diff options
| author | Jelmer Vernooij <jelmer@samba.org> | 2008-08-01 20:17:56 +0200 |
|---|---|---|
| committer | Jelmer Vernooij <jelmer@samba.org> | 2008-08-01 20:17:56 +0200 |
| commit | 2fbe25b39d096b55a5dbb80720cd01e08e42a2b0 (patch) | |
| tree | 64a0a19d5278bb341396189789fd41e530e31d0d /source4/heimdal/lib/hcrypto/rand-fortuna.c | |
| parent | 3573420d7d108d796e0b424c131061dc74c23033 (diff) | |
| parent | f2ac351d6ef8d240f9e45f4df58b022052457d76 (diff) | |
| download | samba-2fbe25b39d096b55a5dbb80720cd01e08e42a2b0.tar.gz samba-2fbe25b39d096b55a5dbb80720cd01e08e42a2b0.tar.bz2 samba-2fbe25b39d096b55a5dbb80720cd01e08e42a2b0.zip | |
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into manpage
(This used to be commit c87a8ba1fef1ba508ad6527d0bae4bcdd5b3cb69)
Diffstat (limited to 'source4/heimdal/lib/hcrypto/rand-fortuna.c')
| -rw-r--r-- | source4/heimdal/lib/hcrypto/rand-fortuna.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/source4/heimdal/lib/hcrypto/rand-fortuna.c b/source4/heimdal/lib/hcrypto/rand-fortuna.c index 1d47ed49cc..da59a433b1 100644 --- a/source4/heimdal/lib/hcrypto/rand-fortuna.c +++ b/source4/heimdal/lib/hcrypto/rand-fortuna.c @@ -33,7 +33,7 @@ #include <config.h> #endif -RCSID("$Id: rand-fortuna.c 21196 2007-06-20 05:08:58Z lha $"); +RCSID("$Id: rand-fortuna.c 23463 2008-07-27 12:15:06Z lha $"); #include <stdio.h> #include <stdlib.h> @@ -118,6 +118,7 @@ struct fortuna_state unsigned pool0_bytes; unsigned rnd_pos; int tricks_done; + pid_t pid; }; typedef struct fortuna_state FState; @@ -175,6 +176,7 @@ init_state(FState * st) memset(st, 0, sizeof(*st)); for (i = 0; i < NUM_POOLS; i++) md_init(&st->pool[i]); + st->pid = getpid(); } /* @@ -276,6 +278,9 @@ reseed(FState * st) /* add old key into mix too */ md_update(&key_md, st->key, BLOCK); + /* add pid to make output diverse after fork() */ + md_update(&key_md, (const unsigned char *)&st->pid, sizeof(st->pid)); + /* now we have new key */ md_result(&key_md, st->key); @@ -384,6 +389,7 @@ extract_data(FState * st, unsigned count, unsigned char *dst) { unsigned n; unsigned block_nr = 0; + pid_t pid = getpid(); /* Should we reseed? */ if (st->pool0_bytes >= POOL0_FILL || st->reseed_count == 0) @@ -394,6 +400,12 @@ extract_data(FState * st, unsigned count, unsigned char *dst) if (!st->tricks_done) startup_tricks(st); + /* If we forked, force a reseed again */ + if (pid != st->pid) { + st->pid = pid; + reseed(st); + } + while (count > 0) { /* produce bytes */ @@ -493,6 +505,7 @@ fortuna_reseed(void) fd = open("/etc/shadow", O_RDONLY, 0); if (fd >= 0) { ssize_t n; + rk_cloexec(fd); /* add_entropy will hash the buf */ while ((n = read(fd, (char *)u.shad, sizeof(u.shad))) > 0) add_entropy(&main_state, u.shad, sizeof(u.shad)); |