Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | | - |
11 | | - |
12 | | - |
13 | | - |
14 | | - |
15 | | - |
16 | | - |
17 | | - |
18 | | - |
19 | | - |
20 | | - |
21 | | - |
22 | | - |
23 | | - |
24 | | - |
25 | #include "includes.h" | - |
26 | | - |
27 | #ifdef WITH_OPENSSL | - |
28 | | - |
29 | #include <sys/types.h> | - |
30 | #include <sys/socket.h> | - |
31 | #ifdef HAVE_SYS_UN_H | - |
32 | # include <sys/un.h> | - |
33 | #endif | - |
34 | | - |
35 | #include <netinet/in.h> | - |
36 | #include <arpa/inet.h> | - |
37 | | - |
38 | #include <errno.h> | - |
39 | #include <signal.h> | - |
40 | #include <string.h> | - |
41 | #include <unistd.h> | - |
42 | #include <stddef.h> /* for offsetof */ | - |
43 | | - |
44 | #include <openssl/rand.h> | - |
45 | #include <openssl/crypto.h> | - |
46 | #include <openssl/err.h> | - |
47 | | - |
48 | #include "openbsd-compat/openssl-compat.h" | - |
49 | | - |
50 | #include "ssh.h" | - |
51 | #include "misc.h" | - |
52 | #include "xmalloc.h" | - |
53 | #include "atomicio.h" | - |
54 | #include "pathnames.h" | - |
55 | #include "log.h" | - |
56 | #include "sshbuf.h" | - |
57 | #include "ssherr.h" | - |
58 | | - |
59 | | - |
60 | | - |
61 | | - |
62 | | - |
63 | | - |
64 | | - |
65 | #ifndef OPENSSL_PRNG_ONLY | - |
66 | | - |
67 | #define RANDOM_SEED_SIZE 48 | - |
68 | | - |
69 | | - |
70 | | - |
71 | | - |
72 | | - |
73 | | - |
74 | | - |
75 | | - |
76 | | - |
77 | int | - |
78 | get_random_bytes_prngd(unsigned char *buf, int len, | - |
79 | unsigned short tcp_port, char *socket_path) | - |
80 | { | - |
81 | int fd, addr_len, rval, errors; | - |
82 | u_char msg[2]; | - |
83 | struct sockaddr_storage addr; | - |
84 | struct sockaddr_in *addr_in = (struct sockaddr_in *)&addr; | - |
85 | struct sockaddr_un *addr_un = (struct sockaddr_un *)&addr; | - |
86 | mysig_t old_sigpipe; | - |
87 | | - |
88 | | - |
89 | if (socket_path == NULL && tcp_port == 0) | - |
90 | fatal("You must specify a port or a socket"); | - |
91 | if (socket_path != NULL && | - |
92 | strlen(socket_path) >= sizeof(addr_un->sun_path)) | - |
93 | fatal("Random pool path is too long"); | - |
94 | if (len <= 0 || len > 255) | - |
95 | fatal("Too many bytes (%d) to read from PRNGD", len); | - |
96 | | - |
97 | memset(&addr, '\0', sizeof(addr)); | - |
98 | | - |
99 | if (tcp_port != 0) { | - |
100 | addr_in->sin_family = AF_INET; | - |
101 | addr_in->sin_addr.s_addr = htonl(INADDR_LOOPBACK); | - |
102 | addr_in->sin_port = htons(tcp_port); | - |
103 | addr_len = sizeof(*addr_in); | - |
104 | } else { | - |
105 | addr_un->sun_family = AF_UNIX; | - |
106 | strlcpy(addr_un->sun_path, socket_path, | - |
107 | sizeof(addr_un->sun_path)); | - |
108 | addr_len = offsetof(struct sockaddr_un, sun_path) + | - |
109 | strlen(socket_path) + 1; | - |
110 | } | - |
111 | | - |
112 | old_sigpipe = signal(SIGPIPE, SIG_IGN); | - |
113 | | - |
114 | errors = 0; | - |
115 | rval = -1; | - |
116 | reopen: | - |
117 | fd = socket(addr.ss_family, SOCK_STREAM, 0); | - |
118 | if (fd == -1) { | - |
119 | error("Couldn't create socket: %s", strerror(errno)); | - |
120 | goto done; | - |
121 | } | - |
122 | | - |
123 | if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) { | - |
124 | if (tcp_port != 0) { | - |
125 | error("Couldn't connect to PRNGD port %d: %s", | - |
126 | tcp_port, strerror(errno)); | - |
127 | } else { | - |
128 | error("Couldn't connect to PRNGD socket \"%s\": %s", | - |
129 | addr_un->sun_path, strerror(errno)); | - |
130 | } | - |
131 | goto done; | - |
132 | } | - |
133 | | - |
134 | | - |
135 | msg[0] = 0x02; | - |
136 | msg[1] = len; | - |
137 | | - |
138 | if (atomicio(vwrite, fd, msg, sizeof(msg)) != sizeof(msg)) { | - |
139 | if (errno == EPIPE && errors < 10) { | - |
140 | close(fd); | - |
141 | errors++; | - |
142 | goto reopen; | - |
143 | } | - |
144 | error("Couldn't write to PRNGD socket: %s", | - |
145 | strerror(errno)); | - |
146 | goto done; | - |
147 | } | - |
148 | | - |
149 | if (atomicio(read, fd, buf, len) != (size_t)len) { | - |
150 | if (errno == EPIPE && errors < 10) { | - |
151 | close(fd); | - |
152 | errors++; | - |
153 | goto reopen; | - |
154 | } | - |
155 | error("Couldn't read from PRNGD socket: %s", | - |
156 | strerror(errno)); | - |
157 | goto done; | - |
158 | } | - |
159 | | - |
160 | rval = 0; | - |
161 | done: | - |
162 | signal(SIGPIPE, old_sigpipe); | - |
163 | if (fd != -1) | - |
164 | close(fd); | - |
165 | return rval; | - |
166 | } | - |
167 | | - |
168 | static int | - |
169 | seed_from_prngd(unsigned char *buf, size_t bytes) | - |
170 | { | - |
171 | #ifdef PRNGD_PORT | - |
172 | debug("trying egd/prngd port %d", PRNGD_PORT); | - |
173 | if (get_random_bytes_prngd(buf, bytes, PRNGD_PORT, NULL) == 0) | - |
174 | return 0; | - |
175 | #endif | - |
176 | #ifdef PRNGD_SOCKET | - |
177 | debug("trying egd/prngd socket %s", PRNGD_SOCKET); | - |
178 | if (get_random_bytes_prngd(buf, bytes, 0, PRNGD_SOCKET) == 0) | - |
179 | return 0; | - |
180 | #endif | - |
181 | return -1; | - |
182 | } | - |
183 | | - |
184 | void | - |
185 | rexec_send_rng_seed(struct sshbuf *m) | - |
186 | { | - |
187 | u_char buf[RANDOM_SEED_SIZE]; | - |
188 | size_t len = sizeof(buf); | - |
189 | int r; | - |
190 | | - |
191 | if (RAND_bytes(buf, sizeof(buf)) <= 0) { | - |
192 | error("Couldn't obtain random bytes (error %ld)", | - |
193 | ERR_get_error()); | - |
194 | len = 0; | - |
195 | } | - |
196 | if ((r = sshbuf_put_string(m, buf, len)) != 0) | - |
197 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
198 | explicit_bzero(buf, sizeof(buf)); | - |
199 | } | - |
200 | | - |
201 | void | - |
202 | rexec_recv_rng_seed(struct sshbuf *m) | - |
203 | { | - |
204 | u_char *buf = NULL; | - |
205 | size_t len = 0; | - |
206 | int r; | - |
207 | | - |
208 | if ((r = sshbuf_get_string_direct(m, &buf, &len)) != 0 | - |
209 | fatal("%s: buffer error: %s", __func__, ssh_err(r)); | - |
210 | | - |
211 | debug3("rexec_recv_rng_seed: seeding rng with %u bytes", len); | - |
212 | RAND_add(buf, len, len); | - |
213 | } | - |
214 | #endif /* OPENSSL_PRNG_ONLY */ | - |
215 | | - |
216 | void | - |
217 | seed_rng(void) | - |
218 | { | - |
219 | #ifndef OPENSSL_PRNG_ONLY | - |
220 | unsigned char buf[RANDOM_SEED_SIZE]; | - |
221 | #endif | - |
222 | if (!ssh_compatible_openssl(OPENSSL_VERSION_NUMBER, SSLeay()))TRUE | never evaluated | FALSE | evaluated 30 times by 2 tests |
| 0-30 |
223 | fatal("OpenSSL version mismatch. Built against %lx, you " never executed: fatal("OpenSSL version mismatch. Built against %lx, you " "have %lx", (u_long) 0x100020cfL , SSLeay()); | 0 |
224 | "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); never executed: fatal("OpenSSL version mismatch. Built against %lx, you " "have %lx", (u_long) 0x100020cfL , SSLeay()); | 0 |
225 | | - |
226 | #ifndef OPENSSL_PRNG_ONLY | - |
227 | if (RAND_status() == 1) { | - |
228 | debug3("RNG is ready, skipping seeding"); | - |
229 | return; | - |
230 | } | - |
231 | | - |
232 | if (seed_from_prngd(buf, sizeof(buf)) == -1) | - |
233 | fatal("Could not obtain seed from PRNGd"); | - |
234 | RAND_add(buf, sizeof(buf), sizeof(buf)); | - |
235 | memset(buf, '\0', sizeof(buf)); | - |
236 | | - |
237 | #endif /* OPENSSL_PRNG_ONLY */ | - |
238 | if (RAND_status() != 1)TRUE | never evaluated | FALSE | evaluated 30 times by 2 tests |
| 0-30 |
239 | fatal("PRNG is not seeded"); never executed: fatal("PRNG is not seeded"); | 0 |
240 | }executed 30 times by 2 tests: end of block | 30 |
241 | | - |
242 | #else /* WITH_OPENSSL */ | - |
243 | | - |
244 | | - |
245 | void | - |
246 | seed_rng(void) | - |
247 | { | - |
248 | } | - |
249 | | - |
250 | #endif /* WITH_OPENSSL */ | - |
| | |