diff options
| author | deraadt <> | 2000-02-24 20:09:59 +0000 |
|---|---|---|
| committer | deraadt <> | 2000-02-24 20:09:59 +0000 |
| commit | cabbb4908741a4504b0a41b0e90f0cfccf0a1e81 (patch) | |
| tree | 9a95f70c81e5f5df89b038ead269bcf1d624193e | |
| parent | c14c8afa7ab3b69a55a667bcf7d5350e039d72f0 (diff) | |
| download | openbsd-cabbb4908741a4504b0a41b0e90f0cfccf0a1e81.tar.gz openbsd-cabbb4908741a4504b0a41b0e90f0cfccf0a1e81.tar.bz2 openbsd-cabbb4908741a4504b0a41b0e90f0cfccf0a1e81.zip | |
fread() of /dev/random reads an entire huge stdio buffer, instead of the 32
bytes that we actually need, thus wasting a lot of system entropy. found by
alecm@coyote.uk.sun.com, passed on by Pete.Zaytsev@EBay.Sun.COM
| -rw-r--r-- | src/lib/libcrypto/rand/md_rand.c | 14 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/rand/md_rand.c | 14 |
2 files changed, 18 insertions, 10 deletions
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c index 6bd1960e1d..c9a071bd22 100644 --- a/src/lib/libcrypto/rand/md_rand.c +++ b/src/lib/libcrypto/rand/md_rand.c | |||
| @@ -58,6 +58,7 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <sys/types.h> | 60 | #include <sys/types.h> |
| 61 | #include <fcntl.h> | ||
| 61 | #include <time.h> | 62 | #include <time.h> |
| 62 | #include <string.h> | 63 | #include <string.h> |
| 63 | 64 | ||
| @@ -226,7 +227,7 @@ static void ssleay_rand_bytes(unsigned char *buf, int num) | |||
| 226 | static int init=1; | 227 | static int init=1; |
| 227 | unsigned long l; | 228 | unsigned long l; |
| 228 | #ifdef DEVRANDOM | 229 | #ifdef DEVRANDOM |
| 229 | FILE *fh; | 230 | int fd; |
| 230 | #endif | 231 | #endif |
| 231 | 232 | ||
| 232 | #ifdef PREDICT | 233 | #ifdef PREDICT |
| @@ -259,20 +260,23 @@ static void ssleay_rand_bytes(unsigned char *buf, int num) | |||
| 259 | /* #ifdef DEVRANDOM */ | 260 | /* #ifdef DEVRANDOM */ |
| 260 | /* | 261 | /* |
| 261 | * Use a random entropy pool device. | 262 | * Use a random entropy pool device. |
| 262 | * Linux 1.3.x and FreeBSD-Current has | 263 | * Linux 1.3.x, OpenBSD, and FreeBSD have |
| 263 | * this. Use /dev/urandom if you can | 264 | * this. Use /dev/urandom if you can |
| 264 | * as /dev/random will block if it runs out | 265 | * as /dev/random will block if it runs out |
| 265 | * of random entries. | 266 | * of random entries. |
| 266 | */ | 267 | */ |
| 267 | if ((fh = fopen(DEVRANDOM, "r")) != NULL) | 268 | if ((fd = open(DEVRANDOM, O_RDONLY)) != NULL) |
| 268 | { | 269 | { |
| 269 | unsigned char tmpbuf[32]; | 270 | unsigned char tmpbuf[32]; |
| 270 | 271 | ||
| 271 | fread((unsigned char *)tmpbuf,1,32,fh); | 272 | read(fd, tmpbuf, sizeof(tmpbuf)); |
| 272 | /* we don't care how many bytes we read, | 273 | /* we don't care how many bytes we read, |
| 273 | * we will just copy the 'stack' if there is | 274 | * we will just copy the 'stack' if there is |
| 274 | * nothing else :-) */ | 275 | * nothing else :-) */ |
| 275 | fclose(fh); | 276 | /* the above comment is EVIL. Security software |
| 277 | * RELIES ON THESE PRIMITIVES HAVING MORE SECURE | ||
| 278 | * BEHAVIOUR! Secure entropy is required in | ||
| 279 | * many cases! */ | ||
| 276 | RAND_seed(tmpbuf,32); | 280 | RAND_seed(tmpbuf,32); |
| 277 | memset(tmpbuf,0,32); | 281 | memset(tmpbuf,0,32); |
| 278 | } | 282 | } |
diff --git a/src/lib/libssl/src/crypto/rand/md_rand.c b/src/lib/libssl/src/crypto/rand/md_rand.c index 6bd1960e1d..c9a071bd22 100644 --- a/src/lib/libssl/src/crypto/rand/md_rand.c +++ b/src/lib/libssl/src/crypto/rand/md_rand.c | |||
| @@ -58,6 +58,7 @@ | |||
| 58 | 58 | ||
| 59 | #include <stdio.h> | 59 | #include <stdio.h> |
| 60 | #include <sys/types.h> | 60 | #include <sys/types.h> |
| 61 | #include <fcntl.h> | ||
| 61 | #include <time.h> | 62 | #include <time.h> |
| 62 | #include <string.h> | 63 | #include <string.h> |
| 63 | 64 | ||
| @@ -226,7 +227,7 @@ static void ssleay_rand_bytes(unsigned char *buf, int num) | |||
| 226 | static int init=1; | 227 | static int init=1; |
| 227 | unsigned long l; | 228 | unsigned long l; |
| 228 | #ifdef DEVRANDOM | 229 | #ifdef DEVRANDOM |
| 229 | FILE *fh; | 230 | int fd; |
| 230 | #endif | 231 | #endif |
| 231 | 232 | ||
| 232 | #ifdef PREDICT | 233 | #ifdef PREDICT |
| @@ -259,20 +260,23 @@ static void ssleay_rand_bytes(unsigned char *buf, int num) | |||
| 259 | /* #ifdef DEVRANDOM */ | 260 | /* #ifdef DEVRANDOM */ |
| 260 | /* | 261 | /* |
| 261 | * Use a random entropy pool device. | 262 | * Use a random entropy pool device. |
| 262 | * Linux 1.3.x and FreeBSD-Current has | 263 | * Linux 1.3.x, OpenBSD, and FreeBSD have |
| 263 | * this. Use /dev/urandom if you can | 264 | * this. Use /dev/urandom if you can |
| 264 | * as /dev/random will block if it runs out | 265 | * as /dev/random will block if it runs out |
| 265 | * of random entries. | 266 | * of random entries. |
| 266 | */ | 267 | */ |
| 267 | if ((fh = fopen(DEVRANDOM, "r")) != NULL) | 268 | if ((fd = open(DEVRANDOM, O_RDONLY)) != NULL) |
| 268 | { | 269 | { |
| 269 | unsigned char tmpbuf[32]; | 270 | unsigned char tmpbuf[32]; |
| 270 | 271 | ||
| 271 | fread((unsigned char *)tmpbuf,1,32,fh); | 272 | read(fd, tmpbuf, sizeof(tmpbuf)); |
| 272 | /* we don't care how many bytes we read, | 273 | /* we don't care how many bytes we read, |
| 273 | * we will just copy the 'stack' if there is | 274 | * we will just copy the 'stack' if there is |
| 274 | * nothing else :-) */ | 275 | * nothing else :-) */ |
| 275 | fclose(fh); | 276 | /* the above comment is EVIL. Security software |
| 277 | * RELIES ON THESE PRIMITIVES HAVING MORE SECURE | ||
| 278 | * BEHAVIOUR! Secure entropy is required in | ||
| 279 | * many cases! */ | ||
| 276 | RAND_seed(tmpbuf,32); | 280 | RAND_seed(tmpbuf,32); |
| 277 | memset(tmpbuf,0,32); | 281 | memset(tmpbuf,0,32); |
| 278 | } | 282 | } |