- (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
process when sshd relies on ssh-random-helper. Should result in faster
logins on systems without a real random device or prngd. ok djm@
diff --git a/ChangeLog b/ChangeLog
index 428718d..9265b7a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,9 @@
20050927
- (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid
calls, since they can't possibly fail. ok djm@
+ - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
+ process when sshd relies on ssh-random-helper. Should result in faster
+ logins on systems without a real random device or prngd. ok djm@
20050924
- (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove
@@ -3017,4 +3020,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.3895 2005/09/27 09:50:25 dtucker Exp $
+$Id: ChangeLog,v 1.3896 2005/09/27 12:46:32 dtucker Exp $
diff --git a/entropy.c b/entropy.c
index 7f4a307..ff97415 100644
--- a/entropy.c
+++ b/entropy.c
@@ -26,6 +26,7 @@
#include <openssl/rand.h>
#include <openssl/crypto.h>
+#include <openssl/err.h>
#include "ssh.h"
#include "misc.h"
@@ -33,6 +34,8 @@
#include "atomicio.h"
#include "pathnames.h"
#include "log.h"
+#include "buffer.h"
+#include "bufaux.h"
/*
* Portable OpenSSH PRNG seeding:
@@ -45,7 +48,7 @@
* XXX: we should tell the child how many bytes we need.
*/
-RCSID("$Id: entropy.c,v 1.50 2005/09/27 09:50:25 dtucker Exp $");
+RCSID("$Id: entropy.c,v 1.51 2005/09/27 12:46:32 dtucker Exp $");
#ifndef OPENSSL_PRNG_ONLY
#define RANDOM_SEED_SIZE 48
@@ -150,3 +153,30 @@
#endif
}
+#ifndef OPENSSL_PRNG_ONLY
+void
+rexec_send_rng_seed(Buffer *m)
+{
+ u_char buf[RANDOM_SEED_SIZE];
+
+ if (RAND_bytes(buf, sizeof(buf)) <= 0) {
+ error("Couldn't obtain random bytes (error %ld)",
+ ERR_get_error());
+ buffer_put_string(m, "", 0);
+ } else
+ buffer_put_string(m, buf, sizeof(buf));
+}
+
+void
+rexec_recv_rng_seed(Buffer *m)
+{
+ char *buf;
+ u_int len;
+
+ buf = buffer_get_string_ret(m, &len);
+ if (buf != NULL) {
+ debug3("rexec_recv_rng_seed: seeding rng with %u bytes", len);
+ RAND_add(buf, len, len);
+ }
+}
+#endif
diff --git a/entropy.h b/entropy.h
index 5f63c1f..ec1ebcc 100644
--- a/entropy.h
+++ b/entropy.h
@@ -22,12 +22,17 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* $Id: entropy.h,v 1.4 2001/02/09 01:55:36 djm Exp $ */
+/* $Id: entropy.h,v 1.5 2005/09/27 12:46:32 dtucker Exp $ */
#ifndef _RANDOMS_H
#define _RANDOMS_H
+#include "buffer.h"
+
void seed_rng(void);
void init_rng(void);
+void rexec_send_rng_seed(Buffer *);
+void rexec_recv_rng_seed(Buffer *);
+
#endif /* _RANDOMS_H */
diff --git a/sshd.c b/sshd.c
index 92aa9bb..e9125a2 100644
--- a/sshd.c
+++ b/sshd.c
@@ -800,6 +800,7 @@
* bignum iqmp "
* bignum p "
* bignum q "
+ * string rngseed (only if OpenSSL is not self-seeded)
*/
buffer_init(&m);
buffer_put_cstring(&m, buffer_ptr(conf));
@@ -816,6 +817,10 @@
} else
buffer_put_int(&m, 0);
+#ifndef OPENSSL_PRNG_ONLY
+ rexec_send_rng_seed(&m);
+#endif
+
if (ssh_msg_send(fd, 0, &m) == -1)
fatal("%s: ssh_msg_send failed", __func__);
@@ -858,6 +863,11 @@
rsa_generate_additional_parameters(
sensitive_data.server_key->rsa);
}
+
+#ifndef OPENSSL_PRNG_ONLY
+ rexec_recv_rng_seed(&m);
+#endif
+
buffer_free(&m);
debug3("%s: done", __func__);
@@ -1051,8 +1061,6 @@
drop_cray_privs();
#endif
- seed_rng();
-
sensitive_data.server_key = NULL;
sensitive_data.ssh1_host_key = NULL;
sensitive_data.have_ssh1_key = 0;
@@ -1071,6 +1079,8 @@
if (!rexec_flag)
buffer_free(&cfg);
+ seed_rng();
+
/* Fill in default values for those options not explicitly set. */
fill_default_server_options(&options);