diff options
Diffstat (limited to 'entropy.c')
-rw-r--r-- | entropy.c | 24 |
1 files changed, 12 insertions, 12 deletions
@@ -36,16 +36,16 @@ | |||
36 | 36 | ||
37 | /* | 37 | /* |
38 | * Portable OpenSSH PRNG seeding: | 38 | * Portable OpenSSH PRNG seeding: |
39 | * If OpenSSL has not "internally seeded" itself (e.g. pulled data from | 39 | * If OpenSSL has not "internally seeded" itself (e.g. pulled data from |
40 | * /dev/random), then we execute a "ssh-rand-helper" program which | 40 | * /dev/random), then we execute a "ssh-rand-helper" program which |
41 | * collects entropy and writes it to stdout. The child program must | 41 | * collects entropy and writes it to stdout. The child program must |
42 | * write at least RANDOM_SEED_SIZE bytes. The child is run with stderr | 42 | * write at least RANDOM_SEED_SIZE bytes. The child is run with stderr |
43 | * attached, so error/debugging output should be visible. | 43 | * attached, so error/debugging output should be visible. |
44 | * | 44 | * |
45 | * XXX: we should tell the child how many bytes we need. | 45 | * XXX: we should tell the child how many bytes we need. |
46 | */ | 46 | */ |
47 | 47 | ||
48 | RCSID("$Id: entropy.c,v 1.46 2003/08/25 01:16:21 mouring Exp $"); | 48 | RCSID("$Id: entropy.c,v 1.48 2003/11/21 12:56:47 djm Exp $"); |
49 | 49 | ||
50 | #ifndef OPENSSL_PRNG_ONLY | 50 | #ifndef OPENSSL_PRNG_ONLY |
51 | #define RANDOM_SEED_SIZE 48 | 51 | #define RANDOM_SEED_SIZE 48 |
@@ -86,16 +86,16 @@ seed_rng(void) | |||
86 | close(p[1]); | 86 | close(p[1]); |
87 | close(devnull); | 87 | close(devnull); |
88 | 88 | ||
89 | if (original_uid != original_euid && | 89 | if (original_uid != original_euid && |
90 | ( seteuid(getuid()) == -1 || | 90 | ( seteuid(getuid()) == -1 || |
91 | setuid(original_uid) == -1) ) { | 91 | setuid(original_uid) == -1) ) { |
92 | fprintf(stderr, "(rand child) setuid(%li): %s\n", | 92 | fprintf(stderr, "(rand child) setuid(%li): %s\n", |
93 | (long int)original_uid, strerror(errno)); | 93 | (long int)original_uid, strerror(errno)); |
94 | _exit(1); | 94 | _exit(1); |
95 | } | 95 | } |
96 | 96 | ||
97 | execl(SSH_RAND_HELPER, "ssh-rand-helper", NULL); | 97 | execl(SSH_RAND_HELPER, "ssh-rand-helper", NULL); |
98 | fprintf(stderr, "(rand child) Couldn't exec '%s': %s\n", | 98 | fprintf(stderr, "(rand child) Couldn't exec '%s': %s\n", |
99 | SSH_RAND_HELPER, strerror(errno)); | 99 | SSH_RAND_HELPER, strerror(errno)); |
100 | _exit(1); | 100 | _exit(1); |
101 | } | 101 | } |
@@ -114,12 +114,12 @@ seed_rng(void) | |||
114 | close(p[0]); | 114 | close(p[0]); |
115 | 115 | ||
116 | if (waitpid(pid, &ret, 0) == -1) | 116 | if (waitpid(pid, &ret, 0) == -1) |
117 | fatal("Couldn't wait for ssh-rand-helper completion: %s", | 117 | fatal("Couldn't wait for ssh-rand-helper completion: %s", |
118 | strerror(errno)); | 118 | strerror(errno)); |
119 | signal(SIGCHLD, old_sigchld); | 119 | signal(SIGCHLD, old_sigchld); |
120 | 120 | ||
121 | /* We don't mind if the child exits upon a SIGPIPE */ | 121 | /* We don't mind if the child exits upon a SIGPIPE */ |
122 | if (!WIFEXITED(ret) && | 122 | if (!WIFEXITED(ret) && |
123 | (!WIFSIGNALED(ret) || WTERMSIG(ret) != SIGPIPE)) | 123 | (!WIFSIGNALED(ret) || WTERMSIG(ret) != SIGPIPE)) |
124 | fatal("ssh-rand-helper terminated abnormally"); | 124 | fatal("ssh-rand-helper terminated abnormally"); |
125 | if (WEXITSTATUS(ret) != 0) | 125 | if (WEXITSTATUS(ret) != 0) |
@@ -134,7 +134,7 @@ seed_rng(void) | |||
134 | } | 134 | } |
135 | 135 | ||
136 | void | 136 | void |
137 | init_rng(void) | 137 | init_rng(void) |
138 | { | 138 | { |
139 | /* | 139 | /* |
140 | * OpenSSL version numbers: MNNFFPPS: major minor fix patch status | 140 | * OpenSSL version numbers: MNNFFPPS: major minor fix patch status |