Mercurial > dropbear
comparison svr-main.c @ 687:167fdc091c05
Improve RNG seeding.
Try to read from /dev/urandom multiple times, take input from extra sources,
and use /dev/random when generating private keys
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Fri, 29 Jun 2012 23:19:43 +0800 |
| parents | d4d0279710b9 |
| children | 0fd32a552ea5 |
comparison
equal
deleted
inserted
replaced
| 683:63f8d6c469cf | 687:167fdc091c05 |
|---|---|
| 252 if (num_unauthed_total >= MAX_UNAUTH_CLIENTS | 252 if (num_unauthed_total >= MAX_UNAUTH_CLIENTS |
| 253 || num_unauthed_for_addr >= MAX_UNAUTH_PER_IP) { | 253 || num_unauthed_for_addr >= MAX_UNAUTH_PER_IP) { |
| 254 goto out; | 254 goto out; |
| 255 } | 255 } |
| 256 | 256 |
| 257 seedrandom(); | |
| 258 | |
| 257 if (pipe(childpipe) < 0) { | 259 if (pipe(childpipe) < 0) { |
| 258 TRACE(("error creating child pipe")) | 260 TRACE(("error creating child pipe")) |
| 259 goto out; | 261 goto out; |
| 260 } | 262 } |
| 261 | 263 |
| 265 fork_ret = fork(); | 267 fork_ret = fork(); |
| 266 #endif | 268 #endif |
| 267 if (fork_ret < 0) { | 269 if (fork_ret < 0) { |
| 268 dropbear_log(LOG_WARNING, "Error forking: %s", strerror(errno)); | 270 dropbear_log(LOG_WARNING, "Error forking: %s", strerror(errno)); |
| 269 goto out; | 271 goto out; |
| 270 | 272 } |
| 271 } else if (fork_ret > 0) { | 273 |
| 274 addrandom(&fork_ret, sizeof(fork_ret)); | |
| 275 | |
| 276 if (fork_ret > 0) { | |
| 272 | 277 |
| 273 /* parent */ | 278 /* parent */ |
| 274 childpipes[conn_idx] = childpipe[0]; | 279 childpipes[conn_idx] = childpipe[0]; |
| 275 m_close(childpipe[1]); | 280 m_close(childpipe[1]); |
| 276 preauth_addrs[conn_idx] = remote_host; | 281 preauth_addrs[conn_idx] = remote_host; |