From 6c21c51c487ec31ceb5b81b536c9516c5f20b5b0 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 22 Jan 2002 21:57:53 +1100 Subject: - (djm) autoconf hacking: - We don't support --without-zlib currently, so don't allow it. - Rework cryptographic random number support detection. We now detect whether OpenSSL seeds itself. If it does, then we don't bother with the ssh-rand-helper program. You can force the use of ssh-rand-helper using the --with-rand-helper configure argument - Simplify and clean up ssh-rand-helper configuration --- ChangeLog | 11 ++- Makefile.in | 7 +- acconfig.h | 8 +- configure.ac | 306 +++++++++++++++++++++++++++++++---------------------------- entropy.c | 15 ++- 5 files changed, 191 insertions(+), 156 deletions(-) diff --git a/ChangeLog b/ChangeLog index 731337317..7b58218cb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +20020122 + - (djm) autoconf hacking: + - We don't support --without-zlib currently, so don't allow it. + - Rework cryptographic random number support detection. We now detect + whether OpenSSL seeds itself. If it does, then we don't bother with + the ssh-rand-helper program. You can force the use of ssh-rand-helper + using the --with-rand-helper configure argument + - Simplify and clean up ssh-rand-helper configuration + 20020121 - (djm) Rework ssh-rand-helper: - Reduce quantity of ifdef code, in preparation for ssh_rand_conf @@ -7144,4 +7153,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1721 2002/01/21 12:44:12 djm Exp $ +$Id: ChangeLog,v 1.1722 2002/01/22 10:57:53 djm Exp $ diff --git a/Makefile.in b/Makefile.in index 287b5ab1b..58bf424b5 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.192 2001/12/25 04:32:58 stevesk Exp $ +# $Id: Makefile.in,v 1.193 2002/01/22 10:57:54 djm Exp $ prefix=@prefix@ exec_prefix=@exec_prefix@ @@ -42,6 +42,7 @@ EXEEXT=@EXEEXT@ SSH_MODE= @SSHMODE@ INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@ +INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@ @NO_SFTP@SFTP_PROGS=sftp-server$(EXEEXT) sftp$(EXEEXT) @@ -201,7 +202,9 @@ install-files: scard-install $(INSTALL) -m 0755 -s ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen $(INSTALL) -m 0755 -s ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan $(INSTALL) -m 0755 -s sshd $(DESTDIR)$(sbindir)/sshd - $(INSTALL) -m 0755 -s ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper + if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \ + $(INSTALL) -m 0755 -s ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \ + fi @NO_SFTP@$(INSTALL) -m 0755 -s sftp $(DESTDIR)$(bindir)/sftp @NO_SFTP@$(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(SFTP_SERVER) $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 diff --git a/acconfig.h b/acconfig.h index 766a92687..caf30149f 100644 --- a/acconfig.h +++ b/acconfig.h @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.120 2001/12/07 17:20:48 mouring Exp $ */ +/* $Id: acconfig.h,v 1.121 2002/01/22 10:57:54 djm Exp $ */ #ifndef _CONFIG_H #define _CONFIG_H @@ -86,9 +86,6 @@ /* Define if you want IRIX kernel jobs */ #undef WITH_IRIX_JOBS -/* Location of random number pool */ -#undef RANDOM_POOL - /* Location of PRNGD/EGD random number socket */ #undef PRNGD_SOCKET @@ -326,6 +323,9 @@ /* Define if you want smartcard support */ #undef SMARTCARD +/* Define if you want to use OpenSSL's internally seeded PRNG only */ +#undef OPENSSL_PRNG_ONLY + @BOTTOM@ /* ******************* Shouldn't need to edit below this line ************** */ diff --git a/configure.ac b/configure.ac index 0ed1ddddf..9cc7dc97c 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -i# $Id: configure.ac,v 1.10 2002/01/14 08:01:06 djm Exp $ +i# $Id: configure.ac,v 1.11 2002/01/22 10:57:54 djm Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -336,6 +336,9 @@ dnl zlib is required AC_ARG_WITH(zlib, [ --with-zlib=PATH Use zlib in PATH], [ + if test "x$withval" != "xno" ; then + AC_MSG_ERROR([*** zlib is required ***]) + fi if test -d "$withval/lib"; then if test -n "${need_dash_r}"; then LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" @@ -815,6 +818,144 @@ if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt") fi + +### Configure cryptographic random number support + +# Check wheter OpenSSL seeds itself +AC_MSG_CHECKING([whether OpenSSL's PRNG is internally seeded]) +AC_TRY_RUN( + [ +#include +#include +int main(void) { return(RAND_status() == 1 ? 0 : 1); } + ], + [ + OPENSSL_SEEDS_ITSELF=yes + AC_MSG_RESULT(yes) + ], + [ + AC_MSG_RESULT(no) + # Default to use of the rand helper if OpenSSL doesn't + # seed itself + USE_RAND_HELPER=yes + ] +) + + +# Do we want to force the use of the rand helper? +AC_ARG_WITH(rand-helper, + [ --with-rand-helper Use subprocess to gather strong randomness ], + [ + if test "x$withval" = "xno" ; then + # Force use of OpenSSL's internal RNG, even if + # the previous test showed it to be unseeded. + if test -z "$OPENSSL_SEEDS_ITSELF" ; then + AC_MSG_WARN([*** Forcing use of OpenSSL's non-self-seeding PRNG]) + OPENSSL_SEEDS_ITSELF=yes + USE_RAND_HELPER="" + fi + else + USE_RAND_HELPER=yes + fi + ], +) + +# Which randomness source do we use? +if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then + # OpenSSL only + AC_DEFINE(OPENSSL_PRNG_ONLY) + RAND_MSG="OpenSSL internal ONLY" + INSTALL_SSH_RAND_HELPER="" +elif test ! -z "$OPENSSL_SEEDS_ITSELF" -a ! -z "$USE_RAND_HELPER" ; then + # OpenSSL with fallback to rand helper + RAND_MSG="ssh-rand-helper" + INSTALL_SSH_RAND_HELPER="yes" +fi +AC_SUBST(INSTALL_SSH_RAND_HELPER) + +### Configuration of ssh-rand-helper + +# PRNGD TCP socket +AC_ARG_WITH(prngd-port, + [ --with-prngd-port=PORT read entropy from PRNGD/EGD TCP localhost:PORT], + [ + if test ! -z "$withval" -a "x$withval" != "xno" ; then + PRNGD_PORT="$withval" + AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT) + fi + ] +) + +# PRNGD Unix domain socket +AC_ARG_WITH(prngd-socket, + [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], + [ + if test -z "$withval" ; then + withval="/var/run/egd-pool" + fi + if test "x$withval" != "xno" ; then + if test ! -z "$PRNGD_PORT" ; then + AC_MSG_ERROR(You may not specify both a PRNGD/EGD port and socket) + fi + if ! echo "$withval" | grep -q '^/' ; then + AC_MSG_ERROR(You must specify an absolute path to the entropy socket) + fi + if ! test -r "$withval" ; then + AC_MSG_WARN(Entropy socket is not readable) + fi + PRNGD_SOCKET="$withval" + AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") + fi + ] +) + +# Change default command timeout for hashing entropy source +entropy_timeout=200 +AC_ARG_WITH(entropy-timeout, + [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], + [ + if test "x$withval" != "xno" ; then + entropy_timeout=$withval + fi + ] +) + +AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout) + +# These programs are used by the command hashing source to gather entropy +OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) +OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) +OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) +OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) +OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) +OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) +OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) +OSSH_PATH_ENTROPY_PROG(PROG_W, w) +OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) +OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) +OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) +OSSH_PATH_ENTROPY_PROG(PROG_DF, df) +OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) +OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) +OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) +OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) + +# Where does ssh-rand-helper get its randomness from? +INSTALL_SSH_PRNG_CMDS="" +if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then + if test ! -z "$PRNGD_PORT" ; then + RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT" + elif test ! -z "$PRNGD_SOCKET" ; then + RAND_HELPER_MSG="Unix domain socket \"$PRNGD_SOCKET\"" + else + RAND_HELPER_MSG="Command hashing (timeout $entropy_timeout)" + RAND_HELPER_CMDHASH=yes + INSTALL_SSH_PRNG_CMDS="yes" + fi +fi +AC_SUBST(INSTALL_SSH_PRNG_CMDS) + + # Cheap hack to ensure NEWS-OS libraries are arranged right. if test ! -z "$SONY" ; then LIBS="$LIBS -liberty"; @@ -1531,109 +1672,6 @@ AC_CHECK_FILE("/dev/ptc", ) # Options from here on. Some of these are preset by platform above - -# Check for user-specified random device, otherwise check /dev/urandom -AC_ARG_WITH(random, - [ --with-random=FILE read entropy from FILE (default=/dev/urandom)], - [ - if test "x$withval" != "xno" ; then - RANDOM_POOL="$withval"; - if ! echo "$RANDOM_POOL" | grep -q '^/' ; then - AC_MSG_ERROR(You must specify an absolute path to the random device) - fi - if ! test -r "$RANDOM_POOL" ; then - AC_MSG_WARN(Random device is not readable) - fi - AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL") - fi - ], - [ - # Check for random device - AC_CHECK_FILE("/dev/urandom", - [ - RANDOM_POOL="/dev/urandom"; - AC_SUBST(RANDOM_POOL) - AC_DEFINE_UNQUOTED(RANDOM_POOL, "$RANDOM_POOL") - ] - ) - ] -) - -# Check for PRNGD/EGD pool file -AC_ARG_WITH(prngd-port, - [ --with-prngd-port=PORT read entropy from PRNGD/EGD localhost:PORT], - [ - if test ! -z "$withval" -a "x$withval" != "xno" ; then - PRNGD_PORT="$withval" - AC_DEFINE_UNQUOTED(PRNGD_PORT, $PRNGD_PORT) - fi - ] -) - -# Check for PRNGD/EGD pool file -AC_ARG_WITH(prngd-socket, - [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], - [ - if test "x$withval" != "xno" ; then - PRNGD_SOCKET="$withval" - if echo "$PRNGD_SOCKET" | grep -q '^/' ; then - AC_MSG_ERROR(You must specify an absolute path to the entropy socket) - fi - if ! test -r "$PRNGD_SOCKET" ; then - AC_MSG_WARN(Entropy socket is not readable) - fi - AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") - fi - ], - [ - # Check for existing socket only if we don't have a random device already - if test -z "$RANDOM_POOL" ; then - AC_MSG_CHECKING(for PRNGD/EGD socket) - # Insert other locations here - for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do - if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then - PRNGD_SOCKET="$sock" - AC_DEFINE_UNQUOTED(PRNGD_SOCKET, "$PRNGD_SOCKET") - break; - fi - done - if test ! -z "$PRNGD_SOCKET" ; then - AC_MSG_RESULT($PRNGD_SOCKET) - else - AC_MSG_RESULT(not found) - fi - fi - ] -) - - -# detect pathnames for entropy gathering commands, if we need them -INSTALL_SSH_PRNG_CMDS="" -rm -f prng_commands -if (test -z "$RANDOM_POOL" && test -z "$PRNGD") ; then - INSTALL_SSH_PRNG_CMDS="yes" -fi -AC_SUBST(INSTALL_SSH_PRNG_CMDS) - -# These programs are used to gather entropy from -OSSH_PATH_ENTROPY_PROG(PROG_LS, ls) -OSSH_PATH_ENTROPY_PROG(PROG_NETSTAT, netstat) -OSSH_PATH_ENTROPY_PROG(PROG_ARP, arp) -OSSH_PATH_ENTROPY_PROG(PROG_IFCONFIG, ifconfig) -OSSH_PATH_ENTROPY_PROG(PROG_JSTAT, jstat) -OSSH_PATH_ENTROPY_PROG(PROG_PS, ps) -OSSH_PATH_ENTROPY_PROG(PROG_SAR, sar) -OSSH_PATH_ENTROPY_PROG(PROG_W, w) -OSSH_PATH_ENTROPY_PROG(PROG_WHO, who) -OSSH_PATH_ENTROPY_PROG(PROG_LAST, last) -OSSH_PATH_ENTROPY_PROG(PROG_LASTLOG, lastlog) -OSSH_PATH_ENTROPY_PROG(PROG_DF, df) -OSSH_PATH_ENTROPY_PROG(PROG_VMSTAT, vmstat) -OSSH_PATH_ENTROPY_PROG(PROG_UPTIME, uptime) -OSSH_PATH_ENTROPY_PROG(PROG_IPCS, ipcs) -OSSH_PATH_ENTROPY_PROG(PROG_TAIL, tail) - - AC_ARG_WITH(mantype, [ --with-mantype=man|cat|doc Set man page type], [ @@ -1825,12 +1863,13 @@ AC_ARG_WITH(4in6, ) # Whether to enable BSD auth support +BSD_AUTH_MSG=no AC_ARG_WITH(bsd-auth, [ --with-bsd-auth Enable BSD auth support], [ if test "x$withval" != "xno" ; then AC_DEFINE(BSD_AUTH) - bsd_auth=yes + BSD_AUTH_MSG=yes fi ] ) @@ -2097,44 +2136,17 @@ else fi -# Change default command timeout for builtin PRNG -entropy_timeout=200 -AC_ARG_WITH(entropy-timeout, - [ --with-entropy-timeout Specify entropy gathering command timeout (msec)], - [ - if test "x$withval" != "xno" ; then - entropy_timeout=$withval - fi - ] -) -AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout) - - if test ! -z "$blibpath" ; then LDFLAGS="$LDFLAGS -blibpath:$blibpath" AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile]) fi AC_EXEEXT - AC_CONFIG_FILES([Makefile openbsd-compat/Makefile scard/Makefile ssh_prng_cmds]) AC_OUTPUT # Print summary of options -if test ! -z "$RANDOM_POOL" ; then - RAND_MSG="Device ($RANDOM_POOL)" -else - if test ! -z "$PRNGD_PORT" ; then - RAND_MSG="PRNGD/EGD (port localhost:$PRNGD_PORT)" - elif test ! -z "$PRNGD_SOCKET" ; then - RAND_MSG="PRNGD/EGD (socket $PRNGD_SOCKET)" - else - RAND_MSG="Builtin (timeout $entropy_timeout)" - BUILTIN_RNG=1 - fi -fi - # Someone please show me a better way :) A=`eval echo ${prefix}` ; A=`eval echo ${A}` B=`eval echo ${bindir}` ; B=`eval echo ${B}` @@ -2154,7 +2166,6 @@ echo " Askpass program: $E" echo " Manual pages: $F" echo " PID file: $G" echo " sshd default user PATH: $H" -echo " Random number collection: $RAND_MSG" echo " Manpage format: $MANTYPE" echo " PAM support: ${PAM_MSG}" echo " KerberosIV support: $KRB4_MSG" @@ -2166,9 +2177,10 @@ echo " MD5 password support: $MD5_MSG" echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" echo " Use IPv4 by default hack: $IPV4_HACK_MSG" echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" - -if test ! -z "$bsd_auth"; then - echo " BSD Auth support: yes" +echo " BSD Auth support: $BSD_AUTH_MSG" +echo " Random number source: $RAND_MSG" +if test ! -z "$USE_RAND_HELPER" ; then + echo " ssh-rand-helper collects from: $RAND_HELPER_MSG" fi echo "" @@ -2183,22 +2195,24 @@ echo " Libraries: ${LIBS}" echo "" if test "x$PAM_MSG" = "xyes" ; then - echo "PAM is enabled. You may need to install a PAM control file for sshd," - echo "otherwise password authentication may fail. Example PAM control files" - echo "can be found in the contrib/ subdirectory" + echo "PAM is enabled. You may need to install a PAM control file " + echo "for sshd, otherwise password authentication may fail. " + echo "Example PAM control files can be found in the contrib/ " + echo "subdirectory" echo "" fi -if test ! -z "$BUILTIN_RNG" ; then - echo "WARNING: you are using the builtin random number collection service." - echo "Please read WARNING.RNG and request that your OS vendor includes" - echo "/dev/random in future versions of their OS." +if test ! -z "$NO_SFTP"; then + echo "sftp-server will be disabled. Your compiler does not " + echo "support 64bit integers." echo "" fi -if test ! -z "$NO_SFTP"; then - echo "sftp-server will be disabled. Your compiler does not support" - echo "64bit integers." +if test ! -z "$RAND_HELPER_CMDHASH" ; then + echo "WARNING: you are using the builtin random number collection " + echo "service. Please read WARNING.RNG and request that your OS " + echo "vendor includes kernel-based random number collection in " + echo "future versions of your OS." echo "" fi diff --git a/entropy.c b/entropy.c index 86ea81aa2..03591f062 100644 --- a/entropy.c +++ b/entropy.c @@ -45,15 +45,17 @@ * XXX: we should tell the child how many bytes we need. */ -#define RANDOM_SEED_SIZE 48 - -RCSID("$Id: entropy.c,v 1.39 2001/12/23 14:41:48 djm Exp $"); +RCSID("$Id: entropy.c,v 1.40 2002/01/22 10:57:54 djm Exp $"); +#ifndef OPENSSL_PRNG_ONLY +#define RANDOM_SEED_SIZE 48 static uid_t original_uid, original_euid; +#endif void seed_rng(void) { +#ifndef OPENSSL_PRNG_ONLY int devnull; int p[2]; pid_t pid; @@ -121,6 +123,10 @@ seed_rng(void) RAND_add(buf, sizeof(buf), sizeof(buf)); memset(buf, '\0', sizeof(buf)); + +#endif /* OPENSSL_PRNG_ONLY */ + if (RAND_status() != 1) + fatal("PRNG is not seeded"); } void @@ -134,8 +140,11 @@ init_rng(void) fatal("OpenSSL version mismatch. Built against %lx, you " "have %lx", OPENSSL_VERSION_NUMBER, SSLeay()); +#ifndef OPENSSL_PRNG_ONLY if ((original_uid = getuid()) == -1) fatal("getuid: %s", strerror(errno)); if ((original_euid = geteuid()) == -1) fatal("geteuid: %s", strerror(errno)); +#endif } + -- cgit v1.2.3