diff options
| author | Damien Miller <djm@mindrot.org> | 2002-01-22 11:57:53 +0100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2002-01-22 11:57:53 +0100 |
| commit | 6c21c51c487ec31ceb5b81b536c9516c5f20b5b0 (patch) | |
| tree | e5fba473079d684039e0d6b2f0bd393b3e1b0186 /entropy.c | |
| parent | - (djm) Rework ssh-rand-helper: (diff) | |
| download | openssh-6c21c51c487ec31ceb5b81b536c9516c5f20b5b0.tar.xz openssh-6c21c51c487ec31ceb5b81b536c9516c5f20b5b0.zip | |
- (djm) autoconf hacking:
- We don't support --without-zlib currently, so don't allow it.
- Rework cryptographic random number support detection. We now detect
whether OpenSSL seeds itself. If it does, then we don't bother with
the ssh-rand-helper program. You can force the use of ssh-rand-helper
using the --with-rand-helper configure argument
- Simplify and clean up ssh-rand-helper configuration
Diffstat (limited to 'entropy.c')
| -rw-r--r-- | entropy.c | 15 |
1 files changed, 12 insertions, 3 deletions
@@ -45,15 +45,17 @@ * XXX: we should tell the child how many bytes we need. */ -#define RANDOM_SEED_SIZE 48 - -RCSID("$Id: entropy.c,v 1.39 2001/12/23 14:41:48 djm Exp $"); +RCSID("$Id: entropy.c,v 1.40 2002/01/22 10:57:54 djm Exp $"); +#ifndef OPENSSL_PRNG_ONLY +#define RANDOM_SEED_SIZE 48 static uid_t original_uid, original_euid; +#endif void seed_rng(void) { +#ifndef OPENSSL_PRNG_ONLY int devnull; int p[2]; pid_t pid; @@ -121,6 +123,10 @@ seed_rng(void) RAND_add(buf, sizeof(buf), sizeof(buf)); memset(buf, '\0', sizeof(buf)); + +#endif /* OPENSSL_PRNG_ONLY */ + if (RAND_status() != 1) + fatal("PRNG is not seeded"); } void @@ -134,8 +140,11 @@ init_rng(void) fatal("OpenSSL version mismatch. Built against %lx, you " "have %lx", OPENSSL_VERSION_NUMBER, SSLeay()); +#ifndef OPENSSL_PRNG_ONLY if ((original_uid = getuid()) == -1) fatal("getuid: %s", strerror(errno)); if ((original_euid = geteuid()) == -1) fatal("geteuid: %s", strerror(errno)); +#endif } + |