[master] a8250f5 Add VRND_CryptoQuality() so we don't have /dev/random creeping in all over the place.
Poul-Henning Kamp
phk at FreeBSD.org
Mon Aug 29 09:42:09 CEST 2016
commit a8250f5511491d503fc3ccca70ac8a02c7c24364
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date: Mon Aug 29 07:40:34 2016 +0000
Add VRND_CryptoQuality() so we don't have /dev/random creeping in
all over the place.
Drop fallbacks, if your OS do not have /dev/random in 2016, it should
not have a network connection either.
diff --git a/bin/varnishd/mgt/mgt_cli.c b/bin/varnishd/mgt/mgt_cli.c
index d7b8cb0..9edac1d 100644
--- a/bin/varnishd/mgt/mgt_cli.c
+++ b/bin/varnishd/mgt/mgt_cli.c
@@ -242,9 +242,9 @@ mgt_cli_challenge(struct cli *cli)
{
int i;
- VRND_Seed();
- for (i = 0; i + 2L < sizeof cli->challenge; i++)
- cli->challenge[i] = (random() % 26) + 'a';
+ AZ(VRND_CryptoQuality(cli->challenge, sizeof cli->challenge - 2));
+ for (i = 0; i < sizeof cli->challenge - 2; i++)
+ cli->challenge[i] = (cli->challenge[i] % 26) + 'a';
cli->challenge[i++] = '\n';
cli->challenge[i] = '\0';
VCLI_Out(cli, "%s", cli->challenge);
diff --git a/bin/varnishd/mgt/mgt_main.c b/bin/varnishd/mgt/mgt_main.c
index c686967..4b33358 100644
--- a/bin/varnishd/mgt/mgt_main.c
+++ b/bin/varnishd/mgt/mgt_main.c
@@ -394,9 +394,8 @@ make_secret(const char *dirname)
{
char *fn;
int fdo;
- int i, j;
+ int i;
unsigned char b;
- int fdi;
assert(asprintf(&fn, "%s/_.secret", dirname) > 0);
@@ -406,18 +405,10 @@ make_secret(const char *dirname)
ARGV_ERR("Cannot create secret-file in %s (%s)\n",
dirname, strerror(errno));
- fdi = open("/dev/urandom", O_RDONLY);
- if (fdi < 0)
- fdi = open("/dev/random", O_RDONLY);
- if (fdi < 0)
- ARGV_ERR("No /dev/[u]random, cannot autogenerate -S file\n");
-
for (i = 0; i < 256; i++) {
- j = read(fdi, &b, 1);
- assert(j == 1);
+ AZ(VRND_CryptoQuality(&b, 1));
assert(1 == write(fdo, &b, 1));
}
- AZ(close(fdi));
AZ(close(fdo));
VJ_master(JAIL_MASTER_LOW);
AZ(atexit(mgt_secret_atexit));
diff --git a/include/vrnd.h b/include/vrnd.h
index 7cfab1d..81cac18 100644
--- a/include/vrnd.h
+++ b/include/vrnd.h
@@ -28,4 +28,5 @@
* Random functions
*/
+int VRND_CryptoQuality(void *, size_t);
void VRND_Seed(void); /* Seed random(3) properly */
diff --git a/lib/libvarnish/vrnd.c b/lib/libvarnish/vrnd.c
index 02f3970..3953a2a 100644
--- a/lib/libvarnish/vrnd.c
+++ b/lib/libvarnish/vrnd.c
@@ -40,39 +40,31 @@
#include "vtim.h"
#include "vsha256.h"
-void
-VRND_Seed(void)
+int
+VRND_CryptoQuality(void *ptr, size_t len)
{
- unsigned long seed;
- struct SHA256Context ctx;
- double d;
- pid_t p;
- unsigned char b[SHA256_LEN];
int fd;
- ssize_t sz;
+ char *p;
+ ssize_t l;
- fd = open("/dev/urandom", O_RDONLY);
+ AN(ptr);
+ fd = open("/dev/random", O_RDONLY);
if (fd < 0)
- fd = open("/dev/random", O_RDONLY);
- if (fd >= 0) {
- sz = read(fd, &seed, sizeof seed);
- AZ(close(fd));
- if (sz == sizeof seed) {
- srandom(seed);
- return;
- }
+ return (-1);
+ for (p = ptr; len > 0; len--, p++) {
+ l = read(fd, p, 1);
+ if (l != 1)
+ break;
}
+ AZ(close(fd));
+ return (len == 0 ? 0 : -1);
+}
+
+void
+VRND_Seed(void)
+{
+ unsigned long seed;
- SHA256_Init(&ctx);
- d = VTIM_mono();
- SHA256_Update(&ctx, &d, sizeof d);
- d = VTIM_real();
- SHA256_Update(&ctx, &d, sizeof d);
- p = getpid();
- SHA256_Update(&ctx, &p, sizeof p);
- p = getppid();
- SHA256_Update(&ctx, &p, sizeof p);
- SHA256_Final(b, &ctx);
- memcpy(&seed, b, sizeof seed);
+ AZ(VRND_CryptoQuality(&seed, sizeof seed));
srandom(seed);
}
More information about the varnish-commit
mailing list