[dovecot-cvs] dovecot/src/lib randgen.c,1.13,1.14

[cras at dovecot.org]

Update of /var/lib/cvs/dovecot/src/lib
In directory talvi:/tmp/cvs-serv3039/src/lib

Modified Files:
	randgen.c 
Log Message:
If /dev/urandom didn't exist and we used OpenSSL's random number generator,
it wasn't seeded properly at startup. Patch by Vilmos Nebehaj.



Index: randgen.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/lib/randgen.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- randgen.c	6 Jan 2005 19:08:19 -0000	1.13
+++ randgen.c	25 Mar 2006 09:25:09 -0000	1.14
@@ -65,6 +65,11 @@
 #include <openssl/rand.h>
 #include <openssl/err.h>
 
+#include <sys/time.h>
+#ifdef HAVE_SYS_RESOURCE_H
+#  include <sys/resource.h>
+#endif
+
 static const char *ssl_last_error(void)
 {
 	unsigned long err;
@@ -81,6 +86,37 @@
 	return buf;
 }
 
+static void random_init_rng(void)
+{
+	unsigned int counter = 0;
+	struct timeval tv;
+#ifdef HAVE_GETRUSAGE
+	struct rusage ru;
+#endif
+
+	/* If the RNG is already seeded, we can return immediately. */
+	if (RAND_status() == 1)
+		return;
+
+	/* Else, try to seed it. Unfortunately we don't have
+	   /dev/urandom, so we can only use weak random sources. */
+	while (RAND_status() != 1) {
+		if (gettimeofday(&tv, NULL) < 0)
+			i_fatal("gettimeofday() failed: %m");
+		RAND_add(&tv, sizeof(tv), sizeof(tv) / 2);
+#ifdef HAVE_GETRUSAGE
+		if (getrusage(RUSAGE_SELF, &ru) < 0)
+			i_fatal("getrusage() failed: %m");
+		RAND_add(&ru, sizeof(ru), sizeof(ru) / 2);
+#endif
+
+		if (counter++ > 100) {
+			i_fatal("Random generator initialization failed: "
+				"Couldn't get enough entropy");
+		}
+	}
+}
+
 void random_fill(void *buf, size_t size)
 {
 	if (RAND_bytes(buf, size) != 1)
@@ -91,6 +127,8 @@
 {
 	unsigned int seed;
 
+	random_init_rng();
+
 	random_fill(&seed, sizeof(seed));
 	srand(seed);
 }