mirror of
https://github.com/NLnetLabs/unbound.git
synced 2025-12-20 23:00:56 -05:00
- in compat/arc4random call getentropy_urandom when getentropy fails
with ENOSYS. git-svn-id: file:///svn/unbound/trunk@4699 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards
parent
1a0bd1a150
commit
b3c45a8edb
2 changed files with 73 additions and 2 deletions
|
|
@ -71,6 +71,70 @@ static struct {
|
||||||
|
|
||||||
static inline void _rs_rekey(u_char *dat, size_t datlen);
|
static inline void _rs_rekey(u_char *dat, size_t datlen);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Basic sanity checking; wish we could do better.
|
||||||
|
*/
|
||||||
|
static int
|
||||||
|
fallback_gotdata(char *buf, size_t len)
|
||||||
|
{
|
||||||
|
char any_set = 0;
|
||||||
|
size_t i;
|
||||||
|
|
||||||
|
for (i = 0; i < len; ++i)
|
||||||
|
any_set |= buf[i];
|
||||||
|
if (any_set == 0)
|
||||||
|
return -1;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* fallback for getentropy in case libc returns failure */
|
||||||
|
static int
|
||||||
|
fallback_getentropy_urandom(void *buf, size_t len)
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
int fd, flags;
|
||||||
|
int save_errno = errno;
|
||||||
|
|
||||||
|
start:
|
||||||
|
|
||||||
|
flags = O_RDONLY;
|
||||||
|
#ifdef O_NOFOLLOW
|
||||||
|
flags |= O_NOFOLLOW;
|
||||||
|
#endif
|
||||||
|
#ifdef O_CLOEXEC
|
||||||
|
flags |= O_CLOEXEC;
|
||||||
|
#endif
|
||||||
|
fd = open("/dev/urandom", flags, 0);
|
||||||
|
if (fd == -1) {
|
||||||
|
if (errno == EINTR)
|
||||||
|
goto start;
|
||||||
|
goto nodevrandom;
|
||||||
|
}
|
||||||
|
#ifndef O_CLOEXEC
|
||||||
|
fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC);
|
||||||
|
#endif
|
||||||
|
for (i = 0; i < len; ) {
|
||||||
|
size_t wanted = len - i;
|
||||||
|
ssize_t ret = read(fd, (char*)buf + i, wanted);
|
||||||
|
|
||||||
|
if (ret == -1) {
|
||||||
|
if (errno == EAGAIN || errno == EINTR)
|
||||||
|
continue;
|
||||||
|
close(fd);
|
||||||
|
goto nodevrandom;
|
||||||
|
}
|
||||||
|
i += ret;
|
||||||
|
}
|
||||||
|
close(fd);
|
||||||
|
if (fallback_gotdata(buf, len) == 0) {
|
||||||
|
errno = save_errno;
|
||||||
|
return 0; /* satisfied */
|
||||||
|
}
|
||||||
|
nodevrandom:
|
||||||
|
errno = EIO;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
static inline void
|
static inline void
|
||||||
_rs_init(u_char *buf, size_t n)
|
_rs_init(u_char *buf, size_t n)
|
||||||
{
|
{
|
||||||
|
|
@ -114,12 +178,15 @@ _rs_stir(void)
|
||||||
u_char rnd[KEYSZ + IVSZ];
|
u_char rnd[KEYSZ + IVSZ];
|
||||||
|
|
||||||
if (getentropy(rnd, sizeof rnd) == -1) {
|
if (getentropy(rnd, sizeof rnd) == -1) {
|
||||||
|
if(errno != ENOSYS ||
|
||||||
|
fallback_getentropy_urandom(rnd, sizeof rnd) == -1) {
|
||||||
#ifdef SIGKILL
|
#ifdef SIGKILL
|
||||||
raise(SIGKILL);
|
raise(SIGKILL);
|
||||||
#else
|
#else
|
||||||
exit(9); /* windows */
|
exit(9); /* windows */
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (!rs)
|
if (!rs)
|
||||||
_rs_init(rnd, sizeof(rnd));
|
_rs_init(rnd, sizeof(rnd));
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,7 @@
|
||||||
|
29 May 2018: Wouter
|
||||||
|
- in compat/arc4random call getentropy_urandom when getentropy fails
|
||||||
|
with ENOSYS.
|
||||||
|
|
||||||
28 May 2018: Wouter
|
28 May 2018: Wouter
|
||||||
- Fix windows tcp and tls spin on events.
|
- Fix windows tcp and tls spin on events.
|
||||||
- Add routine from getdns to add windows cert store to the SSL_CTX.
|
- Add routine from getdns to add windows cert store to the SSL_CTX.
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue