OpenSSH 3.1: ssh-rand-helper

[Andreas Schott]

Dear openssh-developers,

the new external program ssh-rand-helper appeared in
OpenSSH 3.1. While the SFTP_SERVER is defined using
a _PATH_SFTP_SERVER pointing to SFTP_SERVER in Makefile.in
and defining a default-path in pathnames.h the ssh-rand-helper
is simply SSH_RAND_HELPER and defined with a fixed path
in Makefile.in and not having a default in pathnames.h.

I propose a handling analogous to the sftp-server binary.

*** Makefile.in.orig	Tue Feb 26 20:24:22 2002
--- Makefile.in	Tue Mar 12 12:42:05 2002
***************
*** 18,23 ****
--- 18,24 ----
  SSH_PROGRAM=@bindir@/ssh
  ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
  SFTP_SERVER=$(libexecdir)/sftp-server
+ SSH_RAND_HELPER=$(libexecdir)/ssh-rand-helper
  
  PATHS= -DSSHDIR=\"$(sysconfdir)\" \
  	-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
***************
*** 24,30 ****
  	-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
  	-D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
  	-D_PATH_SSH_PIDDIR=\"$(piddir)\" \
! 	-DSSH_RAND_HELPER=\"$(libexecdir)/ssh-rand-helper\"
  
  CC=@CC@
  LD=@LD@
--- 25,31 ----
  	-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
  	-D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
  	-D_PATH_SSH_PIDDIR=\"$(piddir)\" \
! 	-D_PATH_SSH_RAND_HELPER=\"$(SSH_RAND_HELPER)\"
  
  CC=@CC@
  LD=@LD@
*** entropy.c.orig	Tue Jan 22 11:57:54 2002
--- entropy.c	Tue Mar 12 12:48:26 2002
***************
*** 67,73 ****
  		return;
  	}
  
! 	debug3("Seeing PRNG from %s", SSH_RAND_HELPER);
  
  	if ((devnull = open("/dev/null", O_RDWR)) == -1)
  		fatal("Couldn't open /dev/null: %s", strerror(errno));
--- 67,73 ----
  		return;
  	}
  
! 	debug3("Seeing PRNG from %s", _PATH_SSH_RAND_HELPER);
  
  	if ((devnull = open("/dev/null", O_RDWR)) == -1)
  		fatal("Couldn't open /dev/null: %s", strerror(errno));
***************
*** 91,99 ****
  			_exit(1);
  		}
  		
! 		execl(SSH_RAND_HELPER, "ssh-rand-helper", NULL);
  		fprintf(stderr, "(rand child) Couldn't exec '%s': %s\n", 
! 		    SSH_RAND_HELPER, strerror(errno));
  		_exit(1);
  	}
  
--- 91,99 ----
  			_exit(1);
  		}
  		
! 		execl(_PATH_SSH_RAND_HELPER, "ssh-rand-helper", NULL);
  		fprintf(stderr, "(rand child) Couldn't exec '%s': %s\n", 
! 		    _PATH_SSH_RAND_HELPER, strerror(errno));
  		_exit(1);
  	}
  
*** pathnames.h.orig	Sun Feb 10 08:32:29 2002
--- pathnames.h	Tue Mar 12 12:47:44 2002
***************
*** 139,144 ****
--- 139,148 ----
  #ifndef _PATH_SFTP_SERVER
  #define _PATH_SFTP_SERVER		"/usr/libexec/sftp-server"
  #endif
+ /* for ssh-rand-helper */
+ #ifndef _PATH_SSH_RAND_HELPER
+ #define _PATH_SSH_RAND_HELPER		"/usr/libexec/ssh-rand-helper"
+ #endif
  #ifndef _PATH_LS
  #define _PATH_LS			"ls"
  #endif


BTW, there seems to be a strange problem with starting sshd from a
watchdog-script started from inittab. I always got a

ssh-rand-helper child produced insufficient data

This dissappeared, when I redirected stdout and stderr of the
startup-script into a file. This was a quite unexpected behaviour.

With kind regards,
Andreas Schott.
----------------------------------------------------------------
http://www.rzg.mpg.de/~ays           |  :-O   Wissen ist Macht!
email: schott at rzg.mpg.de             |  8-(   Ich weiß nichts.
phone/fax: +49 89 3299-2180/1301     |  ;->   Macht auch nichts.