| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
| |
This breaks API for anyone creating their own Filter types, but it had
to happen eventually.
|
| |
|
|
|
|
|
| |
representation (rather than in an interator context), instead use &buf[0],
which works for both MemoryRegion and std::vector
|
| |
|
|
|
|
|
|
| |
priorities slightly, pushing netstat -s and netstat -an higher since
they change freqently and don't have a huge amount of output. Use the
-n flag with lsof, which inhibits name lookups which we don't need.
|
|
|
|
|
| |
various compilers/platforms, and likely doesn't contribute much of
anything. Also only grab real uid and gid, ignoring effective ids.
|
| |
|
|
|
|
|
| |
(2.0.2) is a solid 5 years old at this point. Haven't tested; don't
have access to any NetBSD machines at the moment.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
This caused Doxygen to think this was markup meant for it, which really
caused some clutter in the namespace page.
|
| |
|
|
|
|
| |
Also, fix AltiVec detection on Linux and NetBSD for most G4s.
|
| |
|
| |
|
| |
|
|
|
|
| |
Move most of the engine headers to internal
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes for the amalgamation generator for internal headers.
Remove BOTAN_DLL exporting macros from all internal-only headers;
the classes/functions there don't need to be exported, and
avoiding the PIC/GOT indirection can be a big win.
Add missing BOTAN_DLLs where necessary, mostly gfpmath and cvc
For GCC, use -fvisibility=hidden and set BOTAN_DLL to the
visibility __attribute__ to export those classes/functions.
|
| |
|
|
|
|
| |
of the rest. In the worst case, it compiles down to an empty poll
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QueryPerformanceCounter, into an entropy source hres_timer. Its
results, if any, do not count as contributing entropy to the poll.
Convert the other (monotonic/fixed epoch) timers to a single function
get_nanoseconds_clock(), living in time.h, which statically chooses
the 'best' timer type (clock_gettime, gettimeofday, std::clock, in
that order depending on what is available). Add feature test macros
for clock_gettime and gettimeofday.
Remove the Timer class and timer.h. Remove the Timer& argument to the
algorithm benchmark function.
|
|
|
|
|
|
| |
Remove support for (unused) modset settings.
Move tss, fpe, cryptobox, and aont to new dir constructs
|
|
|
|
|
|
|
|
| |
containers (specifically vector).
Rename is_empty to empty
Remove has_items
Rename create to resize
|
|
|
|
|
| |
Pretty much useless and unused, except for listing the module names in
build.h and the short versions totally suffice for that.
|
| |
|
|
|
|
| |
Contributed by Patrick Georgi
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't read any file that is not world-readable. This avoids trouble when
running as root, since on Linux various special files can cause odd
interactions and/or blocking behavior when read (for instance /proc/kmsg).
ssumption is that no such files are world-readable. This also avoids any
issue of reading data that is potentially sensitive.
Instead of reading the first 1 KB of each file, only read the first 128
bytes. This prevents large files (like /proc/config.gz or /proc/kallsyms)
from swamping the input buffer; these inputs are pretty static and
shouldn't count for much. Reducing to 128 bytes causes a poll to read
about 400 different files, rather than ~30.
|
| |
|
| |
|
|
|
|
| |
with some older versions of gcc
|
|
|
|
|
|
|
|
| |
set to 1000 ms (scaling based on amount of data requested). At 1000 ms
exactly, we would form a timeval of 0 seconds and 1000000 usecs (ie, 1 second).
Linux was fine with this, but FreeBSD 7.0's select was returning EINVAL.
Fix things to properly create the timeval so that everyone is happy.
|
| |
|
|
|
|
| |
select loop (up to a second)
|
|
|
|
|
| |
rotate.h, or when it was not needed at all. Remove or change the includes
as needed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
up during the Fedora submission review, that each source file include some
text about the license. One handy Perl script later and each file now has
the line
Distributed under the terms of the Botan license
after the copyright notices.
While I was in there modifying every file anyway, I also stripped out the
remainder of the block comments (lots of astericks before and after the
text); this is stylistic thing I picked up when I was first learning C++
but in retrospect it is not a good style as the structure makes it harder
to modify comments (with the result that comments become fewer, shorter and
are less likely to be updated, which are not good things).
|
|\
| |
| |
| | |
and 'fc89152d6d99043fb9ed1e9f2569fde3fee419e5'
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make the fast poll significantly more pessimistic/realistic about how
many bits of randomness we're getting from getrusage and stat.
Don't cut out from execing programs if the desired poll bits is under
128. Simply poll until either the accumulator says we're done or we run
out of sources. Assumption is that the poll won't be run at all unless
it is ncessary (es_unix comes late in the list of sources to use since
it is pretty slow).
|
| | |
|
| |
| |
| |
| |
| |
| | |
Also, change the wait time to bits/16 milliseconds. For instance if 64
bits of entropy are requested, the reader will wait at most 4 ms in the
select loop.
|
| |
| |
| |
| |
| |
| | |
inputs might end up not contributing anything to the count even when they should.
This was paricularly noticable with the proc walker - it uses an estimate of .01
bits / byte, so if the file was < 100 bytes it would not count for anything at all.
|
| |
| |
| |
| |
| | |
techniques, with the one using BufferedComputation being the new
subclass with the charming name Entropy_Accumulator_BufferedComputation.
|
|/ |
|
|
|
|
|
| |
entropy, the proc walker will read about 256K bytes. This seems plenty
sufficient to me.
|
|
|
|
| |
achieved.
|
|
|
|
| |
the buffer.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since both Randpool and HMAC_RNG fed the input into a MAC anyway, this
works nicely. (It would be nicer to use tr1::function but, argh, don't
want to fully depend on TR1 quite yet. C++0x cannot come soon enough).
This avoids requiring to do run length encoding, it just dumps everything
as-is into the MAC. This ensures the buffer is not a potential narrow pipe
for the entropy (for instance, one might imagine an entropy source which
outputs one random byte every 16 bytes, and the rest some repeating pattern -
using a 16 byte buffer, you would only get 8 bits of entropy total, no matter
how many times you sampled).
|