diff options
author | Nick Mathewson <nickm@torproject.org> | 2013-08-06 17:29:34 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2013-08-06 17:29:34 -0400 |
commit | f391b0030c9a3a62e5c4a4d00e35b7f9665db1a7 (patch) | |
tree | 4d0b70e3f93abafe6749abb378c50b72c7b88f5a | |
parent | e639a9e10fe4555c035830ce171db9259bebddaf (diff) | |
parent | 2bbb5d7612d3f9f12acb02e15127e676ff35d669 (diff) | |
download | libevent-f391b0030c9a3a62e5c4a4d00e35b7f9665db1a7.tar.gz |
Merge remote-tracking branch 'origin/patches-2.0'
Conflicts:
arc4random.c
-rw-r--r-- | arc4random.c | 40 | ||||
-rw-r--r-- | evutil_rand.c | 17 | ||||
-rw-r--r-- | include/event2/util.h | 14 |
3 files changed, 57 insertions, 14 deletions
diff --git a/arc4random.c b/arc4random.c index 8a6c3d24..016cae66 100644 --- a/arc4random.c +++ b/arc4random.c @@ -294,6 +294,27 @@ arc4_seed_proc_sys_kernel_random_uuid(void) #ifndef _WIN32 #define TRY_SEED_URANDOM +static char *arc4random_urandom_filename = NULL; + +static int arc4_seed_urandom_helper_(const char *fname) +{ + unsigned char buf[ADD_ENTROPY]; + int fd; + size_t n; + + fd = evutil_open_closeonexec_(fname, O_RDONLY, 0); + if (fd<0) + return -1; + n = read_all(fd, buf, sizeof(buf)); + close(fd); + if (n != sizeof(buf)) + return -1; + arc4_addrandom(buf, sizeof(buf)); + memset(buf, 0, sizeof(buf)); + arc4_seeded_ok = 1; + return 0; +} + static int arc4_seed_urandom(void) { @@ -301,22 +322,13 @@ arc4_seed_urandom(void) static const char *filenames[] = { "/dev/srandom", "/dev/urandom", "/dev/random", NULL }; - unsigned char buf[ADD_ENTROPY]; - int fd, i; - size_t n; + int i; + if (arc4random_urandom_filename) + return arc4_seed_urandom_helper_(arc4random_urandom_filename); for (i = 0; filenames[i]; ++i) { - fd = evutil_open_closeonexec_(filenames[i], O_RDONLY, 0); - if (fd<0) - continue; - n = read_all(fd, buf, sizeof(buf)); - close(fd); - if (n != sizeof(buf)) - return -1; - arc4_addrandom(buf, sizeof(buf)); - memset(buf, 0, sizeof(buf)); - arc4_seeded_ok = 1; - return 0; + if (arc4_seed_urandom_helper_(filenames[i]) == 0) + return 0; } return -1; diff --git a/evutil_rand.c b/evutil_rand.c index 38814e4c..584d9495 100644 --- a/evutil_rand.c +++ b/evutil_rand.c @@ -44,6 +44,12 @@ #include <stdlib.h> #include <string.h> int +evutil_secure_rng_set_urandom_device_file(char *fname) +{ + (void) fname; + return -1; +} +int evutil_secure_rng_init(void) { /* call arc4random() now to force it to self-initialize */ @@ -145,6 +151,17 @@ evutil_free_secure_rng_globals_locks(void) } int +evutil_secure_rng_set_urandom_device_file(char *fname) +{ +#ifdef TRY_SEED_URANDOM + _ARC4_LOCK(); + arc4random_urandom_filename = fname; + _ARC4_UNLOCK(); +#endif + return 0; +} + +int evutil_secure_rng_init(void) { int val; diff --git a/include/event2/util.h b/include/event2/util.h index a9cc5624..2a24566c 100644 --- a/include/event2/util.h +++ b/include/event2/util.h @@ -704,6 +704,20 @@ void evutil_secure_rng_get_bytes(void *buf, size_t n); */ int evutil_secure_rng_init(void); +/** + * Set a filename to use in place of /dev/urandom for seeding the secure + * PRNG. Return 0 on success, -1 on failure. + * + * Call this function BEFORE calling any other initialization or . + * + * (This string will _NOT_ be copied internally. Do not free it while any + * user of the secure RNG might be running. Don't pass anything other than a + * real /dev/...random device file here, or you might lose security.) + * + * This API is unstable, and might change in a future libevent version. + */ +int evutil_secure_rng_set_urandom_device_file(char *fname); + /** Seed the random number generator with extra random bytes. You should almost never need to call this function; it should be |