|
| committer | Kevin Steves <stevesk@pobox.com> | 2001-02-05 12:42:17 +0000 |
| commit | ef4eea9badfb65f05ac24f786b710cc3f27f0e43 (patch) | |
| tree | f54abef181ccd6ad5285a5c16b4c159d8b74e932 /entropy.c | |
| parent | d2ddda4efab29fd8663757634773fa10e557e0f3 (diff) | |
- stevesk@cvs.openbsd.org 2001/02/04 08:32:27
[many files; did this manually to our top-level source dir]
unexpand and remove end-of-line whitespace; ok markus@
Diffstat (limited to 'entropy.c')
| -rw-r--r-- | entropy.c | 130 |
1 files changed, 65 insertions, 65 deletions
| @@ -38,7 +38,7 @@ | |||
| 38 | #include "pathnames.h" | 38 | #include "pathnames.h" |
| 39 | #include "log.h" | 39 | #include "log.h" |
| 40 | 40 | ||
| 41 | RCSID("$Id: entropy.c,v 1.25 2001/01/22 21:06:20 mouring Exp $"); | 41 | RCSID("$Id: entropy.c,v 1.26 2001/02/05 12:42:17 stevesk Exp $"); |
| 42 | 42 | ||
| 43 | #ifndef offsetof | 43 | #ifndef offsetof |
| 44 | # define offsetof(type, member) ((size_t) &((type *)0)->member) | 44 | # define offsetof(type, member) ((size_t) &((type *)0)->member) |
| @@ -83,7 +83,7 @@ int get_random_bytes(unsigned char *buf, int len) | |||
| 83 | addr.sun_family = AF_UNIX; | 83 | addr.sun_family = AF_UNIX; |
| 84 | strlcpy(addr.sun_path, EGD_SOCKET, sizeof(addr.sun_path)); | 84 | strlcpy(addr.sun_path, EGD_SOCKET, sizeof(addr.sun_path)); |
| 85 | addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(EGD_SOCKET); | 85 | addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(EGD_SOCKET); |
| 86 | 86 | ||
| 87 | fd = socket(AF_UNIX, SOCK_STREAM, 0); | 87 | fd = socket(AF_UNIX, SOCK_STREAM, 0); |
| 88 | if (fd == -1) { | 88 | if (fd == -1) { |
| 89 | error("Couldn't create AF_UNIX socket: %s", strerror(errno)); | 89 | error("Couldn't create AF_UNIX socket: %s", strerror(errno)); |
| @@ -91,7 +91,7 @@ int get_random_bytes(unsigned char *buf, int len) | |||
| 91 | } | 91 | } |
| 92 | 92 | ||
| 93 | if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) { | 93 | if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) { |
| 94 | error("Couldn't connect to EGD socket \"%s\": %s", | 94 | error("Couldn't connect to EGD socket \"%s\": %s", |
| 95 | addr.sun_path, strerror(errno)); | 95 | addr.sun_path, strerror(errno)); |
| 96 | close(fd); | 96 | close(fd); |
| 97 | return(0); | 97 | return(0); |
| @@ -102,21 +102,21 @@ int get_random_bytes(unsigned char *buf, int len) | |||
| 102 | msg[1] = len; | 102 | msg[1] = len; |
| 103 | 103 | ||
| 104 | if (atomicio(write, fd, msg, sizeof(msg)) != sizeof(msg)) { | 104 | if (atomicio(write, fd, msg, sizeof(msg)) != sizeof(msg)) { |
| 105 | error("Couldn't write to EGD socket \"%s\": %s", | 105 | error("Couldn't write to EGD socket \"%s\": %s", |
| 106 | EGD_SOCKET, strerror(errno)); | 106 | EGD_SOCKET, strerror(errno)); |
| 107 | close(fd); | 107 | close(fd); |
| 108 | return(0); | 108 | return(0); |
| 109 | } | 109 | } |
| 110 | 110 | ||
| 111 | if (atomicio(read, fd, buf, len) != len) { | 111 | if (atomicio(read, fd, buf, len) != len) { |
| 112 | error("Couldn't read from EGD socket \"%s\": %s", | 112 | error("Couldn't read from EGD socket \"%s\": %s", |
| 113 | EGD_SOCKET, strerror(errno)); | 113 | EGD_SOCKET, strerror(errno)); |
| 114 | close(fd); | 114 | close(fd); |
| 115 | return(0); | 115 | return(0); |
| 116 | } | 116 | } |
| 117 | 117 | ||
| 118 | close(fd); | 118 | close(fd); |
| 119 | 119 | ||
| 120 | return(1); | 120 | return(1); |
| 121 | } | 121 | } |
| 122 | #else /* !EGD_SOCKET */ | 122 | #else /* !EGD_SOCKET */ |
| @@ -128,20 +128,20 @@ int get_random_bytes(unsigned char *buf, int len) | |||
| 128 | 128 | ||
| 129 | random_pool = open(RANDOM_POOL, O_RDONLY); | 129 | random_pool = open(RANDOM_POOL, O_RDONLY); |
| 130 | if (random_pool == -1) { | 130 | if (random_pool == -1) { |
| 131 | error("Couldn't open random pool \"%s\": %s", | 131 | error("Couldn't open random pool \"%s\": %s", |
| 132 | RANDOM_POOL, strerror(errno)); | 132 | RANDOM_POOL, strerror(errno)); |
| 133 | return(0); | 133 | return(0); |
| 134 | } | 134 | } |
| 135 | 135 | ||
| 136 | if (atomicio(read, random_pool, buf, len) != len) { | 136 | if (atomicio(read, random_pool, buf, len) != len) { |
| 137 | error("Couldn't read from random pool \"%s\": %s", | 137 | error("Couldn't read from random pool \"%s\": %s", |
| 138 | RANDOM_POOL, strerror(errno)); | 138 | RANDOM_POOL, strerror(errno)); |
| 139 | close(random_pool); | 139 | close(random_pool); |
| 140 | return(0); | 140 | return(0); |
| 141 | } | 141 | } |
| 142 | 142 | ||
| 143 | close(random_pool); | 143 | close(random_pool); |
| 144 | 144 | ||
| 145 | return(1); | 145 | return(1); |
| 146 | } | 146 | } |
| 147 | #endif /* RANDOM_POOL */ | 147 | #endif /* RANDOM_POOL */ |
| @@ -155,7 +155,7 @@ void | |||
| 155 | seed_rng(void) | 155 | seed_rng(void) |
| 156 | { | 156 | { |
| 157 | char buf[32]; | 157 | char buf[32]; |
| 158 | 158 | ||
| 159 | debug("Seeding random number generator"); | 159 | debug("Seeding random number generator"); |
| 160 | 160 | ||
| 161 | if (!get_random_bytes(buf, sizeof(buf))) { | 161 | if (!get_random_bytes(buf, sizeof(buf))) { |
| @@ -164,7 +164,7 @@ seed_rng(void) | |||
| 164 | } else { | 164 | } else { |
| 165 | RAND_add(buf, sizeof(buf), sizeof(buf)); | 165 | RAND_add(buf, sizeof(buf), sizeof(buf)); |
| 166 | } | 166 | } |
| 167 | 167 | ||
| 168 | memset(buf, '\0', sizeof(buf)); | 168 | memset(buf, '\0', sizeof(buf)); |
| 169 | } | 169 | } |
| 170 | 170 | ||
| @@ -173,7 +173,7 @@ void init_rng(void) {} | |||
| 173 | 173 | ||
| 174 | #else /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */ | 174 | #else /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */ |
| 175 | 175 | ||
| 176 | /* | 176 | /* |
| 177 | * FIXME: proper entropy estimations. All current values are guesses | 177 | * FIXME: proper entropy estimations. All current values are guesses |
| 178 | * FIXME: (ATL) do estimates at compile time? | 178 | * FIXME: (ATL) do estimates at compile time? |
| 179 | * FIXME: More entropy sources | 179 | * FIXME: More entropy sources |
| @@ -213,18 +213,18 @@ double hash_output_from_command(entropy_source_t *src, char *hash); | |||
| 213 | /* this is initialised from a file, by prng_read_commands() */ | 213 | /* this is initialised from a file, by prng_read_commands() */ |
| 214 | entropy_source_t *entropy_sources = NULL; | 214 | entropy_source_t *entropy_sources = NULL; |
| 215 | 215 | ||
| 216 | double | 216 | double |
| 217 | stir_from_system(void) | 217 | stir_from_system(void) |
| 218 | { | 218 | { |
| 219 | double total_entropy_estimate; | 219 | double total_entropy_estimate; |
| 220 | long int i; | 220 | long int i; |
| 221 | 221 | ||
| 222 | total_entropy_estimate = 0; | 222 | total_entropy_estimate = 0; |
| 223 | 223 | ||
| 224 | i = getpid(); | 224 | i = getpid(); |
| 225 | RAND_add(&i, sizeof(i), 0.5); | 225 | RAND_add(&i, sizeof(i), 0.5); |
| 226 | total_entropy_estimate += 0.1; | 226 | total_entropy_estimate += 0.1; |
| 227 | 227 | ||
| 228 | i = getppid(); | 228 | i = getppid(); |
| 229 | RAND_add(&i, sizeof(i), 0.5); | 229 | RAND_add(&i, sizeof(i), 0.5); |
| 230 | total_entropy_estimate += 0.1; | 230 | total_entropy_estimate += 0.1; |
| @@ -241,7 +241,7 @@ stir_from_system(void) | |||
| 241 | return(total_entropy_estimate); | 241 | return(total_entropy_estimate); |
| 242 | } | 242 | } |
| 243 | 243 | ||
| 244 | double | 244 | double |
| 245 | stir_from_programs(void) | 245 | stir_from_programs(void) |
| 246 | { | 246 | { |
| 247 | int i; | 247 | int i; |
| @@ -261,18 +261,18 @@ stir_from_programs(void) | |||
| 261 | 261 | ||
| 262 | /* Scale back entropy estimate according to command's rate */ | 262 | /* Scale back entropy estimate according to command's rate */ |
| 263 | entropy_estimate *= entropy_sources[c].rate; | 263 | entropy_estimate *= entropy_sources[c].rate; |
| 264 | 264 | ||
| 265 | /* Upper bound of entropy estimate is SHA_DIGEST_LENGTH */ | 265 | /* Upper bound of entropy estimate is SHA_DIGEST_LENGTH */ |
| 266 | if (entropy_estimate > SHA_DIGEST_LENGTH) | 266 | if (entropy_estimate > SHA_DIGEST_LENGTH) |
| 267 | entropy_estimate = SHA_DIGEST_LENGTH; | 267 | entropy_estimate = SHA_DIGEST_LENGTH; |
| 268 | 268 | ||
| 269 | /* Scale back estimates for subsequent passes through list */ | 269 | /* Scale back estimates for subsequent passes through list */ |
| 270 | entropy_estimate /= SCALE_PER_RUN * (i + 1.0); | 270 | entropy_estimate /= SCALE_PER_RUN * (i + 1.0); |
| 271 | 271 | ||
| 272 | /* Stir it in */ | 272 | /* Stir it in */ |
| 273 | RAND_add(hash, sizeof(hash), entropy_estimate); | 273 | RAND_add(hash, sizeof(hash), entropy_estimate); |
| 274 | 274 | ||
| 275 | debug3("Got %0.2f bytes of entropy from '%s'", entropy_estimate, | 275 | debug3("Got %0.2f bytes of entropy from '%s'", entropy_estimate, |
| 276 | entropy_sources[c].cmdstring); | 276 | entropy_sources[c].cmdstring); |
| 277 | 277 | ||
| 278 | total_entropy_estimate += entropy_estimate; | 278 | total_entropy_estimate += entropy_estimate; |
| @@ -293,7 +293,7 @@ stir_from_programs(void) | |||
| 293 | c++; | 293 | c++; |
| 294 | } | 294 | } |
| 295 | } | 295 | } |
| 296 | 296 | ||
| 297 | return(total_entropy_estimate); | 297 | return(total_entropy_estimate); |
| 298 | } | 298 | } |
| 299 | 299 | ||
| @@ -301,12 +301,12 @@ double | |||
| 301 | stir_gettimeofday(double entropy_estimate) | 301 | stir_gettimeofday(double entropy_estimate) |
| 302 | { | 302 | { |
| 303 | struct timeval tv; | 303 | struct timeval tv; |
| 304 | 304 | ||
| 305 | if (gettimeofday(&tv, NULL) == -1) | 305 | if (gettimeofday(&tv, NULL) == -1) |
| 306 | fatal("Couldn't gettimeofday: %s", strerror(errno)); | 306 | fatal("Couldn't gettimeofday: %s", strerror(errno)); |
| 307 | 307 | ||
| 308 | RAND_add(&tv, sizeof(tv), entropy_estimate); | 308 | RAND_add(&tv, sizeof(tv), entropy_estimate); |
| 309 | 309 | ||
| 310 | return(entropy_estimate); | 310 | return(entropy_estimate); |
| 311 | } | 311 | } |
| 312 | 312 | ||
| @@ -315,10 +315,10 @@ stir_clock(double entropy_estimate) | |||
| 315 | { | 315 | { |
| 316 | #ifdef HAVE_CLOCK | 316 | #ifdef HAVE_CLOCK |
| 317 | clock_t c; | 317 | clock_t c; |
| 318 | 318 | ||
| 319 | c = clock(); | 319 | c = clock(); |
| 320 | RAND_add(&c, sizeof(c), entropy_estimate); | 320 | RAND_add(&c, sizeof(c), entropy_estimate); |
| 321 | 321 | ||
| 322 | return(entropy_estimate); | 322 | return(entropy_estimate); |
| 323 | #else /* _HAVE_CLOCK */ | 323 | #else /* _HAVE_CLOCK */ |
| 324 | return(0); | 324 | return(0); |
| @@ -330,7 +330,7 @@ stir_rusage(int who, double entropy_estimate) | |||
| 330 | { | 330 | { |
| 331 | #ifdef HAVE_GETRUSAGE | 331 | #ifdef HAVE_GETRUSAGE |
| 332 | struct rusage ru; | 332 | struct rusage ru; |
| 333 | 333 | ||
| 334 | if (getrusage(who, &ru) == -1) | 334 | if (getrusage(who, &ru) == -1) |
| 335 | return(0); | 335 | return(0); |
| 336 | 336 | ||
| @@ -368,7 +368,7 @@ hash_output_from_command(entropy_source_t *src, char *hash) | |||
| 368 | int bytes_read; | 368 | int bytes_read; |
| 369 | int total_bytes_read; | 369 | int total_bytes_read; |
| 370 | SHA_CTX sha; | 370 | SHA_CTX sha; |
| 371 | 371 | ||
| 372 | debug3("Reading output from \'%s\'", src->cmdstring); | 372 | debug3("Reading output from \'%s\'", src->cmdstring); |
| 373 | 373 | ||
| 374 | if (devnull == -1) { | 374 | if (devnull == -1) { |
| @@ -376,7 +376,7 @@ hash_output_from_command(entropy_source_t *src, char *hash) | |||
| 376 | if (devnull == -1) | 376 | if (devnull == -1) |
| 377 | fatal("Couldn't open /dev/null: %s", strerror(errno)); | 377 | fatal("Couldn't open /dev/null: %s", strerror(errno)); |
| 378 | } | 378 | } |
| 379 | 379 | ||
| 380 | if (pipe(p) == -1) | 380 | if (pipe(p) == -1) |
| 381 | fatal("Couldn't open pipe: %s", strerror(errno)); | 381 | fatal("Couldn't open pipe: %s", strerror(errno)); |
| 382 | 382 | ||
| @@ -469,7 +469,7 @@ hash_output_from_command(entropy_source_t *src, char *hash) | |||
| 469 | close(p[0]); | 469 | close(p[0]); |
| 470 | 470 | ||
| 471 | debug3("Time elapsed: %d msec", msec_elapsed); | 471 | debug3("Time elapsed: %d msec", msec_elapsed); |
| 472 | 472 | ||
| 473 | if (waitpid(pid, &status, 0) == -1) { | 473 | if (waitpid(pid, &status, 0) == -1) { |
| 474 | error("Couldn't wait for child '%s' completion: %s", src->cmdstring, | 474 | error("Couldn't wait for child '%s' completion: %s", src->cmdstring, |
| 475 | strerror(errno)); | 475 | strerror(errno)); |
| @@ -492,13 +492,13 @@ hash_output_from_command(entropy_source_t *src, char *hash) | |||
| 492 | if (WEXITSTATUS(status)==0) { | 492 | if (WEXITSTATUS(status)==0) { |
| 493 | return(total_bytes_read); | 493 | return(total_bytes_read); |
| 494 | } else { | 494 | } else { |
| 495 | debug2("Command '%s' exit status was %d", src->cmdstring, | 495 | debug2("Command '%s' exit status was %d", src->cmdstring, |
| 496 | WEXITSTATUS(status)); | 496 | WEXITSTATUS(status)); |
| 497 | src->badness = src->sticky_badness = 128; | 497 | src->badness = src->sticky_badness = 128; |
| 498 | return (0.0); | 498 | return (0.0); |
| 499 | } | 499 | } |
| 500 | } else if (WIFSIGNALED(status)) { | 500 | } else if (WIFSIGNALED(status)) { |
| 501 | debug2("Command '%s' returned on uncaught signal %d !", src->cmdstring, | 501 | debug2("Command '%s' returned on uncaught signal %d !", src->cmdstring, |
| 502 | status); | 502 | status); |
| 503 | src->badness = src->sticky_badness = 128; | 503 | src->badness = src->sticky_badness = 128; |
| 504 | return(0.0); | 504 | return(0.0); |
| @@ -519,7 +519,7 @@ prng_check_seedfile(char *filename) { | |||
| 519 | if (lstat(filename, &st) == -1) { | 519 | if (lstat(filename, &st) == -1) { |
| 520 | /* Give up on hard errors */ | 520 | /* Give up on hard errors */ |
| 521 | if (errno != ENOENT) | 521 | if (errno != ENOENT) |
| 522 | debug("WARNING: Couldn't stat random seed file \"%s\": %s", | 522 | debug("WARNING: Couldn't stat random seed file \"%s\": %s", |
| 523 | filename, strerror(errno)); | 523 | filename, strerror(errno)); |
| 524 | 524 | ||
| 525 | return(0); | 525 | return(0); |
| @@ -535,7 +535,7 @@ prng_check_seedfile(char *filename) { | |||
| 535 | filename, getuid()); | 535 | filename, getuid()); |
| 536 | return(0); | 536 | return(0); |
| 537 | } | 537 | } |
| 538 | 538 | ||
| 539 | return(1); | 539 | return(1); |
| 540 | } | 540 | } |
| 541 | 541 | ||
| @@ -549,22 +549,22 @@ prng_write_seedfile(void) { | |||
| 549 | /* Don't bother if we have already saved a seed */ | 549 | /* Don't bother if we have already saved a seed */ |
| 550 | if (prng_seed_saved) | 550 | if (prng_seed_saved) |
| 551 | return; | 551 | return; |
| 552 | 552 | ||
| 553 | setuid(original_uid); | 553 | setuid(original_uid); |
| 554 | 554 | ||
| 555 | prng_seed_saved = 1; | 555 | prng_seed_saved = 1; |
| 556 | 556 | ||
| 557 | pw = getpwuid(original_uid); | 557 | pw = getpwuid(original_uid); |
| 558 | if (pw == NULL) | 558 | if (pw == NULL) |
| 559 | fatal("Couldn't get password entry for current user (%i): %s", | 559 | fatal("Couldn't get password entry for current user (%i): %s", |
| 560 | original_uid, strerror(errno)); | 560 | original_uid, strerror(errno)); |
| 561 | 561 | ||
| 562 | /* Try to ensure that the parent directory is there */ | 562 | /* Try to ensure that the parent directory is there */ |
| 563 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, | 563 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, |
| 564 | _PATH_SSH_USER_DIR); | 564 | _PATH_SSH_USER_DIR); |
| 565 | mkdir(filename, 0700); | 565 | mkdir(filename, 0700); |
| 566 | 566 | ||
| 567 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, | 567 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, |
| 568 | SSH_PRNG_SEED_FILE); | 568 | SSH_PRNG_SEED_FILE); |
| 569 | 569 | ||
| 570 | debug("writing PRNG seed to file %.100s", filename); | 570 | debug("writing PRNG seed to file %.100s", filename); |
| @@ -573,13 +573,13 @@ prng_write_seedfile(void) { | |||
| 573 | 573 | ||
| 574 | /* Don't care if the seed doesn't exist */ | 574 | /* Don't care if the seed doesn't exist */ |
| 575 | prng_check_seedfile(filename); | 575 | prng_check_seedfile(filename); |
| 576 | 576 | ||
| 577 | if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) { | 577 | if ((fd = open(filename, O_WRONLY|O_TRUNC|O_CREAT, 0600)) == -1) { |
| 578 | debug("WARNING: couldn't access PRNG seedfile %.100s (%.100s)", | 578 | debug("WARNING: couldn't access PRNG seedfile %.100s (%.100s)", |
| 579 | filename, strerror(errno)); | 579 | filename, strerror(errno)); |
| 580 | } else { | 580 | } else { |
| 581 | if (atomicio(write, fd, &seed, sizeof(seed)) != sizeof(seed)) | 581 | if (atomicio(write, fd, &seed, sizeof(seed)) != sizeof(seed)) |
| 582 | fatal("problem writing PRNG seedfile %.100s (%.100s)", filename, | 582 | fatal("problem writing PRNG seedfile %.100s (%.100s)", filename, |
| 583 | strerror(errno)); | 583 | strerror(errno)); |
| 584 | 584 | ||
| 585 | close(fd); | 585 | close(fd); |
| @@ -592,13 +592,13 @@ prng_read_seedfile(void) { | |||
| 592 | char seed[1024]; | 592 | char seed[1024]; |
| 593 | char filename[1024]; | 593 | char filename[1024]; |
| 594 | struct passwd *pw; | 594 | struct passwd *pw; |
| 595 | 595 | ||
| 596 | pw = getpwuid(original_uid); | 596 | pw = getpwuid(original_uid); |
| 597 | if (pw == NULL) | 597 | if (pw == NULL) |
| 598 | fatal("Couldn't get password entry for current user (%i): %s", | 598 | fatal("Couldn't get password entry for current user (%i): %s", |
| 599 | original_uid, strerror(errno)); | 599 | original_uid, strerror(errno)); |
| 600 | 600 | ||
| 601 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, | 601 | snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, |
| 602 | SSH_PRNG_SEED_FILE); | 602 | SSH_PRNG_SEED_FILE); |
| 603 | 603 | ||
| 604 | debug("loading PRNG seed from file %.100s", filename); | 604 | debug("loading PRNG seed from file %.100s", filename); |
| @@ -611,7 +611,7 @@ prng_read_seedfile(void) { | |||
| 611 | /* open the file and read in the seed */ | 611 | /* open the file and read in the seed */ |
| 612 | fd = open(filename, O_RDONLY); | 612 | fd = open(filename, O_RDONLY); |
| 613 | if (fd == -1) | 613 | if (fd == -1) |
| 614 | fatal("could not open PRNG seedfile %.100s (%.100s)", filename, | 614 | fatal("could not open PRNG seedfile %.100s (%.100s)", filename, |
| 615 | strerror(errno)); | 615 | strerror(errno)); |
| 616 | 616 | ||
| 617 | if (atomicio(read, fd, &seed, sizeof(seed)) != sizeof(seed)) { | 617 | if (atomicio(read, fd, &seed, sizeof(seed)) != sizeof(seed)) { |
| @@ -671,7 +671,7 @@ prng_read_commands(char *cmdfilename) | |||
| 671 | error("bad entropy command, %.100s line %d", cmdfilename, | 671 | error("bad entropy command, %.100s line %d", cmdfilename, |
| 672 | linenum); | 672 | linenum); |
| 673 | continue; | 673 | continue; |
| 674 | } | 674 | } |
| 675 | 675 | ||
| 676 | /* first token, command args (incl. argv[0]) in double quotes */ | 676 | /* first token, command args (incl. argv[0]) in double quotes */ |
| 677 | cp = strtok(cp, "\""); | 677 | cp = strtok(cp, "\""); |
| @@ -681,7 +681,7 @@ prng_read_commands(char *cmdfilename) | |||
| 681 | continue; | 681 | continue; |
| 682 | } | 682 | } |
| 683 | strlcpy(cmd, cp, sizeof(cmd)); | 683 | strlcpy(cmd, cp, sizeof(cmd)); |
| 684 | 684 | ||
| 685 | /* second token, full command path */ | 685 | /* second token, full command path */ |
| 686 | if ((cp = strtok(NULL, WHITESPACE)) == NULL) { | 686 | if ((cp = strtok(NULL, WHITESPACE)) == NULL) { |
| 687 | error("missing command path, %.100s line %d -- ignored", | 687 | error("missing command path, %.100s line %d -- ignored", |
| @@ -693,7 +693,7 @@ prng_read_commands(char *cmdfilename) | |||
| 693 | if (strncmp("undef", cp, 5) == 0) | 693 | if (strncmp("undef", cp, 5) == 0) |
| 694 | continue; | 694 | continue; |
| 695 | 695 | ||
| 696 | strlcpy(path, cp, sizeof(path)); | 696 | strlcpy(path, cp, sizeof(path)); |
| 697 | 697 | ||
| 698 | /* third token, entropy rate estimate for this command */ | 698 | /* third token, entropy rate estimate for this command */ |
| 699 | if ((cp = strtok(NULL, WHITESPACE)) == NULL) { | 699 | if ((cp = strtok(NULL, WHITESPACE)) == NULL) { |
| @@ -705,14 +705,14 @@ prng_read_commands(char *cmdfilename) | |||
| 705 | 705 | ||
| 706 | /* end of line */ | 706 | /* end of line */ |
| 707 | if ((cp = strtok(NULL, WHITESPACE)) != NULL) { | 707 | if ((cp = strtok(NULL, WHITESPACE)) != NULL) { |
| 708 | error("garbage at end of line %d in %.100s -- ignored", linenum, | 708 | error("garbage at end of line %d in %.100s -- ignored", linenum, |
| 709 | cmdfilename); | 709 | cmdfilename); |
| 710 | continue; | 710 | continue; |
| 711 | } | 711 | } |
| 712 | 712 | ||
| 713 | /* save the command for debug messages */ | 713 | /* save the command for debug messages */ |
| 714 | entcmd[cur_cmd].cmdstring = xstrdup(cmd); | 714 | entcmd[cur_cmd].cmdstring = xstrdup(cmd); |
| 715 | 715 | ||
| 716 | /* split the command args */ | 716 | /* split the command args */ |
| 717 | cp = strtok(cmd, WHITESPACE); | 717 | cp = strtok(cmd, WHITESPACE); |
| 718 | arg = 0; | 718 | arg = 0; |
| @@ -723,7 +723,7 @@ prng_read_commands(char *cmdfilename) | |||
| 723 | entcmd[cur_cmd].args[arg] = s; | 723 | entcmd[cur_cmd].args[arg] = s; |
| 724 | arg++; | 724 | arg++; |
| 725 | } while ((arg < 5) && (cp = strtok(NULL, WHITESPACE))); | 725 | } while ((arg < 5) && (cp = strtok(NULL, WHITESPACE))); |
| 726 | 726 | ||
| 727 | if (strtok(NULL, WHITESPACE)) | 727 | if (strtok(NULL, WHITESPACE)) |
| 728 | error("ignored extra command elements (max 5), %.100s line %d", | 728 | error("ignored extra command elements (max 5), %.100s line %d", |
| 729 | cmdfilename, linenum); | 729 | cmdfilename, linenum); |
| @@ -759,7 +759,7 @@ prng_read_commands(char *cmdfilename) | |||
| 759 | 759 | ||
| 760 | /* | 760 | /* |
| 761 | * Write a keyfile at exit | 761 | * Write a keyfile at exit |
| 762 | */ | 762 | */ |
| 763 | void | 763 | void |
| 764 | prng_seed_cleanup(void *junk) | 764 | prng_seed_cleanup(void *junk) |
| 765 | { | 765 | { |
| @@ -777,7 +777,7 @@ seed_rng(void) | |||
| 777 | 777 | ||
| 778 | if (!prng_initialised) | 778 | if (!prng_initialised) |
| 779 | fatal("RNG not initialised"); | 779 | fatal("RNG not initialised"); |
| 780 | 780 | ||
| 781 | /* Make sure some other sigchld handler doesn't reap our entropy */ | 781 | /* Make sure some other sigchld handler doesn't reap our entropy */ |
| 782 | /* commands */ | 782 | /* commands */ |
| 783 | old_sigchld_handler = signal(SIGCHLD, SIG_DFL); | 783 | old_sigchld_handler = signal(SIGCHLD, SIG_DFL); |
| @@ -794,10 +794,10 @@ seed_rng(void) | |||
| 794 | fatal("Couldn't initialise builtin random number generator -- exiting."); | 794 | fatal("Couldn't initialise builtin random number generator -- exiting."); |
| 795 | } | 795 | } |
| 796 | 796 | ||
| 797 | void init_rng(void) | 797 | void init_rng(void) |
| 798 | { | 798 | { |
| 799 | int original_euid; | 799 | int original_euid; |
| 800 | 800 | ||
| 801 | original_uid = getuid(); | 801 | original_uid = getuid(); |
| 802 | original_euid = geteuid(); | 802 | original_euid = geteuid(); |
| 803 | 803 | ||
| @@ -806,12 +806,12 @@ void init_rng(void) | |||
| 806 | fatal("PRNG initialisation failed -- exiting."); | 806 | fatal("PRNG initialisation failed -- exiting."); |
| 807 | 807 | ||
| 808 | /* Set ourselves up to save a seed upon exit */ | 808 | /* Set ourselves up to save a seed upon exit */ |
| 809 | prng_seed_saved = 0; | 809 | prng_seed_saved = 0; |
| 810 | 810 | ||
| 811 | /* Give up privs while reading seed file */ | 811 | /* Give up privs while reading seed file */ |
| 812 | if ((original_uid != original_euid) && (seteuid(original_uid) == -1)) | 812 | if ((original_uid != original_euid) && (seteuid(original_uid) == -1)) |
| 813 | fatal("Couldn't give up privileges"); | 813 | fatal("Couldn't give up privileges"); |
| 814 | 814 | ||
| 815 | prng_read_seedfile(); | 815 | prng_read_seedfile(); |
| 816 | 816 | ||
| 817 | if ((original_uid != original_euid) && (seteuid(original_euid) == -1)) | 817 | if ((original_uid != original_euid) && (seteuid(original_euid) == -1)) |