aboutsummaryrefslogtreecommitdiff
path: root/src/util/crypto_random.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2013-12-11 20:12:12 +0000
committerChristian Grothoff <christian@grothoff.org>2013-12-11 20:12:12 +0000
commit267f7c5a9a354b8959607c7bc031906c02b61be4 (patch)
tree41e681d2f37f3530fd52324767ba40bf0cd22da5 /src/util/crypto_random.c
parentf2c269445edae0699527161c3dbd03e8888d1866 (diff)
downloadgnunet-267f7c5a9a354b8959607c7bc031906c02b61be4.tar.gz
gnunet-267f7c5a9a354b8959607c7bc031906c02b61be4.zip
-remove find() forking, we pretty much should not need this anymore, and it confused users in the past
Diffstat (limited to 'src/util/crypto_random.c')
-rw-r--r--src/util/crypto_random.c95
1 files changed, 10 insertions, 85 deletions
diff --git a/src/util/crypto_random.c b/src/util/crypto_random.c
index 57f922eaa..6840445d1 100644
--- a/src/util/crypto_random.c
+++ b/src/util/crypto_random.c
@@ -1,6 +1,6 @@
1/* 1/*
2 This file is part of GNUnet. 2 This file is part of GNUnet.
3 (C) 2001, 2002, 2003, 2004, 2005, 2006, 2012 Christian Grothoff (and other contributing authors) 3 (C) 2001-2013 Christian Grothoff (and other contributing authors)
4 4
5 GNUnet is free software; you can redistribute it and/or modify 5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published 6 it under the terms of the GNU General Public License as published
@@ -95,6 +95,7 @@ GNUNET_CRYPTO_seed_weak_random (int32_t seed)
95 SRANDOM (seed); 95 SRANDOM (seed);
96} 96}
97 97
98
98/** 99/**
99 * @ingroup crypto 100 * @ingroup crypto
100 * Fill block with a random values. 101 * Fill block with a random values.
@@ -220,6 +221,7 @@ GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, unsigned int n)
220 return ret; 221 return ret;
221} 222}
222 223
224
223/** 225/**
224 * Random on unsigned 64-bit values. 226 * Random on unsigned 64-bit values.
225 * 227 *
@@ -267,77 +269,6 @@ GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max)
267} 269}
268 270
269 271
270/**
271 * Process ID of the "find" process that we use for
272 * entropy gathering.
273 */
274static struct GNUNET_OS_Process *genproc;
275
276
277/**
278 * Function called by libgcrypt whenever we are
279 * blocked gathering entropy.
280 */
281static void
282entropy_generator (void *cls, const char *what, int printchar, int current,
283 int total)
284{
285 unsigned long code;
286 enum GNUNET_OS_ProcessStatusType type;
287 int ret;
288
289 if (0 != strcmp (what, "need_entropy"))
290 return;
291 if (current == total)
292 {
293 if (genproc != NULL)
294 {
295 if (0 != GNUNET_OS_process_kill (genproc, SIGKILL))
296 LOG_STRERROR (GNUNET_ERROR_TYPE_ERROR, "kill");
297 GNUNET_break (GNUNET_OK == GNUNET_OS_process_wait (genproc));
298 GNUNET_OS_process_destroy (genproc);
299 genproc = NULL;
300 }
301 return;
302 }
303 if (genproc != NULL)
304 {
305 ret = GNUNET_OS_process_status (genproc, &type, &code);
306 if (ret == GNUNET_NO)
307 return; /* still running */
308 if (ret == GNUNET_SYSERR)
309 {
310 GNUNET_break (0);
311 return;
312 }
313 if (0 != GNUNET_OS_process_kill (genproc, SIGKILL))
314 LOG_STRERROR (GNUNET_ERROR_TYPE_ERROR, "kill");
315 GNUNET_break (GNUNET_OK == GNUNET_OS_process_wait (genproc));
316 GNUNET_OS_process_destroy (genproc);
317 genproc = NULL;
318 }
319 LOG (GNUNET_ERROR_TYPE_INFO, _("Starting `%s' process to generate entropy\n"),
320 "find");
321 genproc =
322 GNUNET_OS_start_process (GNUNET_NO, 0,
323 NULL, NULL, "sh", "sh", "-c",
324 "exec find / -mount -type f -exec cp {} /dev/null \\; 2>/dev/null",
325 NULL);
326}
327
328
329static void
330killfind ()
331{
332 if (genproc != NULL)
333 {
334 GNUNET_OS_process_kill (genproc, SIGKILL);
335 GNUNET_OS_process_destroy (genproc);
336 genproc = NULL;
337 }
338}
339
340
341void __attribute__ ((constructor)) 272void __attribute__ ((constructor))
342GNUNET_CRYPTO_random_init () 273GNUNET_CRYPTO_random_init ()
343{ 274{
@@ -346,28 +277,24 @@ GNUNET_CRYPTO_random_init ()
346 if (! gcry_check_version (NEED_LIBGCRYPT_VERSION)) 277 if (! gcry_check_version (NEED_LIBGCRYPT_VERSION))
347 { 278 {
348 FPRINTF (stderr, 279 FPRINTF (stderr,
349 _ 280 _("libgcrypt has not the expected version (version %s is required).\n"),
350 ("libgcrypt has not the expected version (version %s is required).\n"),
351 NEED_LIBGCRYPT_VERSION); 281 NEED_LIBGCRYPT_VERSION);
352 GNUNET_abort (); 282 GNUNET_abort ();
353 } 283 }
354 if ((rc = gcry_control (GCRYCTL_DISABLE_SECMEM, 0))) 284 if ((rc = gcry_control (GCRYCTL_DISABLE_SECMEM, 0)))
355 FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n", "DISABLE_SECMEM", 285 FPRINTF (stderr,
286 "Failed to set libgcrypt option %s: %s\n",
287 "DISABLE_SECMEM",
356 gcry_strerror (rc)); 288 gcry_strerror (rc));
357 /* we only generate ephemeral keys in-process; for those, 289 /* we only generate ephemeral keys in-process; for those,
358 we are fine with "just" using GCRY_STRONG_RANDOM */ 290 we are fine with "just" using GCRY_STRONG_RANDOM */
359 if ((rc = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0))) 291 if ((rc = gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0)))
360 FPRINTF (stderr, "Failed to set libgcrypt option %s: %s\n", "ENABLE_QUICK_RANDOM", 292 FPRINTF (stderr,
293 "Failed to set libgcrypt option %s: %s\n",
294 "ENABLE_QUICK_RANDOM",
361 gcry_strerror (rc)); 295 gcry_strerror (rc));
362
363#ifdef GCRYCTL_INITIALIZATION_FINISHED
364 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); 296 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
365#endif
366#ifdef gcry_fast_random_poll
367 gcry_fast_random_poll (); 297 gcry_fast_random_poll ();
368#endif
369 gcry_set_progress_handler (&entropy_generator, NULL);
370 atexit (&killfind);
371 GNUNET_CRYPTO_seed_weak_random (time (NULL) ^ 298 GNUNET_CRYPTO_seed_weak_random (time (NULL) ^
372 GNUNET_CRYPTO_random_u32 299 GNUNET_CRYPTO_random_u32
373 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX)); 300 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX));
@@ -378,9 +305,7 @@ void __attribute__ ((destructor))
378GNUNET_CRYPTO_random_fini () 305GNUNET_CRYPTO_random_fini ()
379{ 306{
380 gcry_set_progress_handler (NULL, NULL); 307 gcry_set_progress_handler (NULL, NULL);
381#ifdef GCRYCTL_CLOSE_RANDOM_DEVICE
382 (void) gcry_control (GCRYCTL_CLOSE_RANDOM_DEVICE, 0); 308 (void) gcry_control (GCRYCTL_CLOSE_RANDOM_DEVICE, 0);
383#endif
384} 309}
385 310
386 311