/* * Initialise the given ctr_drbg context, using a personalisation string and an * entropy gathering function. */ ctr_drbg_context * rand_ctx_get() { static entropy_context ec = {0}; static ctr_drbg_context cd_ctx = {0}; static bool rand_initialised = false; if (!rand_initialised) { struct gc_arena gc = gc_new(); struct buffer pers_string = alloc_buf_gc(100, &gc); /* * Personalisation string, should be as unique as possible (see NIST * 800-90 section 8.7.1). We have very little information at this stage. * Include Program Name, memory address of the context and PID. */ buf_printf(&pers_string, "OpenVPN %0u %p %s", platform_getpid(), &cd_ctx, time_string(0, 0, 0, &gc)); /* Initialise PolarSSL RNG, and built-in entropy sources */ entropy_init(&ec); if (0 != ctr_drbg_init(&cd_ctx, entropy_func, &ec, BPTR(&pers_string), BLEN(&pers_string))) msg (M_FATAL, "Failed to initialize random generator"); gc_free(&gc); rand_initialised = true; } return &cd_ctx; }
/* Write our PID to a file */ void write_pid (const char *filename) { if (filename) { unsigned int pid = 0; FILE *fp = platform_fopen (filename, "w"); if (!fp) msg (M_ERR, "Open error on pid file %s", filename); pid = platform_getpid (); fprintf(fp, "%u\n", pid); if (fclose (fp)) msg (M_ERR, "Close error on pid file %s", filename); } }