diff --git a/ChangeLog b/ChangeLog index 9c14c6aea..2716b7de6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,8 @@ 20050216 - (djm) write seed to temporary file and atomically rename into place; ok dtucker@ + - (dtucker) [ssh-rand-helper.c] Provide seed_rng since it may be called + via mkstemp in some configurations. ok djm@ 20050215 - (dtucker) [config.sh.in] Collect oslevel -r too. @@ -2135,4 +2137,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3654 2005/02/16 02:02:45 djm Exp $ +$Id: ChangeLog,v 1.3655 2005/02/16 02:20:07 dtucker Exp $ diff --git a/ssh-rand-helper.c b/ssh-rand-helper.c index 6412d44e2..4da62a724 100644 --- a/ssh-rand-helper.c +++ b/ssh-rand-helper.c @@ -39,7 +39,7 @@ #include "pathnames.h" #include "log.h" -RCSID("$Id: ssh-rand-helper.c,v 1.21 2005/02/16 02:02:45 djm Exp $"); +RCSID("$Id: ssh-rand-helper.c,v 1.22 2005/02/16 02:20:07 dtucker Exp $"); /* Number of bytes we write out */ #define OUTPUT_SEED_SIZE 48 @@ -888,3 +888,15 @@ main(int argc, char **argv) return ret == bytes ? 0 : 1; } + +/* + * We may attempt to re-seed during mkstemp if we are using the one in the + * compat library (via mkstemp -> arc4random -> seed_rng) so we need + * our own seed_rng(). We must also check that we have enough entropy. + */ +void +seed_rng(void) +{ + if (!RAND_status()) + fatal("Not enough entropy in RNG"); +}