- (djm) Seed PRNG at startup, rather than waiting for arc4random calls to

do it implicitly.
author: Damien Miller <djm@mindrot.org> 2001-03-19 09:38:15 +1100
committer: Damien Miller <djm@mindrot.org> 2001-03-19 09:38:15 +1100
commit: 60bc51735643baa1b7fb237ea56303fed454dadb (patch)
tree: 8ece761df99755046be27984f4ea8dcbca1d99d5
parent: b399be4436914e23dd066482a371e068f2724f5c (diff)
7 files changed, 40 insertions, 22 deletions
diff --git a/ChangeLog b/ChangeLog
index cddb4b3d..7d344e64 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20010319
+ - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to 
+   do it implicitly.
+
 20010318
  - (bal) Fixed scp type casing issue which causes "scp: protocol error: 
    size not delimited" fatal errors when tranfering.
@@ -4596,4 +4600,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.971 2001/03/18 02:43:16 tim Exp $
+$Id: ChangeLog,v 1.972 2001/03/18 22:38:15 djm Exp $
diff --git a/entropy.c b/entropy.c
index 665f7732..8bd540dc 100644
--- a/entropy.c
+++ b/entropy.c
@@ -40,7 +40,7 @@
 #include "pathnames.h"
 #include "log.h"
 
-RCSID("$Id: entropy.c,v 1.35 2001/03/03 13:29:21 djm Exp $");
+RCSID("$Id: entropy.c,v 1.36 2001/03/18 22:38:16 djm Exp $");
 
 #ifndef offsetof
 # define offsetof(type, member) ((size_t) &((type *)0)->member)
@@ -68,7 +68,8 @@ RCSID("$Id: entropy.c,v 1.35 2001/03/03 13:29:21 djm Exp $");
 # define SAVED_IDS_WORK_WITH_SETEUID
 #endif
 
-void check_openssl_version(void) 
+void
+check_openssl_version(void) 
 {
 	if (SSLeay() != OPENSSL_VERSION_NUMBER)
 		fatal("OpenSSL version mismatch. Built against %lx, you "
@@ -83,7 +84,8 @@ void check_openssl_version(void)
 
 #ifdef USE_PRNGD
 /* Collect entropy from PRNGD/EGD */
-int get_random_bytes(unsigned char *buf, int len)
+int
+get_random_bytes(unsigned char *buf, int len)
 {
 	int fd;
 	char msg[2];
@@ -180,7 +182,8 @@ done:
 #else /* !USE_PRNGD */
 #ifdef RANDOM_POOL
 /* Collect entropy from /dev/urandom or pipe */
-int get_random_bytes(unsigned char *buf, int len)
+int
+get_random_bytes(unsigned char *buf, int len)
 {
 	int random_pool;
 
@@ -226,7 +229,8 @@ seed_rng(void)
 	memset(buf, '\0', sizeof(buf));
 }
 
-void init_rng(void) 
+void
+init_rng(void) 
 {
 	check_openssl_version();
 }
@@ -403,8 +407,7 @@ stir_rusage(int who, double entropy_estimate)
 }
 
 
-static
-int
+static int
 _get_timeval_msec_difference(struct timeval *t1, struct timeval *t2) {
 	int secdiff, usecdiff;
 
@@ -842,8 +845,10 @@ seed_rng(void)
 	/* commands */
 	old_sigchld_handler = mysignal(SIGCHLD, SIG_DFL);
 
-	debug("Seeded RNG with %i bytes from programs", (int)stir_from_programs());
-	debug("Seeded RNG with %i bytes from system calls", (int)stir_from_system());
+	debug("Seeded RNG with %i bytes from programs", 
+	    (int)stir_from_programs());
+	debug("Seeded RNG with %i bytes from system calls", 
+	    (int)stir_from_system());
 
 	if (!RAND_status())
 		fatal("Not enough entropy in RNG");
@@ -854,7 +859,8 @@ seed_rng(void)
 		fatal("Couldn't initialise builtin random number generator -- exiting.");
 }
 
-void init_rng(void)
+void
+init_rng(void)
 {
 	int original_euid;
 
diff --git a/openbsd-compat/bsd-arc4random.c b/openbsd-compat/bsd-arc4random.c
index 87c7da5f..2f313070 100644
--- a/openbsd-compat/bsd-arc4random.c
+++ b/openbsd-compat/bsd-arc4random.c
@@ -24,7 +24,7 @@
 
 #include "includes.h"
 
-RCSID("$Id: bsd-arc4random.c,v 1.2 2001/02/09 01:55:36 djm Exp $");
+RCSID("$Id: bsd-arc4random.c,v 1.3 2001/03/18 22:38:16 djm Exp $");
 
 #ifndef HAVE_ARC4RANDOM
 
@@ -43,10 +43,15 @@ static RC4_KEY rc4;
 unsigned int arc4random(void)
 {
 	unsigned int r = 0;
+	static int first_time = 1;
 
-	if (rc4_ready <= 0)
+	if (rc4_ready <= 0) {
+		if (!first_time)
+			seed_rng();
+		first_time = 0;
 		arc4random_stir();
-	
+	}
+
 	RC4(&rc4, sizeof(r), (unsigned char *)&r, (unsigned char *)&r);
 
 	rc4_ready -= sizeof(r);
@@ -57,17 +62,14 @@ unsigned int arc4random(void)
 void arc4random_stir(void)
 {
 	unsigned char rand_buf[SEED_SIZE];
-	
-	memset(&rc4, 0, sizeof(rc4));
-
-	seed_rng();
 
-	RAND_bytes(rand_buf, sizeof(rand_buf));
-	
+	memset(&rc4, 0, sizeof(rc4));
+	if (!RAND_bytes(rand_buf, sizeof(rand_buf)))
+		fatal("Couldn't obtain random bytes (error %ld)",
+		    ERR_get_error());
 	RC4_set_key(&rc4, sizeof(rand_buf), rand_buf);
-
 	memset(rand_buf, 0, sizeof(rand_buf));
-	
+
 	rc4_ready = REKEY_BYTES;
 }
 #endif /* !HAVE_ARC4RANDOM */
diff --git a/ssh-agent.c b/ssh-agent.c
index 5a774d57..8c4b5397 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -740,6 +740,7 @@ main(int ac, char **av)
 
 	__progname = get_progname(av[0]);
 	init_rng();
+	seed_rng();
 
 #ifdef __GNU_LIBRARY__
 	while ((ch = getopt(ac, av, "+cks")) != -1) {
diff --git a/ssh-keygen.c b/ssh-keygen.c
index b9ea0178..086b8ad4 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -639,6 +639,7 @@ main(int ac, char **av)
 
 	__progname = get_progname(av[0]);
 	init_rng();
+	seed_rng();
 
 	SSLeay_add_all_algorithms();
 
diff --git a/ssh.c b/ssh.c
index 74a2b75a..c47d3dc0 100644
--- a/ssh.c
+++ b/ssh.c
@@ -576,6 +576,8 @@ main(int ac, char **av)
 	/* reinit */
 	log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, 1);
 
+	seed_rng();
+
 	if (options.user == NULL)
 		options.user = xstrdup(pw->pw_name);
 
diff --git a/sshd.c b/sshd.c
index 2d6cbd09..0a1048cd 100644
--- a/sshd.c
+++ b/sshd.c
@@ -687,6 +687,8 @@ main(int ac, char **av)
 	    options.log_facility == -1 ? SYSLOG_FACILITY_AUTH : options.log_facility,
 	    !inetd_flag);
 
+	seed_rng();
+
 	/* Read server configuration options from the configuration file. */
 	read_server_config(&options, config_file_name);
author	Damien Miller <djm@mindrot.org>	2001-03-19 09:38:15 +1100
committer	Damien Miller <djm@mindrot.org>	2001-03-19 09:38:15 +1100
commit	60bc51735643baa1b7fb237ea56303fed454dadb (patch)
tree	8ece761df99755046be27984f4ea8dcbca1d99d5
parent	b399be4436914e23dd066482a371e068f2724f5c (diff)