prng_cmds/init_rng() question/patch
Jon Peatfield
J.S.Peatfield at damtp.cam.ac.uk
Tue Mar 13 12:12:25 EST 2001
Since I've had no replies suggesting that it either is safe to move
the init_rng() call (to after we lose privelage) or any other sensible
way to achieve what I was trying to do (have a standalone ssh client
which needs no support files in fixed places), I may as well post my
patch in case anyone can spot any structural problems with it or
suggest better ways to do some bits. I've tested that it works on a
small set of patforms (Tru64, Solaris-2.6, irix6.5, Linux (with
/dev/random disabled for testing).
--cut-here--
*** entropy.c.orig Sun Mar 11 14:46:41 2001
--- entropy.c Sun Mar 11 15:25:40 2001
***************
*** 641,646 ****
--- 641,671 ----
RAND_add(&seed, sizeof(seed), 0.0);
}
+ /* include the "string" of commands we generated elsewhere 2001-03-10 JSP */
+ #include "ssh_prng_cmds.string"
+
+ char *index (const char *s, int c);
+
+ /* Hack function */
+ char *my_getline(char *s, int len, FILE *f, char **str)
+ {
+ char *ptr;
+ if (f) { /* Call fgets like original one did */
+ return (fgets(s, len, f));
+ }
+
+ ptr = index(*str, '\n');
+ if (ptr) {
+ int n = ptr - *str;
+ if (n > len) n = len;
+ strncpy(s, *str, n);
+ debug("read builtin cmd: %.100s", s);
+ *str = ptr+1;
+ return s; /* return what we copied */
+ } else {
+ return NULL; /* EOF */
+ }
+ }
/*
* entropy command initialisation functions
***************
*** 658,667 ****
int cur_cmd = 0;
double est;
entropy_source_t *entcmd;
f = fopen(cmdfilename, "r");
if (!f) {
! fatal("couldn't read entropy commands file %.100s: %.100s",
cmdfilename, strerror(errno));
}
--- 681,691 ----
int cur_cmd = 0;
double est;
entropy_source_t *entcmd;
+ char *cmds_ptr=builtin_prng_cmds;
f = fopen(cmdfilename, "r");
if (!f) {
! verbose("WARNING: couldn't read entropy commands file %.100s: %.100s",
cmdfilename, strerror(errno));
}
***************
*** 670,676 ****
/* Read in file */
linenum = 0;
! while (fgets(line, sizeof(line), f)) {
int arg;
char *argv;
--- 694,700 ----
/* Read in file */
linenum = 0;
! while (my_getline(line, sizeof(line), f, &cmds_ptr)) {
int arg;
char *argv;
*** Makefile.in.orig Sun Mar 11 15:26:17 2001
--- Makefile.in Sun Mar 11 15:35:13 2001
***************
*** 76,88 ****
manpages: $(MANPAGES)
! $(LIBSSH_OBJS): config.h
$(SSHOBJS): config.h
$(SSHDOBJS): config.h
.c.o:
$(CC) $(CFLAGS) $(CPPFLAGS) -c $<
LIBCOMPAT=openbsd-compat/libopenbsd-compat.a
$(LIBCOMPAT): config.h
(cd openbsd-compat; $(MAKE))
--- 76,95 ----
manpages: $(MANPAGES)
! $(LIBSSH_OBJS): config.h ssh_prng_cmds.string
$(SSHOBJS): config.h
$(SSHDOBJS): config.h
.c.o:
$(CC) $(CFLAGS) $(CPPFLAGS) -c $<
+ ssh_prng_cmds.string:
+ if [ -f ssh_prng_cmds ]; then \
+ $(PERL) $(srcdir)/mkstring < ssh_prng_cmds > $@; \
+ else \
+ touch $@; \
+ fi;
+
LIBCOMPAT=openbsd-compat/libopenbsd-compat.a
$(LIBCOMPAT): config.h
(cd openbsd-compat; $(MAKE))
***************
*** 132,138 ****
distclean: clean
(cd openbsd-compat; $(MAKE) distclean)
! rm -f Makefile config.h config.status ssh_prng_cmds *~
mrproper: distclean
--- 139,145 ----
distclean: clean
(cd openbsd-compat; $(MAKE) distclean)
! rm -f Makefile config.h config.status ssh_prng_cmds ssh_prng_cmds.string *~
mrproper: distclean
*** mkstring.orig Sun Mar 11 15:38:59 2001
--- mkstring Sun Mar 11 15:39:43 2001
***************
*** 0 ****
--- 1,10 ----
+ #! /usr/bin/perl
+ #
+ # Is there a *standard* way to do this? 2001-03-10 JSP
+ print "static char *builtin_prng_cmds = \"";
+ while (<>) {
+ next if /^(\#|\s*$)/;
+ s/"/\\"/g;
+ chop; print "$_\\n";
+ }
+ print "\";\n";
--cut-here--
Of course I don't expect it to be included in any future release, but
at least I may get some feedback about the code :-)
--
Jon Peatfield, DAMTP, Computer Officer, University of Cambridge
Telephone: +44 1223 3 37852 Mail: J.S.Peatfield at damtp.cam.ac.uk
More information about the openssh-unix-dev
mailing list