[RT #1709]
Change isc_entropy_usebestsource() to have saner semantics: - If an invalid file is specified, an error will be returned instead of the keyboard being used. - If no file is specified but a random device is present, the keyboard will be used if there is an error opening the random device. - ISC_ENTROPY_KEYBOARDYES indicates that the keyboard should be the only device used. Otherwise, passing '-r keyboard' is meaningless on a machine with a random device, since the keyboard will not be used. Change the callers in the dnssec tools and rndc-confgen to check for the special file "keyboard" and call isc_entropy_usebestsource() with the right set of parameters.
This commit is contained in:
Brian Wellington
@@ -15,7 +15,7 @@
|
||||
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* $Id: dnssectool.c,v 1.31 2001/07/22 06:09:42 mayer Exp $ */
|
||||
/* $Id: dnssectool.c,v 1.32 2001/09/05 22:32:05 bwelling Exp $ */
|
||||
|
||||
#include <config.h>
|
||||
|
||||
@@ -23,7 +23,6 @@
|
||||
|
||||
#include <isc/buffer.h>
|
||||
#include <isc/entropy.h>
|
||||
#include <isc/keyboard.h>
|
||||
#include <isc/string.h>
|
||||
#include <isc/time.h>
|
||||
#include <isc/util.h>
|
||||
@@ -202,13 +201,23 @@ cleanup_logging(isc_log_t **logp) {
|
||||
void
|
||||
setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
|
||||
isc_result_t result;
|
||||
int usekeyboard = ISC_ENTROPY_KEYBOARDMAYBE;
|
||||
|
||||
result = isc_entropy_create(mctx, ectx);
|
||||
if (result != ISC_R_SUCCESS)
|
||||
fatal("could not create entropy object");
|
||||
REQUIRE(ectx != NULL);
|
||||
|
||||
if (*ectx == NULL) {
|
||||
result = isc_entropy_create(mctx, ectx);
|
||||
if (result != ISC_R_SUCCESS)
|
||||
fatal("could not create entropy object");
|
||||
}
|
||||
|
||||
if (randomfile != NULL && strcmp(randomfile, "keyboard") == 0) {
|
||||
usekeyboard = ISC_ENTROPY_KEYBOARDYES;
|
||||
randomfile = NULL;
|
||||
}
|
||||
|
||||
result = isc_entropy_usebestsource(*ectx, &source, randomfile,
|
||||
ISC_ENTROPY_KEYBOARDMAYBE);
|
||||
usekeyboard);
|
||||
|
||||
if (result != ISC_R_SUCCESS)
|
||||
fatal("could not initialize entropy source: %s",
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* $Id: rndc-confgen.c,v 1.9 2001/08/27 23:55:16 gson Exp $ */
|
||||
/* $Id: rndc-confgen.c,v 1.10 2001/09/05 22:32:06 bwelling Exp $ */
|
||||
|
||||
#include <config.h>
|
||||
|
||||
@@ -230,6 +230,10 @@ main(int argc, char **argv) {
|
||||
|
||||
DO("create entropy context", isc_entropy_create(mctx, &ectx));
|
||||
|
||||
if (randomfile != NULL && strcmp(randomfile, "keyboard") == 0) {
|
||||
randomfile = NULL;
|
||||
open_keyboard = ISC_ENTROPY_KEYBOARDYES;
|
||||
}
|
||||
DO("start entropy source", isc_entropy_usebestsource(ectx,
|
||||
&entropy_source,
|
||||
randomfile,
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* $Id: entropy.c,v 1.4 2001/09/01 00:46:04 gson Exp $ */
|
||||
/* $Id: entropy.c,v 1.5 2001/09/05 22:32:08 bwelling Exp $ */
|
||||
|
||||
/*
|
||||
* This is the system independent part of the entropy module. It is
|
||||
@@ -1201,6 +1201,7 @@ isc_entropy_usebestsource(isc_entropy_t *ectx, isc_entropysource_t **source,
|
||||
{
|
||||
isc_result_t result;
|
||||
isc_result_t final_result = ISC_R_NOENTROPY;
|
||||
isc_boolean_t userfile = ISC_TRUE;
|
||||
|
||||
REQUIRE(VALID_ENTROPY(ectx));
|
||||
REQUIRE(source != NULL && *source == NULL);
|
||||
@@ -1209,15 +1210,19 @@ isc_entropy_usebestsource(isc_entropy_t *ectx, isc_entropysource_t **source,
|
||||
use_keyboard == ISC_ENTROPY_KEYBOARDMAYBE);
|
||||
|
||||
#ifdef PATH_RANDOMDEV
|
||||
if (randomfile == NULL)
|
||||
if (randomfile == NULL) {
|
||||
randomfile = PATH_RANDOMDEV;
|
||||
userfile = ISC_FALSE;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (randomfile != NULL) {
|
||||
if (randomfile != NULL && use_keyboard != ISC_ENTROPY_KEYBOARDYES) {
|
||||
result = isc_entropy_createfilesource(ectx, randomfile);
|
||||
if (result == ISC_R_SUCCESS &&
|
||||
use_keyboard == ISC_ENTROPY_KEYBOARDMAYBE)
|
||||
use_keyboard = ISC_ENTROPY_KEYBOARDNO;
|
||||
if (result != ISC_R_SUCCESS && userfile)
|
||||
return (result);
|
||||
|
||||
final_result = result;
|
||||
}
|
||||
|
||||
@@ -15,7 +15,7 @@
|
||||
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* $Id: entropy.h,v 1.23 2001/06/22 17:05:53 tale Exp $ */
|
||||
/* $Id: entropy.h,v 1.24 2001/09/05 22:32:09 bwelling Exp $ */
|
||||
|
||||
#ifndef ISC_ENTROPY_H
|
||||
#define ISC_ENTROPY_H 1
|
||||
@@ -112,12 +112,12 @@ typedef void (*isc_entropystop_t)(isc_entropysource_t *source, void *arg);
|
||||
* For use with isc_entropy_usebestsource().
|
||||
*
|
||||
* _KEYBOARDYES
|
||||
* Always use the keyboard as an entropy source.
|
||||
* Use the keyboard as the only entropy source.
|
||||
* _KEYBOARDNO
|
||||
* Never use the keyboard as an entropy source.
|
||||
* _KEYBOARDMAYBE
|
||||
* Use the keyboard as an entropy source only if opening the
|
||||
* random device or supplied filename fails.
|
||||
* random device fails.
|
||||
*/
|
||||
#define ISC_ENTROPY_KEYBOARDYES 1
|
||||
#define ISC_ENTROPY_KEYBOARDNO 2
|
||||
|
||||
Reference in New Issue
Block a user