dovecot-2.2: lib: rand - force reseeding with known seed from en...
dovecot at dovecot.org
dovecot at dovecot.org
Fri Jun 27 13:22:47 UTC 2014
details: http://hg.dovecot.org/dovecot-2.2/rev/fe0c69112049
changeset: 17534:fe0c69112049
user: Phil Carmody <phil at dovecot.fi>
date: Fri Jun 27 16:20:25 2014 +0300
description:
lib: rand - force reseeding with known seed from environment
Use DOVECOT_SRAND=12345 as an environmental variable to force seeding
to that number.
The logic behind the logging is that the subsequent calls will almost
certainly be from random_fill_weak() which expects to have been seeded
from a CSPRNG - not a constant! Having this environmental variable set
in a production system that expects CSPRNG seeding should be flagging
diagnostics.
Signed-off-by: Phil Carmody <phil at dovecot.fi>
diffstat:
src/lib/rand.c | 11 ++++++++++-
1 files changed, 10 insertions(+), 1 deletions(-)
diffs (27 lines):
diff -r 9fd5c57fa49b -r fe0c69112049 src/lib/rand.c
--- a/src/lib/rand.c Fri Jun 27 16:17:50 2014 +0300
+++ b/src/lib/rand.c Fri Jun 27 16:20:25 2014 +0300
@@ -7,6 +7,7 @@
static int seeded = 0;
static unsigned int seed;
+static char const *env_seed;
int rand_get_seed_count(void)
{
@@ -19,6 +20,14 @@
}
void rand_set_seed(unsigned int s)
{
+ if (seeded == 0) {
+ env_seed = getenv("DOVECOT_SRAND");
+ if (env_seed != NULL)
+ seed = strtoul(env_seed, NULL, 0);
+ }
seeded++;
- srand(seed = s);
+ if (env_seed == NULL)
+ seed = s;
+
+ srand(seed);
}
More information about the dovecot-cvs
mailing list