diff options
author | dtucker <dtucker> | 2005-09-27 12:46:32 +0000 |
---|---|---|
committer | dtucker <dtucker> | 2005-09-27 12:46:32 +0000 |
commit | 7f373770ff6c5da00c845d4f0bb2ad2d8324ae4a (patch) | |
tree | e71c04395f778bdf9195a792213bddf280cc99e9 /sshd.c | |
parent | 64756ef6b0b7aaa5c67f8ba6db57b832fde90a0c (diff) | |
download | openssh-7f373770ff6c5da00c845d4f0bb2ad2d8324ae4a.tar.gz |
- (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
process when sshd relies on ssh-random-helper. Should result in faster
logins on systems without a real random device or prngd. ok djm@
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 14 |
1 files changed, 12 insertions, 2 deletions
@@ -800,6 +800,7 @@ send_rexec_state(int fd, Buffer *conf) * bignum iqmp " * bignum p " * bignum q " + * string rngseed (only if OpenSSL is not self-seeded) */ buffer_init(&m); buffer_put_cstring(&m, buffer_ptr(conf)); @@ -816,6 +817,10 @@ send_rexec_state(int fd, Buffer *conf) } else buffer_put_int(&m, 0); +#ifndef OPENSSL_PRNG_ONLY + rexec_send_rng_seed(&m); +#endif + if (ssh_msg_send(fd, 0, &m) == -1) fatal("%s: ssh_msg_send failed", __func__); @@ -858,6 +863,11 @@ recv_rexec_state(int fd, Buffer *conf) rsa_generate_additional_parameters( sensitive_data.server_key->rsa); } + +#ifndef OPENSSL_PRNG_ONLY + rexec_recv_rng_seed(&m); +#endif + buffer_free(&m); debug3("%s: done", __func__); @@ -1051,8 +1061,6 @@ main(int ac, char **av) drop_cray_privs(); #endif - seed_rng(); - sensitive_data.server_key = NULL; sensitive_data.ssh1_host_key = NULL; sensitive_data.have_ssh1_key = 0; @@ -1071,6 +1079,8 @@ main(int ac, char **av) if (!rexec_flag) buffer_free(&cfg); + seed_rng(); + /* Fill in default values for those options not explicitly set. */ fill_default_server_options(&options); |