Mercurial > dovecot > original-hg > dovecot-1.2
changeset 3040:50acbcc7e4d8 HEAD
Added random_fill_weak() and make random_init() always initialize srand()
with a seed from random_fill().
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Thu, 06 Jan 2005 21:08:17 +0200 |
parents | d6910d273852 |
children | 933b65191ca3 |
files | src/auth/main.c src/lib/randgen.c src/lib/randgen.h |
diffstat | 3 files changed, 28 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/main.c Thu Jan 06 20:14:28 2005 +0200 +++ b/src/auth/main.c Thu Jan 06 21:08:17 2005 +0200 @@ -169,8 +169,6 @@ static void drop_privileges(void) { - unsigned int seed; - verbose = getenv("VERBOSE") != NULL; verbose_debug = getenv("VERBOSE_DEBUG") != NULL; @@ -178,8 +176,6 @@ /* Open /dev/urandom before chrooting */ random_init(); - random_fill(&seed, sizeof(seed)); - srand(seed); /* Initialize databases so their configuration files can be readable only by root. Also load all modules here. */
--- a/src/lib/randgen.c Thu Jan 06 20:14:28 2005 +0200 +++ b/src/lib/randgen.c Thu Jan 06 21:08:17 2005 +0200 @@ -3,6 +3,8 @@ #include "lib.h" #include "randgen.h" +#include <stdlib.h> + #ifdef HAVE_DEV_URANDOM #include "fd-close-on-exec.h" @@ -29,6 +31,8 @@ void random_init(void) { + unsigned int seed; + if (init_refcount++ > 0) return; @@ -42,6 +46,9 @@ } } + random_fill(&seed, sizeof(seed)); + srand(seed); + fd_close_on_exec(urandom_fd, TRUE); } @@ -80,9 +87,24 @@ i_fatal("RAND_pseudo_bytes() failed: %s", ssl_last_error()); } -void random_init(void) {} +void random_init(void) +{ + unsigned int seed; + + random_fill(&seed, sizeof(seed)); + srand(seed); +} + void random_deinit(void) {} #else # error No random number generator, use eg. OpenSSL. #endif + +void random_fill_weak(void *buf, size_t size) +{ + unsigned char *cbuf = buf; + + for (; size > 0; size--) + *cbuf++ = (unsigned char)rand(); +}
--- a/src/lib/randgen.h Thu Jan 06 20:14:28 2005 +0200 +++ b/src/lib/randgen.h Thu Jan 06 21:08:17 2005 +0200 @@ -1,7 +1,12 @@ #ifndef __RANDGEN_H #define __RANDGEN_H +/* Fill given buffer with semi-strong randomness, usually from /dev/urandom. */ void random_fill(void *buf, size_t size); +/* Fill given buffer with weak randomness, ie. with rand(). This is better if + no real randomness is required, as reading from /dev/urandom usually also + consumes /dev/random entropy, which may disturb other processes. */ +void random_fill_weak(void *buf, size_t size); /* may be called multiple times */ void random_init(void);