mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-11 12:44:40 +00:00
b8fe89c4d9
[canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c] [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c] [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c] [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c] [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c] [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c] [openbsd-compat/mktemp.c openbsd-compat/port-linux.c] [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c] [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c] make the portable tree compile again - sprinkle unistd.h and string.h back in. Don't redefine __unused, as it turned out to be used in headers on Linux, and replace its use in auth-pam.c with ARGSUSED
83 lines
2.0 KiB
C
83 lines
2.0 KiB
C
/*
|
|
* Copyright (c) 1999,2000,2004 Damien Miller <djm@mindrot.org>
|
|
*
|
|
* Permission to use, copy, modify, and distribute this software for any
|
|
* purpose with or without fee is hereby granted, provided that the above
|
|
* copyright notice and this permission notice appear in all copies.
|
|
*
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
*/
|
|
|
|
#include "includes.h"
|
|
|
|
#include <sys/types.h>
|
|
#include <string.h>
|
|
|
|
#include "log.h"
|
|
|
|
#ifndef HAVE_ARC4RANDOM
|
|
|
|
#include <openssl/rand.h>
|
|
#include <openssl/rc4.h>
|
|
#include <openssl/err.h>
|
|
|
|
/* Size of key to use */
|
|
#define SEED_SIZE 20
|
|
|
|
/* Number of bytes to reseed after */
|
|
#define REKEY_BYTES (1 << 24)
|
|
|
|
static int rc4_ready = 0;
|
|
static RC4_KEY rc4;
|
|
|
|
unsigned int
|
|
arc4random(void)
|
|
{
|
|
unsigned int r = 0;
|
|
static int first_time = 1;
|
|
|
|
if (rc4_ready <= 0) {
|
|
if (first_time)
|
|
seed_rng();
|
|
first_time = 0;
|
|
arc4random_stir();
|
|
}
|
|
|
|
RC4(&rc4, sizeof(r), (unsigned char *)&r, (unsigned char *)&r);
|
|
|
|
rc4_ready -= sizeof(r);
|
|
|
|
return(r);
|
|
}
|
|
|
|
void
|
|
arc4random_stir(void)
|
|
{
|
|
unsigned char rand_buf[SEED_SIZE];
|
|
int i;
|
|
|
|
memset(&rc4, 0, sizeof(rc4));
|
|
if (RAND_bytes(rand_buf, sizeof(rand_buf)) <= 0)
|
|
fatal("Couldn't obtain random bytes (error %ld)",
|
|
ERR_get_error());
|
|
RC4_set_key(&rc4, sizeof(rand_buf), rand_buf);
|
|
|
|
/*
|
|
* Discard early keystream, as per recommendations in:
|
|
* http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
|
|
*/
|
|
for(i = 0; i <= 256; i += sizeof(rand_buf))
|
|
RC4(&rc4, sizeof(rand_buf), rand_buf, rand_buf);
|
|
|
|
memset(rand_buf, 0, sizeof(rand_buf));
|
|
|
|
rc4_ready = REKEY_BYTES;
|
|
}
|
|
#endif /* !HAVE_ARC4RANDOM */
|