diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-12-11 20:12:12 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-12-11 20:12:12 +0000 |
commit | 267f7c5a9a354b8959607c7bc031906c02b61be4 (patch) | |
tree | 41e681d2f37f3530fd52324767ba40bf0cd22da5 /src/util/crypto_random.c | |
parent | f2c269445edae0699527161c3dbd03e8888d1866 (diff) | |
download | gnunet-267f7c5a9a354b8959607c7bc031906c02b61be4.tar.gz gnunet-267f7c5a9a354b8959607c7bc031906c02b61be4.zip |
-remove find() forking, we pretty much should not need this anymore, and it confused users in the past
Diffstat (limited to 'src/util/crypto_random.c')
-rw-r--r-- | src/util/crypto_random.c | 95 |
1 files changed, 10 insertions, 85 deletions
diff --git a/src/util/crypto_random.c b/src/util/crypto_random.c index 57f922eaa..6840445d1 100644 --- a/src/util/crypto_random.c +++ b/src/util/crypto_random.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* | 1 | /* |
2 | This file is part of GNUnet. | 2 | This file is part of GNUnet. |
3 | (C) 2001, 2002, 2003, 2004, 2005, 2006, 2012 Christian Grothoff (and other contributing authors) | 3 | (C) 2001-2013 Christian Grothoff (and other contributing authors) |
4 | 4 | ||
5 | GNUnet is free software; you can redistribute it and/or modify | 5 | GNUnet is free software; you can redistribute it and/or modify |
6 | it under the terms of the GNU General Public License as published | 6 | it under the terms of the GNU General Public License as published |
@@ -95,6 +95,7 @@ GNUNET_CRYPTO_seed_weak_random (int32_t seed) | |||
95 | SRANDOM (seed); | 95 | SRANDOM (seed); |
96 | } | 96 | } |
97 | 97 | ||
98 | |||
98 | /** | 99 | /** |
99 | * @ingroup crypto | 100 | * @ingroup crypto |
100 | * Fill block with a random values. | 101 | * Fill block with a random values. |
@@ -220,6 +221,7 @@ GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, unsigned int n) | |||
220 | return ret; | 221 | return ret; |
221 | } | 222 | } |
222 | 223 | ||
224 | |||
223 | /** | 225 | /** |
224 | * Random on unsigned 64-bit values. | 226 | * Random on unsigned 64-bit values. |
225 | * | 227 | * |
@@ -267,77 +269,6 @@ GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max) | |||
267 | } | 269 | } |
268 | 270 | ||
269 | 271 | ||
270 | /** | ||
271 | * Process ID of the "find" process that we use for | ||
272 | * entropy gathering. | ||
273 | */ | ||
274 | static struct GNUNET_OS_Process *genproc; | ||
275 | |||
276 | |||
277 | /** | ||
278 | * Function called by libgcrypt whenever we are | ||
279 | * blocked gathering entropy. | ||
280 | */ | ||
281 | static void | ||
282 | entropy_generator (void *cls, const char *what, int printchar, int current, | ||
283 | int total) | ||
284 | { | ||
285 | unsigned long code; | ||
286 | enum GNUNET_OS_ProcessStatusType type; | ||
287 | int ret; | ||
288 | |||
289 | if (0 != strcmp (what, "need_entropy")) | ||
290 | return; | ||
291 | if (current == total) | ||
292 | { | ||
293 | if (genproc != NULL) | ||
294 | { | ||
295 | if (0 != GNUNET_OS_process_kill (genproc, SIGKILL)) | ||
296 | LOG_STRERROR (GNUNET_ERROR_TYPE_ERROR, "kill"); | ||
297 | GNUNET_break (GNUNET_OK == GNUNET_OS_process_wait (genproc)); | ||
298 | GNUNET_OS_process_destroy (genproc); | ||
299 | genproc = NULL; | ||
300 | } | ||
301 | return; | ||
302 | } | ||
303 | if (genproc != NULL) | ||
304 | { | ||
305 | ret = GNUNET_OS_process_status (genproc, &type, &code); | ||
306 | if (ret == GNUNET_NO) | ||
307 | return; /* still running */ | ||
308 | if (ret == GNUNET_SYSERR) | ||
309 | { | ||
310 | GNUNET_break (0); | ||
311 | return; | ||
312 | } | ||
313 | if (0 != GNUNET_OS_process_kill (genproc, SIGKILL)) | ||
314 | LOG_STRERROR (GNUNET_ERROR_TYPE_ERROR, "kill"); | ||
315 | GNUNET_break (GNUNET_OK == GNUNET_OS_process_wait (genproc)); | ||
316 | GNUNET_OS_process_destroy (genproc); | ||
317 | genproc = NULL; | ||
318 | } | ||
319 | LOG (GNUNET_ERROR_TYPE_INFO, _("Starting `%s' process to generate entropy\n"), | ||
320 | "find"); | ||
321 | genproc = | ||
322 | GNUNET_OS_start_process (GNUNET_NO, 0, | ||
323 | NULL, NULL, "sh", "sh", "-c", | ||
324 | "exec find / -mount -type f -exec cp {} /dev/null \\; 2>/dev/null", | ||
325 | NULL); | ||
326 | } | ||
327 | |||
328 | |||
329 | static void | ||
330 | killfind () | ||
331 | { | ||
332 | if (genproc != NULL) | ||
333 | { | ||
334 | GNUNET_OS_process_kill (genproc, SIGKILL); | ||
335 | GNUNET_OS_process_destroy (genproc); | ||
336 | genproc = NULL; | ||
337 | } | ||
338 | } | ||
339 | |||
340 | |||
341 | void __attribute__ ((constructor)) | 272 | void __attribute__ ((constructor)) |
342 | GNUNET_CRYPTO_random_init () | 273 | GNUNET_CRYPTO_random_init () |
343 | { | 274 | { |
@@ -346,28 +277,24 @@ GNUNET_CRYPTO_random_init () | |||
346 | if (! gcry_check_version (NEED_LIBGCRYPT_VERSION)) | 277 | if (! gcry_check_version (NEED_LIBGCRYPT_VERSION)) |
347 | { | 278 | { |
348 | FPRINTF (stderr, | 279 | FPRINTF (stderr, |
349 | _ | 280 | _("libgcrypt has not the expected version (version %s is required).\n"), |
350 | ("libgcrypt has not the expected version (version %s is required).\n"), | ||
351 | NEED_LIBGCRYPT_VERSION); | 281 | NEED_LIBGCRYPT_VERSION); |
352 | GNUNET_abort (); | 282 | GNUNET_abort (); |
353 | } | 283 | } |
354 | if ((rc = gcry_control (GCRYCTL_DISABLE_SECMEM, 0))) | 284 | if ((rc = gcry_control (GCRYCTL_DISABLE_SECMEM, 0))) |
355 | FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n", "DISABLE_SECMEM", | 285 | FPRINTF (stderr, |
286 | "Failed to set libgcrypt option %s: %s\n", | ||
287 | "DISABLE_SECMEM", | ||
356 | gcry_strerror (rc)); | 288 | gcry_strerror (rc)); |
357 | /* we only generate ephemeral keys in-process; for those, | 289 | /* we only generate ephemeral keys in-process; for those, |
358 | we are fine with "just" using GCRY_STRONG_RANDOM */ | 290 | we are fine with "just" using GCRY_STRONG_RANDOM */ |
359 | if ((rc = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0))) | 291 | if ((rc = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0))) |
360 | FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n", "ENABLE_QUICK_RANDOM", | 292 | FPRINTF (stderr, |
293 | "Failed to set libgcrypt option %s: %s\n", | ||
294 | "ENABLE_QUICK_RANDOM", | ||
361 | gcry_strerror (rc)); | 295 | gcry_strerror (rc)); |
362 | |||
363 | #ifdef GCRYCTL_INITIALIZATION_FINISHED | ||
364 | gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); | 296 | gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); |
365 | #endif | ||
366 | #ifdef gcry_fast_random_poll | ||
367 | gcry_fast_random_poll (); | 297 | gcry_fast_random_poll (); |
368 | #endif | ||
369 | gcry_set_progress_handler (&entropy_generator, NULL); | ||
370 | atexit (&killfind); | ||
371 | GNUNET_CRYPTO_seed_weak_random (time (NULL) ^ | 298 | GNUNET_CRYPTO_seed_weak_random (time (NULL) ^ |
372 | GNUNET_CRYPTO_random_u32 | 299 | GNUNET_CRYPTO_random_u32 |
373 | (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX)); | 300 | (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX)); |
@@ -378,9 +305,7 @@ void __attribute__ ((destructor)) | |||
378 | GNUNET_CRYPTO_random_fini () | 305 | GNUNET_CRYPTO_random_fini () |
379 | { | 306 | { |
380 | gcry_set_progress_handler (NULL, NULL); | 307 | gcry_set_progress_handler (NULL, NULL); |
381 | #ifdef GCRYCTL_CLOSE_RANDOM_DEVICE | ||
382 | (void) gcry_control (GCRYCTL_CLOSE_RANDOM_DEVICE, 0); | 308 | (void) gcry_control (GCRYCTL_CLOSE_RANDOM_DEVICE, 0); |
383 | #endif | ||
384 | } | 309 | } |
385 | 310 | ||
386 | 311 | ||