diff options
Diffstat (limited to 'modules/es_unix')
-rw-r--r-- | modules/es_unix/es_unix.cpp | 88 | ||||
-rw-r--r-- | modules/es_unix/es_unix.h | 5 | ||||
-rw-r--r-- | modules/es_unix/modinfo.txt | 3 | ||||
-rw-r--r-- | modules/es_unix/unix_cmd.cpp | 34 |
4 files changed, 70 insertions, 60 deletions
diff --git a/modules/es_unix/es_unix.cpp b/modules/es_unix/es_unix.cpp index 243ba9164..40be78e22 100644 --- a/modules/es_unix/es_unix.cpp +++ b/modules/es_unix/es_unix.cpp @@ -8,6 +8,10 @@ #include <botan/parsing.h> #include <botan/config.h> #include <algorithm> +#include <sys/time.h> +#include <sys/stat.h> +#include <sys/resource.h> +#include <unistd.h> namespace Botan { @@ -43,7 +47,35 @@ void Unix_EntropySource::add_sources(const Unix_Program srcs[], u32bit count) *************************************************/ void Unix_EntropySource::do_fast_poll() { - gather(2*1024); + const char* STAT_TARGETS[] = { "/", "/tmp", ".", "..", 0 }; + + for(u32bit j = 0; STAT_TARGETS[j]; j++) + { + struct ::stat statbuf; + clear_mem(&statbuf, 1); + ::stat(STAT_TARGETS[j], &statbuf); + add_bytes(&statbuf, sizeof(statbuf)); + } + + add_bytes(::getpid()); + add_bytes(::getppid()); + + add_bytes(::getuid()); + add_bytes(::getgid()); + add_bytes(::geteuid()); + add_bytes(::getegid()); + + add_bytes(::getpgrp()); + add_bytes(::getsid(0)); + + struct ::rusage usage; + + clear_mem(&usage, 1); + ::getrusage(RUSAGE_SELF, &usage); + add_bytes(&usage, sizeof(usage)); + + ::getrusage(RUSAGE_CHILDREN, &usage); + add_bytes(&usage, sizeof(usage)); } /************************************************* @@ -51,56 +83,34 @@ void Unix_EntropySource::do_fast_poll() *************************************************/ void Unix_EntropySource::do_slow_poll() { - gather(16*1024); - } - -/************************************************* -* Gather Entropy From Several Unix_Programs * -*************************************************/ -void Unix_EntropySource::gather(u32bit target_amount) - { + const u32bit TRY_TO_GET = 16 * 1024; const u32bit MINIMAL_WORKING = 32; + const std::string PATH = global_config().option("rng/unix_path"); + u32bit got = 0; for(u32bit j = 0; j != sources.size(); j++) { add_timestamp(); - got += gather_from(sources[j]); - sources[j].working = (got >= MINIMAL_WORKING) ? true : false; + DataSource_Command pipe(sources[j].name_and_args, PATH); + SecureVector<byte> buffer(DEFAULT_BUFFERSIZE); - if(got >= target_amount) - break; - } - } + u32bit got_from_src = 0; -/************************************************* -* Gather entropy from a Unix program * -*************************************************/ -u32bit Unix_EntropySource::gather_from(const Unix_Program& prog) - { - const std::string BASE_PATH = "/bin:/sbin:/usr/bin:/usr/sbin"; - const std::string EXTRA_PATH = global_config().option("rng/unix_path"); + while(!pipe.end_of_data()) + { + u32bit this_loop = pipe.read(buffer, buffer.size()); + add_bytes(buffer, this_loop); + got_from_src += this_loop; + } - std::string PATH = BASE_PATH; - if(EXTRA_PATH != "") - PATH += ':' + EXTRA_PATH; + sources[j].working = (got_from_src >= MINIMAL_WORKING) ? true : false; + got += got_from_src; - DataSource_Command pipe(prog.name_and_args, PATH); - if(pipe.end_of_data()) - return 0; - - u32bit got = 0; - SecureVector<byte> buffer(DEFAULT_BUFFERSIZE); - - while(!pipe.end_of_data()) - { - u32bit this_loop = pipe.read(buffer, buffer.size()); - add_bytes(buffer, this_loop); - got += this_loop; + if(got >= TRY_TO_GET) + break; } - - return got; } } diff --git a/modules/es_unix/es_unix.h b/modules/es_unix/es_unix.h index 167bafc89..149e6f395 100644 --- a/modules/es_unix/es_unix.h +++ b/modules/es_unix/es_unix.h @@ -21,11 +21,10 @@ class Unix_EntropySource : public Buffered_EntropySource void add_sources(const Unix_Program[], u32bit); Unix_EntropySource(); private: + static void add_default_sources(std::vector<Unix_Program>&); + void do_fast_poll(); void do_slow_poll(); - void gather(u32bit); - u32bit gather_from(const Unix_Program&); - static void add_default_sources(std::vector<Unix_Program>&); std::vector<Unix_Program> sources; }; diff --git a/modules/es_unix/modinfo.txt b/modules/es_unix/modinfo.txt index ccb499b82..f16e21289 100644 --- a/modules/es_unix/modinfo.txt +++ b/modules/es_unix/modinfo.txt @@ -1,8 +1,9 @@ realname "Generic Unix Entropy Source" define ENTROPY_SRC_UNIX +modset unix,beos -load_on: auto +load_on auto <add> es_unix.cpp diff --git a/modules/es_unix/unix_cmd.cpp b/modules/es_unix/unix_cmd.cpp index dbefc7e3e..65def8c74 100644 --- a/modules/es_unix/unix_cmd.cpp +++ b/modules/es_unix/unix_cmd.cpp @@ -41,7 +41,7 @@ void do_exec(const std::vector<std::string>& arg_list, { const std::string full_path = paths[j] + "/" + arg_list[0]; const char* fsname = full_path.c_str(); - execl(fsname, fsname, arg1, arg2, arg3, arg4, 0); + ::execl(fsname, fsname, arg1, arg2, arg3, arg4, 0); } } @@ -69,12 +69,12 @@ u32bit DataSource_Command::read(byte buf[], u32bit length) FD_ZERO(&set); FD_SET(pipe->fd, &set); - struct timeval tv; + struct ::timeval tv; tv.tv_sec = 0; tv.tv_usec = MAX_BLOCK_USECS; ssize_t got = 0; - if(select(pipe->fd + 1, &set, 0, 0, &tv) == 1) + if(::select(pipe->fd + 1, &set, 0, 0, &tv) == 1) { if(FD_ISSET(pipe->fd, &set)) got = ::read(pipe->fd, buf, length); @@ -136,7 +136,7 @@ void DataSource_Command::create_pipe(const std::string& path) for(u32bit j = 0; j != paths.size(); j++) { const std::string full_path = paths[j] + "/" + arg_list[0]; - if(access(full_path.c_str(), X_OK) == 0) + if(::access(full_path.c_str(), X_OK) == 0) { found_something = true; break; @@ -149,31 +149,31 @@ void DataSource_Command::create_pipe(const std::string& path) if(::pipe(pipe_fd) != 0) return; - pid_t pid = fork(); + pid_t pid = ::fork(); if(pid == -1) { - close(pipe_fd[0]); - close(pipe_fd[1]); + ::close(pipe_fd[0]); + ::close(pipe_fd[1]); } else if(pid > 0) { pipe = new pipe_wrapper; pipe->fd = pipe_fd[0]; pipe->pid = pid; - close(pipe_fd[1]); + ::close(pipe_fd[1]); } else { if(dup2(pipe_fd[1], STDOUT_FILENO) == -1) - exit(127); + ::exit(127); if(close(pipe_fd[0]) != 0 || close(pipe_fd[1]) != 0) - exit(127); + ::exit(127); if(close(STDERR_FILENO) != 0) - exit(127); + ::exit(127); do_exec(arg_list, paths); - exit(127); + ::exit(127); } } @@ -190,23 +190,23 @@ void DataSource_Command::shutdown_pipe() { kill(pipe->pid, SIGTERM); - struct timeval tv; + struct ::timeval tv; tv.tv_sec = 0; tv.tv_usec = KILL_WAIT; select(0, 0, 0, 0, &tv); - reaped = waitpid(pipe->pid, 0, WNOHANG); + reaped = ::waitpid(pipe->pid, 0, WNOHANG); if(reaped == 0) { - kill(pipe->pid, SIGKILL); + ::kill(pipe->pid, SIGKILL); do - reaped = waitpid(pipe->pid, 0, 0); + reaped = ::waitpid(pipe->pid, 0, 0); while(reaped == -1); } } - close(pipe->fd); + ::close(pipe->fd); delete pipe; pipe = 0; } |