Critical EGD handling in 2.1.1p1

Wed Jun 21 20:05:02 EST 2000

And this time the patch attached :-)
	Lutz
-- 
Lutz Jaenicke                             Lutz.Jaenicke at aet.TU-Cottbus.DE
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153
-------------- next part --------------
*** entropy.c.orig	Wed Jun  7 14:20:23 2000
--- entropy.c	Wed Jun 21 11:41:50 2000
***************
*** 63,104 ****
  {
  	static int egd_socket = -1;
  	int c;
  	char egd_message[2] = { 0x02, 0x00 };
  	struct sockaddr_un addr;
  	int addr_len;
  
  	memset(&addr, '\0', sizeof(addr));
  	addr.sun_family = AF_UNIX;
! 	
! 	/* FIXME: compile time check? */
  	if (sizeof(EGD_SOCKET) > sizeof(addr.sun_path))
  		fatal("Random pool path is too long");
! 	
  	strlcpy(addr.sun_path, EGD_SOCKET, sizeof(addr.sun_path));
! 	
  	addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(EGD_SOCKET);
! 	
  	if (egd_socket == -1) {
  		egd_socket = socket(AF_UNIX, SOCK_STREAM, 0);
! 		if (egd_socket == -1)
  			fatal("Couldn't create AF_UNIX socket: %s", strerror(errno));
! 		if (connect(egd_socket, (struct sockaddr*)&addr, addr_len) == -1)
  			fatal("Couldn't connect to EGD socket \"%s\": %s", addr.sun_path, strerror(errno));
  	}	
  
  	if (len > 255)
  		fatal("Too many bytes to read from EGD");
! 	
  	/* Send blocking read request to EGD */
  	egd_message[1] = len;
  
  	c = atomicio(write, egd_socket, egd_message, sizeof(egd_message));
! 	if (c == -1)
! 		fatal("Couldn't write to EGD socket \"%s\": %s", EGD_SOCKET, strerror(errno));
  
  	c = atomicio(read, egd_socket, buf, len);
  	if (c <= 0)
! 		fatal("Couldn't read from EGD socket \"%s\": %s", EGD_SOCKET, strerror(errno));
  }
  #else /* !EGD_SOCKET */
  #ifdef RANDOM_POOL
--- 63,150 ----
  {
  	static int egd_socket = -1;
  	int c;
+ 	int egd_error;
+ 	int enough_entropy;
  	char egd_message[2] = { 0x02, 0x00 };
  	struct sockaddr_un addr;
  	int addr_len;
  
+ 	egd_error = 0;
+ 
+ 	enough_entropy = RAND_status();
+ 
+ retry:
+ 
  	memset(&addr, '\0', sizeof(addr));
  	addr.sun_family = AF_UNIX;
! 
  	if (sizeof(EGD_SOCKET) > sizeof(addr.sun_path))
  		fatal("Random pool path is too long");
! 
  	strlcpy(addr.sun_path, EGD_SOCKET, sizeof(addr.sun_path));
! 
  	addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(EGD_SOCKET);
! 
  	if (egd_socket == -1) {
  		egd_socket = socket(AF_UNIX, SOCK_STREAM, 0);
! 		if (egd_socket == -1) {
! 			if (!enough_entropy)
  			fatal("Couldn't create AF_UNIX socket: %s", strerror(errno));
! 			else
! 			error("Couldn't create AF_UNIX socket: %s", strerror(errno));
! 		}
! 		if (connect(egd_socket, (struct sockaddr*)&addr, addr_len) == -1) {
! 			if (!enough_entropy)
  			fatal("Couldn't connect to EGD socket \"%s\": %s", addr.sun_path, strerror(errno));
+ 			else
+ 			error("Couldn't connect to EGD socket \"%s\": %s", addr.sun_path, strerror(errno));
+ 		}
  	}	
  
  	if (len > 255)
  		fatal("Too many bytes to read from EGD");
! 
  	/* Send blocking read request to EGD */
  	egd_message[1] = len;
  
  	c = atomicio(write, egd_socket, egd_message, sizeof(egd_message));
! 	if (c == -1) {
! 		if (egd_error) {
! 			if (!enough_entropy)
! 			fatal("Couldn't write to EGD socket \"%s\": %s", 
! 				EGD_SOCKET, strerror(errno));
! 			else
! 			error("Couldn't write to EGD socket \"%s\": %s", 
! 				EGD_SOCKET, strerror(errno));
! 		} else {
! 			egd_error = 1;
! 			close(egd_socket);
! 			egd_socket = -1;
! 			error("Couldn't write to EGD socket \"%s\": %s", 
! 				EGD_SOCKET, strerror(errno));
! 			goto retry;
! 		}
! 	}
  
  	c = atomicio(read, egd_socket, buf, len);
  	if (c <= 0)
! 	if (c == -1) {
! 		if (egd_error) {
! 			if (!enough_entropy)
! 			fatal("Couldn't read from EGD socket \"%s\": %s", 
! 				EGD_SOCKET, strerror(errno));
! 			else
! 			error("Couldn't read from EGD socket \"%s\": %s", 
! 				EGD_SOCKET, strerror(errno));
! 		} else {
! 			egd_error = 1;
! 			close(egd_socket);
! 			egd_socket = -1;
! 			error("Couldn't read from EGD socket \"%s\": %s", 
! 				EGD_SOCKET, strerror(errno));
! 			goto retry;
! 		}
! 	}
  }
  #else /* !EGD_SOCKET */
  #ifdef RANDOM_POOL