cuberite/libevent
1
0
Fork 0
mirror of https://github.com/cuberite/libevent.git synced 2025-09-18 00:36:49 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/patches-2.0'

Browse Source 
Conflicts:
	arc4random.c
This commit is contained in:
Nick Mathewson 2013-08-06 17:29:34 -04:00
commit f391b0030c
3 changed files with 57 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
arc4random.c
View File

@ -294,21 +294,17 @@ arc4_seed_proc_sys_kernel_random_uuid(void)
#ifndef _WIN32 #ifndef _WIN32
#define TRY_SEED_URANDOM #define TRY_SEED_URANDOM
static int static char *arc4random_urandom_filename = NULL;
arc4_seed_urandom(void)
static int arc4_seed_urandom_helper_(const char *fname)
{ {
/* This is adapted from Tor's crypto_seed_rng() */
static const char *filenames[] = {
"/dev/srandom", "/dev/urandom", "/dev/random", NULL
};
unsigned char buf[ADD_ENTROPY]; unsigned char buf[ADD_ENTROPY];
int fd, i; int fd;
size_t n; size_t n;
for (i = 0; filenames[i]; ++i) { fd = evutil_open_closeonexec_(fname, O_RDONLY, 0);
fd = evutil_open_closeonexec_(filenames[i], O_RDONLY, 0);
if (fd<0) if (fd<0)
continue; return -1;
n = read_all(fd, buf, sizeof(buf)); n = read_all(fd, buf, sizeof(buf));
close(fd); close(fd);
if (n != sizeof(buf)) if (n != sizeof(buf))
@ -319,6 +315,22 @@ arc4_seed_urandom(void)
return 0; return 0;
} }
static int
arc4_seed_urandom(void)
{
/* This is adapted from Tor's crypto_seed_rng() */
static const char *filenames[] = {
"/dev/srandom", "/dev/urandom", "/dev/random", NULL
};
int i;
if (arc4random_urandom_filename)
return arc4_seed_urandom_helper_(arc4random_urandom_filename);
for (i = 0; filenames[i]; ++i) {
if (arc4_seed_urandom_helper_(filenames[i]) == 0)
return 0;
}
return -1; return -1;
} }
#endif #endif

17
evutil_rand.c
View File

@ -44,6 +44,12 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
int int
evutil_secure_rng_set_urandom_device_file(char *fname)
{
(void) fname;
return -1;
}
int
evutil_secure_rng_init(void) evutil_secure_rng_init(void)
{ {
/* call arc4random() now to force it to self-initialize */ /* call arc4random() now to force it to self-initialize */
@ -144,6 +150,17 @@ evutil_free_secure_rng_globals_locks(void)
return; return;
} }
int
evutil_secure_rng_set_urandom_device_file(char *fname)
{
#ifdef TRY_SEED_URANDOM
_ARC4_LOCK();
arc4random_urandom_filename = fname;
_ARC4_UNLOCK();
#endif
return 0;
}
int int
evutil_secure_rng_init(void) evutil_secure_rng_init(void)
{ {

14
include/event2/util.h
View File

@ -704,6 +704,20 @@ void evutil_secure_rng_get_bytes(void *buf, size_t n);
*/ */
int evutil_secure_rng_init(void); int evutil_secure_rng_init(void);
/**
* Set a filename to use in place of /dev/urandom for seeding the secure
* PRNG. Return 0 on success, -1 on failure.
*
* Call this function BEFORE calling any other initialization or .
*
* (This string will _NOT_ be copied internally. Do not free it while any
* user of the secure RNG might be running. Don't pass anything other than a
* real /dev/...random device file here, or you might lose security.)
*
* This API is unstable, and might change in a future libevent version.
*/
int evutil_secure_rng_set_urandom_device_file(char *fname);
/** Seed the random number generator with extra random bytes. /** Seed the random number generator with extra random bytes.
You should almost never need to call this function; it should be You should almost never need to call this function; it should be