summaryrefslogtreecommitdiff
path: root/entropy.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2009-12-29 21:34:25 +0000
committerColin Watson <cjwatson@debian.org>2009-12-29 21:34:25 +0000
commitfa585019a79ebcb4e0202b1c33f87ff1c5c9ce1c (patch)
tree28fc9a13eaab935e4de055b561b333d67387a934 /entropy.c
parent04942aa41fa94ec6f2c3ce1d348f600f31bb7c78 (diff)
parent3e2e0ac10674d77618c4c7339e18b83ced247492 (diff)
import openssh-4.3p2-gsskex-20060223.patch
Diffstat (limited to 'entropy.c')
-rw-r--r--entropy.c38
1 files changed, 33 insertions, 5 deletions
diff --git a/entropy.c b/entropy.c
index 410bbb927..e5b45b0b6 100644
--- a/entropy.c
+++ b/entropy.c
@@ -26,6 +26,7 @@
26 26
27#include <openssl/rand.h> 27#include <openssl/rand.h>
28#include <openssl/crypto.h> 28#include <openssl/crypto.h>
29#include <openssl/err.h>
29 30
30#include "ssh.h" 31#include "ssh.h"
31#include "misc.h" 32#include "misc.h"
@@ -33,6 +34,8 @@
33#include "atomicio.h" 34#include "atomicio.h"
34#include "pathnames.h" 35#include "pathnames.h"
35#include "log.h" 36#include "log.h"
37#include "buffer.h"
38#include "bufaux.h"
36 39
37/* 40/*
38 * Portable OpenSSH PRNG seeding: 41 * Portable OpenSSH PRNG seeding:
@@ -45,7 +48,7 @@
45 * XXX: we should tell the child how many bytes we need. 48 * XXX: we should tell the child how many bytes we need.
46 */ 49 */
47 50
48RCSID("$Id: entropy.c,v 1.49 2005/07/17 07:26:44 djm Exp $"); 51RCSID("$Id: entropy.c,v 1.52 2005/09/27 22:26:30 dtucker Exp $");
49 52
50#ifndef OPENSSL_PRNG_ONLY 53#ifndef OPENSSL_PRNG_ONLY
51#define RANDOM_SEED_SIZE 48 54#define RANDOM_SEED_SIZE 48
@@ -145,10 +148,35 @@ init_rng(void)
145 "have %lx", OPENSSL_VERSION_NUMBER, SSLeay()); 148 "have %lx", OPENSSL_VERSION_NUMBER, SSLeay());
146 149
147#ifndef OPENSSL_PRNG_ONLY 150#ifndef OPENSSL_PRNG_ONLY
148 if ((original_uid = getuid()) == -1) 151 original_uid = getuid();
149 fatal("getuid: %s", strerror(errno)); 152 original_euid = geteuid();
150 if ((original_euid = geteuid()) == -1)
151 fatal("geteuid: %s", strerror(errno));
152#endif 153#endif
153} 154}
154 155
156#ifndef OPENSSL_PRNG_ONLY
157void
158rexec_send_rng_seed(Buffer *m)
159{
160 u_char buf[RANDOM_SEED_SIZE];
161
162 if (RAND_bytes(buf, sizeof(buf)) <= 0) {
163 error("Couldn't obtain random bytes (error %ld)",
164 ERR_get_error());
165 buffer_put_string(m, "", 0);
166 } else
167 buffer_put_string(m, buf, sizeof(buf));
168}
169
170void
171rexec_recv_rng_seed(Buffer *m)
172{
173 u_char *buf;
174 u_int len;
175
176 buf = buffer_get_string_ret(m, &len);
177 if (buf != NULL) {
178 debug3("rexec_recv_rng_seed: seeding rng with %u bytes", len);
179 RAND_add(buf, len, len);
180 }
181}
182#endif