From f9b625c36e3dea521c02919e90ac2ddcfd19b06a Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Sun, 9 Jul 2000 22:42:32 +1000
Subject:  - (djm) Fix pam sprintf fix  - (djm) Cleanup entropy collection code
 a little more. Split initialisation    from seeding, perform intialisation
 immediatly at start, be careful with    uids. Based on problem report from
 Jim Watt <jimw@peisj.pebio.com>

---
 ChangeLog    |  4 +++
 auth-pam.c   |  4 +--
 entropy.c    | 89 +++++++++++++++++++++++++++++++++---------------------------
 entropy.h    |  1 +
 ssh-add.c    |  2 ++
 ssh-agent.c  |  2 ++
 ssh-keygen.c |  2 ++
 ssh.c        |  2 ++
 sshd.c       |  2 ++
 9 files changed, 66 insertions(+), 42 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 20831f2e..88ae8b4a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,10 @@
    builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu>
  - (djm) Replace ut_name with ut_user. Patch from Jim Watt
    <jimw@peisj.pebio.com>
+ - (djm) Fix pam sprintf fix
+ - (djm) Cleanup entropy collection code a little more. Split initialisation
+   from seeding, perform intialisation immediatly at start, be careful with
+   uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com>
 
 20000708
  - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from 
diff --git a/auth-pam.c b/auth-pam.c
index a3067d61..852dbdc2 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -34,7 +34,7 @@
 #include "xmalloc.h"
 #include "servconf.h"
 
-RCSID("$Id: auth-pam.c,v 1.10 2000/07/09 11:21:52 djm Exp $");
+RCSID("$Id: auth-pam.c,v 1.11 2000/07/09 12:42:33 djm Exp $");
 
 #define NEW_AUTHTOK_MSG \
 	"Warning: You password has expired, please change it now"
@@ -279,7 +279,7 @@ char **fetch_pam_environment(void)
 void print_pam_messages(void)
 {
 	if (pam_msg != NULL)
-		fputs(stderr, pam_msg);
+		fputs(pam_msg, stderr);
 }
 
 /* Append a message to the PAM message buffer */
diff --git a/entropy.c b/entropy.c
index d8eba654..84276099 100644
--- a/entropy.c
+++ b/entropy.c
@@ -35,7 +35,7 @@
 #include <openssl/rand.h>
 #include <openssl/sha.h>
 
-RCSID("$Id: entropy.c,v 1.16 2000/06/26 03:55:31 djm Exp $");
+RCSID("$Id: entropy.c,v 1.17 2000/07/09 12:42:33 djm Exp $");
 
 #ifndef offsetof
 # define offsetof(type, member) ((size_t) &((type *)0)->member)
@@ -168,6 +168,9 @@ seed_rng(void)
 	memset(buf, '\0', sizeof(buf));
 }
 
+/* No-op */
+void init_rng(void) {}
+
 #else /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */
 
 /* 
@@ -180,9 +183,9 @@ seed_rng(void)
 /* static int entropy_timeout_default = ENTROPY_TIMEOUT_MSEC; */
 static int entropy_timeout_current = ENTROPY_TIMEOUT_MSEC;
 
-static int prng_seed_loaded = 0;
 static int prng_seed_saved = 0;
-static int prng_commands_loaded = 0;
+static int prng_initialised = 0;
+uid_t original_uid;
 
 typedef struct
 {
@@ -395,10 +398,10 @@ hash_output_from_command(entropy_source_t *src, char *hash)
 			close(p[1]);
 			close(devnull);
 
+			setuid(original_uid);
 			execv(src->path, (char**)(src->args));
 			debug("(child) Couldn't exec '%s': %s", src->cmdstring,
 			      strerror(errno));
-			src->badness = src->sticky_badness = 128;
 			_exit(-1);
 		default: /* Parent */
 			break;
@@ -432,38 +435,36 @@ hash_output_from_command(entropy_source_t *src, char *hash)
 
 		ret = select(p[0]+1, &rdset, NULL, NULL, &tv);
 
+		RAND_add(&tv, sizeof(tv), 0.0);
+
 		switch (ret) {
 		case 0:
 			/* timer expired */
 			error_abort = 1;
 			break;
-			
 		case 1:
 			/* command input */
 			bytes_read = read(p[0], buf, sizeof(buf));
+			RAND_add(&bytes_read, sizeof(&bytes_read), 0.0);
 			if (bytes_read == -1) {
 				error_abort = 1;
 				break;
-			}
-			if (bytes_read) {
+			} else if (bytes_read) {
 				SHA1_Update(&sha, buf, bytes_read);
 				total_bytes_read += bytes_read;
-				RAND_add(&bytes_read, sizeof(&bytes_read), 0.0);
-			} else
+			} else {
 				cmd_eof = 1;
-
+			}
 			break;
-
 		case -1:
 		default:
+			/* error */
 			debug("Command '%s': select() failed: %s", src->cmdstring,
 			      strerror(errno));
 			error_abort = 1;
 			break;
-		} /* switch ret */
-
-		RAND_add(&tv, sizeof(&tv), 0.0);
-	} /* while !error_abort && !cmd_eof */
+		}
+	}
 
 	SHA1_Final(hash, &sha);
 
@@ -533,7 +534,7 @@ prng_check_seedfile(char *filename) {
 		fatal("PRNG seedfile %.100s is not a regular file", filename);
 
 	/* mode 0600, owned by root or the current user? */
-	if (((st.st_mode & 0177) != 0) || !(st.st_uid == getuid()))
+	if (((st.st_mode & 0177) != 0) || !(st.st_uid == original_uid))
 		fatal("PRNG seedfile %.100s must be mode 0600, owned by uid %d",
 			 filename, getuid());
 
@@ -551,12 +552,14 @@ prng_write_seedfile(void) {
 	if (prng_seed_saved)
 		return;
 	
+	setuid(original_uid);
+	
 	prng_seed_saved = 1;
 	
-	pw = getpwuid(getuid());
+	pw = getpwuid(original_uid);
 	if (pw == NULL)
 		fatal("Couldn't get password entry for current user (%i): %s", 
-			getuid(), strerror(errno));
+			original_uid, strerror(errno));
 				
 	/* Try to ensure that the parent directory is there */
 	snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, 
@@ -591,10 +594,10 @@ prng_read_seedfile(void) {
 	char filename[1024];
 	struct passwd *pw;
 	
-	pw = getpwuid(getuid());
+	pw = getpwuid(original_uid);
 	if (pw == NULL)
 		fatal("Couldn't get password entry for current user (%i): %s", 
-			getuid(), strerror(errno));
+			original_uid, strerror(errno));
 			
 	snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, 
 		SSH_PRNG_SEED_FILE);
@@ -755,7 +758,7 @@ prng_read_commands(char *cmdfilename)
 	/* trim to size */
 	entropy_sources = xrealloc(entcmd, (cur_cmd+1) * sizeof(entropy_source_t));
 
-	debug("loaded %d entropy commands from %.100s", cur_cmd, cmdfilename);
+	debug("Loaded %d entropy commands from %.100s", cur_cmd, cmdfilename);
 
 	return (cur_cmd >= MIN_ENTROPY_SOURCES);
 }
@@ -777,35 +780,41 @@ void
 seed_rng(void)
 {
 	void *old_sigchld_handler;
-	
-	if (!prng_commands_loaded) {
-		if (!prng_read_commands(SSH_PRNG_COMMAND_FILE))
-			fatal("PRNG initialisation failed -- exiting.");
-		prng_commands_loaded = 1;
-	}
 
+	if (!prng_initialised)
+		fatal("RNG not initialised");
+	
 	/* Make sure some other sigchld handler doesn't reap our entropy */
 	/* commands */
 	old_sigchld_handler = signal(SIGCHLD, SIG_DFL);
 
-	debug("Seeding random number generator.");
-	debug("OpenSSL random status is now %i\n", RAND_status());
-	debug("%i bytes from system calls", (int)stir_from_system());
-	debug("%i bytes from programs", (int)stir_from_programs());
-	debug("OpenSSL random status is now %i\n", RAND_status());
+	debug("Seeded RNG with %i bytes from programs", (int)stir_from_programs());
+	debug("Seeded RNG with %i bytes from system calls", (int)stir_from_system());
+
+	if (!RAND_status())
+		fatal("Not enough entropy in RNG");
 
 	signal(SIGCHLD, old_sigchld_handler);
 
 	if (!RAND_status())
 		fatal("Couldn't initialise builtin random number generator -- exiting.");
+}
 
-	if (!prng_seed_loaded)
-	{
-		prng_seed_loaded = 1;
-		prng_seed_saved = 0;		
-		prng_read_seedfile();
-		fatal_add_cleanup(prng_seed_cleanup, NULL);
-		atexit(prng_write_seedfile);
-	}
+void init_rng(void) 
+{
+	original_uid = getuid();
+
+	/* Read in collection commands */
+	if (!prng_read_commands(SSH_PRNG_COMMAND_FILE))
+		fatal("PRNG initialisation failed -- exiting.");
+
+	/* Set ourselves up to save a seed upon exit */
+	prng_seed_saved = 0;		
+	prng_read_seedfile();
+	fatal_add_cleanup(prng_seed_cleanup, NULL);
+	atexit(prng_write_seedfile);
+
+	prng_initialised = 1;
 }
+
 #endif /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */
diff --git a/entropy.h b/entropy.h
index ec425a0c..a6f7bfc6 100644
--- a/entropy.h
+++ b/entropy.h
@@ -31,5 +31,6 @@
 #define _RANDOMS_H
 
 void seed_rng(void);
+void init_rng(void);
 
 #endif /* _RANDOMS_H */
diff --git a/ssh-add.c b/ssh-add.c
index 661e1ffa..a5d785ce 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -210,6 +210,8 @@ main(int argc, char **argv)
 	int i;
 	int deleting = 0;
 
+	init_rng();
+
 	/* check if RSA support exists */
 	if (rsa_alive() == 0) {
 		fprintf(stderr,
diff --git a/ssh-agent.c b/ssh-agent.c
index 7bfa2904..148bcff6 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -509,6 +509,8 @@ main(int ac, char **av)
 	char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
 	extern int optind;
 
+	init_rng();
+
 	/* check if RSA support exists */
 	if (rsa_alive() == 0) {
 		fprintf(stderr,
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 4b89c15e..dbd0443f 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -520,6 +520,8 @@ main(int ac, char **av)
 	extern int optind;
 	extern char *optarg;
 
+	init_rng();
+
 	SSLeay_add_all_algorithms();
 
 	/* we need this for the home * directory.  */
diff --git a/ssh.c b/ssh.c
index f9742dc8..be2ba446 100644
--- a/ssh.c
+++ b/ssh.c
@@ -206,6 +206,8 @@ main(int ac, char **av)
 	int dummy;
 	uid_t original_effective_uid;
 
+	init_rng();
+
 	/*
 	 * Save the original real uid.  It will be needed later (uid-swapping
 	 * may clobber the real uid).
diff --git a/sshd.c b/sshd.c
index a4749fbe..93d68404 100644
--- a/sshd.c
+++ b/sshd.c
@@ -422,6 +422,8 @@ main(int ac, char **av)
 	char ntop[NI_MAXHOST], strport[NI_MAXSERV];
 	int listen_sock, maxfd;
 
+	init_rng();
+
 	/* Save argv[0]. */
 	saved_argc = ac;
 	saved_argv = av;
-- 
cgit v1.2.3