entropy.c

Jenkins

entropy.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssh/src/entropy.c

Line

Source

Count

* Redistribution and use in source and binary forms, with or without

* modification, are permitted provided that the following conditions

* are met:

* 1. Redistributions of source code must retain the above copyright

* notice, this list of conditions and the following disclaimer.

* 2. Redistributions in binary form must reproduce the above copyright

* notice, this list of conditions and the following disclaimer in the

* documentation and/or other materials provided with the distribution.

* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR

* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.

* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,

* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,

* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY

* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF

* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

#include "includes.h"

#ifdef WITH_OPENSSL

#include <sys/types.h>

#include <sys/socket.h>

#ifdef HAVE_SYS_UN_H

# include <sys/un.h>

#endif

#include <netinet/in.h>

#include <arpa/inet.h>

#include <errno.h>

#include <signal.h>

#include <string.h>

#include <unistd.h>

#include <stddef.h> /* for offsetof */

#include <openssl/rand.h>

#include <openssl/crypto.h>

#include <openssl/err.h>

#include "openbsd-compat/openssl-compat.h"

#include "ssh.h"

#include "misc.h"

#include "xmalloc.h"

#include "atomicio.h"

#include "pathnames.h"

#include "log.h"

#include "sshbuf.h"

#include "ssherr.h"

* Portable OpenSSH PRNG seeding:

* If OpenSSL has not "internally seeded" itself (e.g. pulled data from

* /dev/random), then collect RANDOM_SEED_SIZE bytes of randomness from

* PRNGd.

#ifndef OPENSSL_PRNG_ONLY

#define RANDOM_SEED_SIZE 48

* Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon

* listening either on 'tcp_port', or via Unix domain socket at *

* 'socket_path'.

* Either a non-zero tcp_port or a non-null socket_path must be

* supplied.

* Returns 0 on success, -1 on error

int

get_random_bytes_prngd(unsigned char *buf, int len,

unsigned short tcp_port, char *socket_path)

{

int fd, addr_len, rval, errors;

u_char msg[2];

struct sockaddr_storage addr;

struct sockaddr_in *addr_in = (struct sockaddr_in *)&addr;

struct sockaddr_un *addr_un = (struct sockaddr_un *)&addr;

mysig_t old_sigpipe;

/* Sanity checks */

if (socket_path == NULL && tcp_port == 0)

fatal("You must specify a port or a socket");

if (socket_path != NULL &&

strlen(socket_path) >= sizeof(addr_un->sun_path))

fatal("Random pool path is too long");

if (len <= 0 || len > 255)

fatal("Too many bytes (%d) to read from PRNGD", len);

memset(&addr, '\0', sizeof(addr));

if (tcp_port != 0) {

100

addr_in->sin_family = AF_INET;

101

addr_in->sin_addr.s_addr = htonl(INADDR_LOOPBACK);

102

addr_in->sin_port = htons(tcp_port);

103

addr_len = sizeof(*addr_in);

104

} else {

105

addr_un->sun_family = AF_UNIX;

106

strlcpy(addr_un->sun_path, socket_path,

107

sizeof(addr_un->sun_path));

108

addr_len = offsetof(struct sockaddr_un, sun_path) +

109

strlen(socket_path) + 1;

110

}

111

112

old_sigpipe = signal(SIGPIPE, SIG_IGN);

errors = 0;

rval = -1;

reopen:

fd = socket(addr.ss_family, SOCK_STREAM, 0);

118

if (fd == -1) {

119

error("Couldn't create socket: %s", strerror(errno));

goto done;

}

if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) {

124

if (tcp_port != 0) {

125

error("Couldn't connect to PRNGD port %d: %s",

126

tcp_port, strerror(errno));

127

} else {

128

error("Couldn't connect to PRNGD socket \"%s\": %s",

129

addr_un->sun_path, strerror(errno));

}

goto done;

}

/* Send blocking read request to PRNGD */

msg[0] = 0x02;

msg[1] = len;

if (atomicio(vwrite, fd, msg, sizeof(msg)) != sizeof(msg)) {

139

if (errno == EPIPE && errors < 10) {

close(fd);

errors++;

goto reopen;

}

error("Couldn't write to PRNGD socket: %s",

strerror(errno));

goto done;

}

if (atomicio(read, fd, buf, len) != (size_t)len) {

150

if (errno == EPIPE && errors < 10) {

close(fd);

errors++;

goto reopen;

}

error("Couldn't read from PRNGD socket: %s",

strerror(errno));

goto done;

}

rval = 0;

done:

signal(SIGPIPE, old_sigpipe);

if (fd != -1)

close(fd);

return rval;

}

static int

seed_from_prngd(unsigned char *buf, size_t bytes)

170

{

171

#ifdef PRNGD_PORT

172

debug("trying egd/prngd port %d", PRNGD_PORT);

173

if (get_random_bytes_prngd(buf, bytes, PRNGD_PORT, NULL) == 0)

return 0;

#endif

#ifdef PRNGD_SOCKET

debug("trying egd/prngd socket %s", PRNGD_SOCKET);

178

if (get_random_bytes_prngd(buf, bytes, 0, PRNGD_SOCKET) == 0)

return 0;

#endif

return -1;

}

void

rexec_send_rng_seed(struct sshbuf *m)

186

{

187

u_char buf[RANDOM_SEED_SIZE];

188

size_t len = sizeof(buf);

189

int r;

190

191

if (RAND_bytes(buf, sizeof(buf)) <= 0) {

192

error("Couldn't obtain random bytes (error %ld)",

ERR_get_error());

len = 0;

}

if ((r = sshbuf_put_string(m, buf, len)) != 0)

197

fatal("%s: buffer error: %s", __func__, ssh_err(r));

198

explicit_bzero(buf, sizeof(buf));

}

void

rexec_recv_rng_seed(struct sshbuf *m)

{

u_char *buf = NULL;

size_t len = 0;

int r;

if ((r = sshbuf_get_string_direct(m, &buf, &len)) != 0

209

fatal("%s: buffer error: %s", __func__, ssh_err(r));

210

211

debug3("rexec_recv_rng_seed: seeding rng with %u bytes", len);

212

RAND_add(buf, len, len);

213

}

214

#endif /* OPENSSL_PRNG_ONLY */

void

seed_rng(void)

{

#ifndef OPENSSL_PRNG_ONLY

220

unsigned char buf[RANDOM_SEED_SIZE];

221

#endif

222

if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, SSLeay()))

!ssh_compatibl...fL , SSLeay())	Description
TRUE	never evaluated
FALSE	evaluated 30 times by 2 tests Evaluated by: ssh-keygen sshd

0-30

223

fatal("OpenSSL version mismatch. Built against %lx, you "

never executed: fatal("OpenSSL version mismatch. Built against %lx, you " "have %lx", (u_long) 0x100020cfL , SSLeay());

224

"have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay());

never executed: fatal("OpenSSL version mismatch. Built against %lx, you " "have %lx", (u_long) 0x100020cfL , SSLeay());

225

226

#ifndef OPENSSL_PRNG_ONLY

227

if (RAND_status() == 1) {

228

debug3("RNG is ready, skipping seeding");

return;

}

if (seed_from_prngd(buf, sizeof(buf)) == -1)

233

fatal("Could not obtain seed from PRNGd");

234

RAND_add(buf, sizeof(buf), sizeof(buf));

235

memset(buf, '\0', sizeof(buf));

236

237

#endif /* OPENSSL_PRNG_ONLY */

238

if (RAND_status() != 1)

RAND_status() != 1	Description
TRUE	never evaluated
FALSE	evaluated 30 times by 2 tests Evaluated by: ssh-keygen sshd

0-30

239

fatal("PRNG is not seeded");

never executed: fatal("PRNG is not seeded");

240

}

executed 30 times by 2 tests: end of block

Executed by:

ssh-keygen
sshd

241

242

#else /* WITH_OPENSSL */

243

244

/* Handled in arc4random() */

void

seed_rng(void)

{

}

#endif /* WITH_OPENSSL */

Generated by Squish Coco 4.2.2