int realmain(int argc, char *argv[])
{
// The libcrypto startup stuff... May or may not actually be needed for anything at all.
ERR_load_crypto_strings(); // This is needed for descriptive error messages.
OpenSSL_add_all_algorithms(); // Don't actually use the EVP functions, so probably not needed.
OPENSSL_config(nullptr); // What does this actually do?
#ifdef WZ_OS_WIN
RAND_screen(); // Uses a screenshot as a random seed, on systems lacking /dev/random.
#endif
wzMain(argc, argv);
int utfargc = argc;
const char** utfargv = (const char**)argv;
#ifdef WZ_OS_MAC
cocoaInit();
#endif
debug_init();
debug_register_callback( debug_callback_stderr, NULL, NULL, NULL );
#if defined(WZ_OS_WIN) && defined(DEBUG_INSANE)
debug_register_callback( debug_callback_win32debug, NULL, NULL, NULL );
#endif // WZ_OS_WIN && DEBUG_INSANE
// *****
// NOTE: Try *NOT* to use debug() output routines without some other method of informing the user. All this output is sent to /dev/nul at this point on some platforms!
// *****
if (!getUTF8CmdLine(&utfargc, &utfargv))
{
return EXIT_FAILURE;
}
QTextCodec::setCodecForCStrings(QTextCodec::codecForName("UTF-8")); // make Qt treat all C strings in Warzone as UTF-8
setupExceptionHandler(utfargc, utfargv, version_getFormattedVersionString());
/*** Initialize PhysicsFS ***/
initialize_PhysicsFS(utfargv[0]);
/*** Initialize translations ***/
initI18n();
// find early boot info
if (!ParseCommandLineEarly(utfargc, utfargv))
{
return EXIT_FAILURE;
}
/* Initialize the write/config directory for PhysicsFS.
* This needs to be done __after__ the early commandline parsing,
* because the user might tell us to use an alternative configuration
* directory.
*/
initialize_ConfigDir();
/*** Initialize directory structure ***/
make_dir(ScreenDumpPath, "screenshots", NULL);
make_dir(SaveGamePath, "savegames", NULL);
PHYSFS_mkdir("savegames/campaign");
PHYSFS_mkdir("savegames/skirmish");
make_dir(MultiCustomMapsPath, "maps", NULL); // MUST have this to prevent crashes when getting map
PHYSFS_mkdir("music");
PHYSFS_mkdir("logs"); // a place to hold our netplay, mingw crash reports & WZ logs
PHYSFS_mkdir("userdata"); // a place to store per-mod data user generated data
memset(rulesettag, 0, sizeof(rulesettag)); // tag to add to userdata to find user generated stuff
make_dir(MultiPlayersPath, "multiplay", NULL);
make_dir(MultiPlayersPath, "multiplay", "players");
if (!customDebugfile)
{
// there was no custom debug file specified (--debug-file=blah)
// so we use our write directory to store our logs.
time_t aclock;
struct tm *newtime;
char buf[PATH_MAX];
time( &aclock ); // Get time in seconds
newtime = localtime( &aclock ); // Convert time to struct
// Note: We are using fopen(), and not physfs routines to open the file
// log name is logs/(or \)WZlog-MMDD_HHMMSS.txt
snprintf(buf, sizeof(buf), "%slogs%sWZlog-%02d%02d_%02d%02d%02d.txt", PHYSFS_getWriteDir(), PHYSFS_getDirSeparator(),
newtime->tm_mon + 1, newtime->tm_mday, newtime->tm_hour, newtime->tm_min, newtime->tm_sec );
debug_register_callback( debug_callback_file, debug_callback_file_init, debug_callback_file_exit, buf );
// FIXME: Change this to LOG_WZ on next release
debug(LOG_INFO, "Using %s debug file", buf);
}
// NOTE: it is now safe to use debug() calls to make sure output gets captured.
check_Physfs();
debug(LOG_WZ, "Warzone 2100 - %s", version_getFormattedVersionString());
debug(LOG_WZ, "Using language: %s", getLanguage());
debug(LOG_WZ, "Backend: %s", BACKEND);
debug(LOG_MEMORY, "sizeof: SIMPLE_OBJECT=%ld, BASE_OBJECT=%ld, DROID=%ld, STRUCTURE=%ld, FEATURE=%ld, PROJECTILE=%ld",
(long)sizeof(SIMPLE_OBJECT), (long)sizeof(BASE_OBJECT), (long)sizeof(DROID), (long)sizeof(STRUCTURE), (long)sizeof(FEATURE), (long)sizeof(PROJECTILE));
/* Put in the writedir root */
sstrcpy(KeyMapPath, "keymap.map");
// initialise all the command line states
war_SetDefaultStates();
debug(LOG_MAIN, "initializing");
PhysicsEngineHandler engine; // register abstract physfs filesystem
loadConfig();
// parse the command line
if (!ParseCommandLine(utfargc, utfargv))
{
return EXIT_FAILURE;
}
// Save new (commandline) settings
saveConfig();
// Find out where to find the data
scanDataDirs();
// Now we check the mods to see if they exist or not (specified on the command line)
// They are all capped at 100 mods max(see clparse.c)
// FIX ME: I know this is a bit hackish, but better than nothing for now?
{
char *modname;
char modtocheck[256];
int i = 0;
int result = 0;
// check global mods
for(i=0; i < 100; i++)
{
modname = global_mods[i];
if (modname == NULL)
{
break;
}
ssprintf(modtocheck, "mods/global/%s", modname);
result = PHYSFS_exists(modtocheck);
result |= PHYSFS_isDirectory(modtocheck);
if (!result)
{
debug(LOG_ERROR, "The (global) mod (%s) you have specified doesn't exist!", modname);
}
else
{
info("(global) mod (%s) is enabled", modname);
}
}
// check campaign mods
for(i=0; i < 100; i++)
{
modname = campaign_mods[i];
if (modname == NULL)
{
break;
}
ssprintf(modtocheck, "mods/campaign/%s", modname);
result = PHYSFS_exists(modtocheck);
result |= PHYSFS_isDirectory(modtocheck);
if (!result)
{
debug(LOG_ERROR, "The mod_ca (%s) you have specified doesn't exist!", modname);
}
else
{
info("mod_ca (%s) is enabled", modname);
}
}
// check multiplay mods
for(i=0; i < 100; i++)
{
modname = multiplay_mods[i];
if (modname == NULL)
{
break;
}
ssprintf(modtocheck, "mods/multiplay/%s", modname);
result = PHYSFS_exists(modtocheck);
result |= PHYSFS_isDirectory(modtocheck);
if (!result)
{
debug(LOG_ERROR, "The mod_mp (%s) you have specified doesn't exist!", modname);
}
else
{
info("mod_mp (%s) is enabled", modname);
}
}
}
if (!wzMain2(war_getFSAA(), war_getFullscreen(), war_GetVsync()))
{
return EXIT_FAILURE;
}
int w = pie_GetVideoBufferWidth();
int h = pie_GetVideoBufferHeight();
char buf[256];
ssprintf(buf, "Video Mode %d x %d (%s)", w, h, war_getFullscreen() ? "fullscreen" : "window");
addDumpInfo(buf);
debug(LOG_MAIN, "Final initialization");
if (!frameInitialise())
{
return EXIT_FAILURE;
}
if (!screenInitialise())
{
return EXIT_FAILURE;
}
if (!pie_LoadShaders())
{
return EXIT_FAILURE;
}
war_SetWidth(pie_GetVideoBufferWidth());
war_SetHeight(pie_GetVideoBufferHeight());
pie_SetFogStatus(false);
pie_ScreenFlip(CLEAR_BLACK);
pal_Init();
pie_LoadBackDrop(SCREEN_RANDOMBDROP);
pie_SetFogStatus(false);
pie_ScreenFlip(CLEAR_BLACK);
if (!systemInitialise())
{
return EXIT_FAILURE;
}
//set all the pause states to false
setAllPauseStates(false);
// Copy this info to be used by the crash handler for the dump file
ssprintf(buf,"Using Backend: %s", BACKEND);
addDumpInfo(buf);
ssprintf(buf,"Using language: %s", getLanguageName());
addDumpInfo(buf);
// Do the game mode specific initialisation.
switch(GetGameMode())
{
case GS_TITLE_SCREEN:
startTitleLoop();
break;
case GS_SAVEGAMELOAD:
initSaveGameLoad();
break;
case GS_NORMAL:
startGameLoop();
break;
default:
debug(LOG_ERROR, "Weirdy game status, I'm afraid!!");
break;
}
#if defined(WZ_CC_MSVC) && defined(DEBUG)
debug_MEMSTATS();
#endif
debug(LOG_MAIN, "Entering main loop");
wzMain3();
saveConfig();
systemShutdown();
#ifdef WZ_OS_WIN // clean up the memory allocated for the command line conversion
for (int i=0; i<argc; i++)
{
const char*** const utfargvF = &utfargv;
free((void *)(*utfargvF)[i]);
}
free(utfargv);
#endif
wzShutdown();
debug(LOG_MAIN, "Completed shutting down Warzone 2100");
return EXIT_SUCCESS;
}
static
int random_the_seed(struct SessionHandle *data)
{
char *buf = data->state.buffer; /* point to the big buffer */
int nread=0;
/* Q: should we add support for a random file name as a libcurl option?
A: Yes, it is here */
#ifndef RANDOM_FILE
/* if RANDOM_FILE isn't defined, we only perform this if an option tells
us to! */
if(data->set.ssl.random_file)
#define RANDOM_FILE "" /* doesn't matter won't be used */
#endif
{
/* let the option override the define */
nread += RAND_load_file((data->set.ssl.random_file?
data->set.ssl.random_file:RANDOM_FILE),
16384);
if(seed_enough(nread))
return nread;
}
#if defined(HAVE_RAND_EGD)
/* only available in OpenSSL 0.9.5 and later */
/* EGD_SOCKET is set at configure time or not at all */
#ifndef EGD_SOCKET
/* If we don't have the define set, we only do this if the egd-option
is set */
if(data->set.ssl.egdsocket)
#define EGD_SOCKET "" /* doesn't matter won't be used */
#endif
{
/* If there's an option and a define, the option overrides the
define */
int ret = RAND_egd(data->set.ssl.egdsocket?
data->set.ssl.egdsocket:EGD_SOCKET);
if(-1 != ret) {
nread += ret;
if(seed_enough(nread))
return nread;
}
}
#endif
/* If we get here, it means we need to seed the PRNG using a "silly"
approach! */
#ifdef HAVE_RAND_SCREEN
/* This one gets a random value by reading the currently shown screen */
RAND_screen();
nread = 100; /* just a value */
#else
{
int len;
char *area;
/* Changed call to RAND_seed to use the underlying RAND_add implementation
* directly. Do this in a loop, with the amount of additional entropy
* being dependent upon the algorithm used by Curl_FormBoundary(): N bytes
* of a 7-bit ascii set. -- Richard Gorton, March 11 2003.
*/
do {
area = Curl_FormBoundary();
if(!area)
return 3; /* out of memory */
len = (int)strlen(area);
RAND_add(area, len, (len >> 1));
free(area); /* now remove the random junk */
} while (!RAND_status());
}
#endif
/* generates a default path for the random seed file */
buf[0]=0; /* blank it first */
RAND_file_name(buf, BUFSIZE);
if(buf[0]) {
/* we got a file name to try */
nread += RAND_load_file(buf, 16384);
if(seed_enough(nread))
return nread;
}
infof(data, "libcurl is now using a weak random seed!\n");
return nread;
}
static void
init_prng (void)
{
char namebuf[256];
const char *random_file;
if (RAND_status ())
/* The PRNG has been seeded; no further action is necessary. */
return;
/* Seed from a file specified by the user. This will be the file
specified with --random-file, $RANDFILE, if set, or ~/.rnd, if it
exists. */
if (opt.random_file)
random_file = opt.random_file;
else
{
/* Get the random file name using RAND_file_name. */
namebuf[0] = '\0';
random_file = RAND_file_name (namebuf, sizeof (namebuf));
}
if (random_file && *random_file)
/* Seed at most 16k (apparently arbitrary value borrowed from
curl) from random file. */
RAND_load_file (random_file, 16384);
if (RAND_status ())
return;
/* Get random data from EGD if opt.egd_file was used. */
if (opt.egd_file && *opt.egd_file)
RAND_egd (opt.egd_file);
if (RAND_status ())
return;
#ifdef WINDOWS
/* Under Windows, we can try to seed the PRNG using screen content.
This may or may not work, depending on whether we'll calling Wget
interactively. */
RAND_screen ();
if (RAND_status ())
return;
#endif
#if 0 /* don't do this by default */
{
int maxrand = 500;
/* Still not random enough, presumably because neither /dev/random
nor EGD were available. Try to seed OpenSSL's PRNG with libc
PRNG. This is cryptographically weak and defeats the purpose
of using OpenSSL, which is why it is highly discouraged. */
logprintf (LOG_NOTQUIET, _("WARNING: using a weak random seed.\n"));
while (RAND_status () == 0 && maxrand-- > 0)
{
unsigned char rnd = random_number (256);
RAND_seed (&rnd, sizeof (rnd));
}
}
#endif
}
static int init_prng(void) {
int totbytes=0;
char filename[STRLEN];
int bytes;
bytes=0; /* avoid warning if #ifdef'd out for windows */
filename[0]='\0';
/* If they specify a rand file on the command line we
assume that they really do want it, so try it first */
if(options.rand_file) {
totbytes+=add_rand_file(options.rand_file);
if(prng_seeded(totbytes))
return 0;
}
/* try the $RANDFILE or $HOME/.rnd files */
RAND_file_name(filename, STRLEN);
if(filename[0]) {
filename[STRLEN-1]='\0'; /* just in case */
totbytes+=add_rand_file(filename);
if(prng_seeded(totbytes))
return 0;
}
#ifdef RANDOM_FILE
totbytes += add_rand_file( RANDOM_FILE );
if(prng_seeded(totbytes))
return 0;
#endif
#ifdef USE_WIN32
RAND_screen();
if(prng_seeded(totbytes)) {
log(LOG_DEBUG, "Seeded PRNG with RAND_screen");
return 0;
}
log(LOG_DEBUG, "RAND_screen failed to sufficiently seed PRNG");
#else
#if SSLEAY_VERSION_NUMBER >= 0x0090581fL
if(options.egd_sock) {
if((bytes=RAND_egd(options.egd_sock))==-1) {
log(LOG_WARNING, "EGD Socket %s failed", options.egd_sock);
bytes=0;
} else {
totbytes += bytes;
log(LOG_DEBUG, "Snagged %d random bytes from EGD Socket %s",
bytes, options.egd_sock);
return 0; /* OpenSSL always gets what it needs or fails,
so no need to check if seeded sufficiently */
}
}
#ifdef EGD_SOCKET
if((bytes=RAND_egd(EGD_SOCKET))==-1) {
log(LOG_WARNING, "EGD Socket %s failed", EGD_SOCKET);
} else {
totbytes += bytes;
log(LOG_DEBUG, "Snagged %d random bytes from EGD Socket %s",
bytes, EGD_SOCKET);
return 0;
}
#endif /* EGD_SOCKET */
#endif /* OpenSSL-0.9.5a */
#endif /* USE_WIN32 */
/* Try the good-old default /dev/urandom, if available */
totbytes+=add_rand_file( "/dev/urandom" );
if(prng_seeded(totbytes))
return 0;
/* Random file specified during configure */
log(LOG_INFO, "PRNG seeded with %d bytes total", totbytes);
log(LOG_WARNING, "PRNG may not have been seeded with enough random bytes");
return -1; /* FAILED */
}
LUALIB_API int luaopen_openssl(lua_State*L)
{
//CRYPTO_thread_setup();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
SSL_library_init();
ERR_load_ERR_strings();
ERR_load_EVP_strings();
ERR_load_crypto_strings();
ENGINE_load_dynamic();
ENGINE_load_openssl();
#ifdef LOAD_ENGINE_CUSTOM
LOAD_ENGINE_CUSTOM();
#endif
#ifdef OPENSSL_SYS_WINDOWS
RAND_screen();
#endif
lua_newtable(L);
luaL_setfuncs(L, eay_functions, 0);
openssl_register_lhash(L);
openssl_register_engine(L);
luaopen_bio(L);
lua_setfield(L, -2, "bio");
luaopen_asn1(L);
lua_setfield(L, -2, "asn1");
luaopen_digest(L);
lua_setfield(L, -2, "digest");
luaopen_cipher(L);
lua_setfield(L, -2, "cipher");
luaopen_hmac(L);
lua_setfield(L, -2, "hmac");
luaopen_pkey(L);
lua_setfield(L, -2, "pkey");
#ifdef EVP_PKEY_EC
luaopen_ec(L);
lua_setfield(L, -2, "ec");
#endif
luaopen_x509(L);
lua_setfield(L, -2, "x509");
luaopen_pkcs7(L);
lua_setfield(L, -2, "pkcs7");
luaopen_pkcs12(L);
lua_setfield(L, -2, "pkcs12");
luaopen_ocsp(L);
lua_setfield(L, -2, "ocsp");
#ifdef OPENSSL_HAVE_TS
/* timestamp handling */
luaopen_ts(L);
lua_setfield(L, -2, "ts");
#endif
luaopen_cms(L);
lua_setfield(L, -2, "cms");
luaopen_ssl(L);
lua_setfield(L, -2, "ssl");
/* third part */
luaopen_bn(L);
lua_setfield(L, -2, "bn");
luaopen_rsa(L);
luaopen_dsa(L);
luaopen_dh(L);
#ifdef ENABLE_OPENSSL_GLOBAL
lua_pushvalue(L, -1);
lua_setglobal(L, "openssl");
#endif
return 1;
}
NOEXPORT int compression_init(GLOBAL_OPTIONS *global) {
STACK_OF(SSL_COMP) *methods;
methods=SSL_COMP_get_compression_methods();
if(!methods) {
if(global->compression==COMP_NONE) {
s_log(LOG_NOTICE, "Failed to get compression methods");
return 0; /* ignore */
} else {
s_log(LOG_ERR, "Failed to get compression methods");
return 1;
}
}
if(global->compression==COMP_NONE ||
SSLeay()<0x00908051L /* 0.9.8e-beta1 */) {
/* delete OpenSSL defaults (empty the SSL_COMP stack) */
/* cannot use sk_SSL_COMP_pop_free,
* as it also destroys the stack itself */
/* only leave the standard RFC 1951 (DEFLATE) algorithm,
* if any of the private algorithms is enabled */
/* only allow DEFLATE with OpenSSL 0.9.8 or later
* with OpenSSL #1468 zlib memory leak fixed */
while(sk_SSL_COMP_num(methods))
#if OPENSSL_VERSION_NUMBER>=0x10100000L
/* FIXME: remove when sk_SSL_COMP_pop() works again */
OPENSSL_free(sk_pop((void *)methods));
#else
OPENSSL_free(sk_SSL_COMP_pop(methods));
#endif
}
if(global->compression==COMP_NONE) {
s_log(LOG_DEBUG, "Compression disabled");
return 0; /* success */
}
/* also insert the obsolete ZLIB algorithm */
if(global->compression==COMP_ZLIB) {
/* 224 - within the private range (193 to 255) */
COMP_METHOD *meth=COMP_zlib();
#if OPENSSL_VERSION_NUMBER>=0x10100000L
if(!meth || COMP_get_type(meth)==NID_undef) {
#else
if(!meth || meth->type==NID_undef) {
#endif
s_log(LOG_ERR, "ZLIB compression is not supported");
return 1;
}
SSL_COMP_add_compression_method(0xe0, meth);
}
s_log(LOG_INFO, "Compression enabled: %d method(s)",
sk_SSL_COMP_num(methods));
return 0; /* success */
}
#endif /* OPENSSL_NO_COMP */
NOEXPORT int prng_init(GLOBAL_OPTIONS *global) {
int totbytes=0;
char filename[256];
#ifndef USE_WIN32
int bytes;
#endif
filename[0]='\0';
/* if they specify a rand file on the command line we
assume that they really do want it, so try it first */
if(global->rand_file) {
totbytes+=add_rand_file(global, global->rand_file);
if(RAND_status())
return 0; /* success */
}
/* try the $RANDFILE or $HOME/.rnd files */
RAND_file_name(filename, 256);
if(filename[0]) {
totbytes+=add_rand_file(global, filename);
if(RAND_status())
return 0; /* success */
}
#ifdef RANDOM_FILE
totbytes+=add_rand_file(global, RANDOM_FILE);
if(RAND_status())
return 0; /* success */
#endif
#ifdef USE_WIN32
RAND_screen();
if(RAND_status()) {
s_log(LOG_DEBUG, "Seeded PRNG with RAND_screen");
return 0; /* success */
}
s_log(LOG_DEBUG, "RAND_screen failed to sufficiently seed PRNG");
#else
if(global->egd_sock) {
if((bytes=RAND_egd(global->egd_sock))==-1) {
s_log(LOG_WARNING, "EGD Socket %s failed", global->egd_sock);
bytes=0;
} else {
totbytes+=bytes;
s_log(LOG_DEBUG, "Snagged %d random bytes from EGD Socket %s",
bytes, global->egd_sock);
return 0; /* OpenSSL always gets what it needs or fails,
so no need to check if seeded sufficiently */
}
}
/* try the good-old default /dev/urandom, if available */
totbytes+=add_rand_file(global, "/dev/urandom");
if(RAND_status())
return 0; /* success */
#endif /* USE_WIN32 */
/* random file specified during configure */
s_log(LOG_ERR, "PRNG seeded with %d bytes total", totbytes);
s_log(LOG_ERR, "PRNG was not seeded with enough random bytes");
return 1; /* FAILED */
}
LUALIB_API int luaopen_openssl(lua_State*L)
{
if (atomic_fetch_add(&init, 1) == 0)
{
#if defined(OPENSSL_THREADS)
CRYPTO_thread_setup();
#endif
OpenSSL_add_all_ciphers();
OpenSSL_add_all_digests();
SSL_library_init();
ERR_load_ERR_strings();
ERR_load_EVP_strings();
ERR_load_crypto_strings();
ERR_load_SSL_strings();
ENGINE_load_dynamic();
ENGINE_load_openssl();
#ifdef LOAD_ENGINE_CUSTOM
LOAD_ENGINE_CUSTOM
#endif
#ifdef OPENSSL_SYS_WINDOWS
#if OPENSSL_VERSION_NUMBER < 0x10100000L
RAND_screen();
#endif
#endif
}
lua_newtable(L);
lua_newtable(L);
lua_pushcfunction(L, luaclose_openssl);
lua_setfield(L, -2, "__gc");
lua_setmetatable(L, -2);
luaL_setfuncs(L, eay_functions, 0);
openssl_register_lhash(L);
openssl_register_engine(L);
luaopen_bio(L);
lua_setfield(L, -2, "bio");
luaopen_asn1(L);
lua_setfield(L, -2, "asn1");
luaopen_digest(L);
lua_setfield(L, -2, "digest");
luaopen_cipher(L);
lua_setfield(L, -2, "cipher");
luaopen_hmac(L);
lua_setfield(L, -2, "hmac");
luaopen_pkey(L);
lua_setfield(L, -2, "pkey");
#ifdef EVP_PKEY_EC
luaopen_ec(L);
lua_setfield(L, -2, "ec");
#endif
luaopen_x509(L);
lua_setfield(L, -2, "x509");
luaopen_pkcs7(L);
lua_setfield(L, -2, "pkcs7");
luaopen_pkcs12(L);
lua_setfield(L, -2, "pkcs12");
luaopen_ocsp(L);
lua_setfield(L, -2, "ocsp");
#ifdef OPENSSL_HAVE_TS
/* timestamp handling */
luaopen_ts(L);
lua_setfield(L, -2, "ts");
#endif
luaopen_cms(L);
lua_setfield(L, -2, "cms");
luaopen_ssl(L);
lua_setfield(L, -2, "ssl");
/* third part */
luaopen_bn(L);
lua_setfield(L, -2, "bn");
luaopen_rsa(L);
lua_setfield(L, -2, "rsa");
luaopen_dsa(L);
lua_setfield(L, -2, "dsa");
luaopen_dh(L);
lua_setfield(L, -2, "dh");
#ifndef OPENSSL_NO_SRP
luaopen_srp(L);
lua_setfield(L, -2, "srp");
#endif
#ifdef ENABLE_OPENSSL_GLOBAL
lua_pushvalue(L, -1);
lua_setglobal(L, "openssl");
#endif
return 1;
}
static void RandomSeed(void)
{
/* 1. Seed the weak C PRNGs. */
/* Mix various stuff. */
pid_t pid = getpid();
size_t fqdn_len = strlen(VFQNAME) > 0 ? strlen(VFQNAME) : 1;
time_t start_time = CFSTARTTIME;
time_t now = time(NULL);
srand((unsigned) pid * fqdn_len * start_time * now);
srand48((long) (pid * fqdn_len * start_time * now));
/* 2. Seed the strong OpenSSL PRNG. */
/* randseed file is written by cf-key. */
char randfile[CF_BUFSIZE];
snprintf(randfile, CF_BUFSIZE, "%s%crandseed",
CFWORKDIR, FILE_SEPARATOR);
Log(LOG_LEVEL_VERBOSE, "Looking for a source of entropy in '%s'",
randfile);
if (!RAND_load_file(randfile, -1))
{
Log(LOG_LEVEL_VERBOSE,
"Could not read sufficient randomness from '%s'", randfile);
}
#ifndef __MINGW32__ /* windows may hang */
RAND_poll();
#else
RAND_screen();
#endif
/* We should have had enough entropy by now. Else we print a message and
* use non-crypto-safe random data. */
if (RAND_status() != 1)
{
/* TODO raise to LOG_LEVEL_WARNING? */
Log(LOG_LEVEL_INFO,
"PRNG hasn't been seeded enough, using some pseudo-random bytes for seed!");
Log(LOG_LEVEL_INFO,
"A workaround is to copy 1KB of random bytes to '%s'",
randfile);
unsigned char rand_buf[128];
for (size_t i = 0; i < sizeof(rand_buf); i++)
{
rand_buf[i] = rand() % 256;
}
RAND_seed(rand_buf, sizeof(rand_buf));
/* If we *still* not have enough entropy, then things will be failing
* all over the place. Should never happen because of the rand()
* buffer above which should be enough for all cases. */
if (RAND_status() != 1)
{
UnexpectedError("Low entropy, crypto operations will fail! "
"See verbose log and report which platform you are using.");
}
}
}
