Beispiel #1
0
static int prng_init(void)
{
    int totbytes = 0;
#if SSLEAY_VERSION_NUMBER >= 0x0090581fL
#ifdef EGD_SOCKET
    int bytes = 0;

    if((bytes = RAND_egd(EGD_SOCKET)) == -1) {
        Debug((DEBUG_ERROR, "EGD Socket %s failed", EGD_SOCKET));
	bytes = 0;
    } else {
        totbytes += bytes;
        Debug((DEBUG_DEBUG, "Got %d random bytes from EGD Socket %s",
            bytes, EGD_SOCKET));
        return 0;
    }
#endif /* EGD_SOCKET */
#endif /* OpenSSL-0.9.5a */
#ifdef RANDOM_FILE
    /* Try RANDOM_FILE if available */
    totbytes += add_rand_file(RANDOM_FILE);
    if(prng_seeded(totbytes))
        return 0;
#endif
    Debug((DEBUG_NOTICE, "PRNG seeded with %d bytes total", totbytes));
    Debug((DEBUG_ERROR,
		"PRNG may not have been seeded with enough random bytes"));
    return -1; /* FAILED but we will deal with it*/
}
static int init_prng(void) {
    int totbytes=0;
    char filename[STRLEN];
    int bytes;
    
    bytes=0; /* avoid warning if #ifdef'd out for windows */

    filename[0]='\0';

    /* If they specify a rand file on the command line we
       assume that they really do want it, so try it first */
    if(options.rand_file) {
        totbytes+=add_rand_file(options.rand_file);
        if(prng_seeded(totbytes))
            return 0;
    }

    /* try the $RANDFILE or $HOME/.rnd files */
    RAND_file_name(filename, STRLEN);
    if(filename[0]) {
        filename[STRLEN-1]='\0';        /* just in case */
        totbytes+=add_rand_file(filename);
        if(prng_seeded(totbytes))
            return 0;
    }

#ifdef RANDOM_FILE
    totbytes += add_rand_file( RANDOM_FILE );
    if(prng_seeded(totbytes))
        return 0;
#endif

#ifdef USE_WIN32
    RAND_screen();
    if(prng_seeded(totbytes)) {
        log(LOG_DEBUG, "Seeded PRNG with RAND_screen");
        return 0;
    }
    log(LOG_DEBUG, "RAND_screen failed to sufficiently seed PRNG");
#else

#if SSLEAY_VERSION_NUMBER >= 0x0090581fL
    if(options.egd_sock) {
        if((bytes=RAND_egd(options.egd_sock))==-1) {
            log(LOG_WARNING, "EGD Socket %s failed", options.egd_sock);
            bytes=0;
        } else {
            totbytes += bytes;
            log(LOG_DEBUG, "Snagged %d random bytes from EGD Socket %s",
                bytes, options.egd_sock);
            return 0; /* OpenSSL always gets what it needs or fails,
                         so no need to check if seeded sufficiently */
        }
    }
#ifdef EGD_SOCKET
    if((bytes=RAND_egd(EGD_SOCKET))==-1) {
        log(LOG_WARNING, "EGD Socket %s failed", EGD_SOCKET);
    } else {
        totbytes += bytes;
        log(LOG_DEBUG, "Snagged %d random bytes from EGD Socket %s",
            bytes, EGD_SOCKET);
        return 0;
    }
#endif /* EGD_SOCKET */

#endif /* OpenSSL-0.9.5a */
#endif /* USE_WIN32 */

    /* Try the good-old default /dev/urandom, if available  */
    totbytes+=add_rand_file( "/dev/urandom" );
    if(prng_seeded(totbytes))
        return 0;

    /* Random file specified during configure */
    log(LOG_INFO, "PRNG seeded with %d bytes total", totbytes);
    log(LOG_WARNING, "PRNG may not have been seeded with enough random bytes");
    return -1; /* FAILED */
}