comparison dbrandom.c @ 1499:2d450c1056e3

options: Complete the transition to numeric toggles (`#if') For the sake of review, this commit alters only the code; the affiliated comments within the source files also need to be updated, but doing so now would obscure the operational changes that have been made here. * All on/off options have been switched to the numeric `#if' variant; that is the only way to make this `default_options.h.in' thing work in a reasonable manner. * There is now some very minor compile-time checking of the user's choice of options. * NO_FAST_EXPTMOD doesn't seem to be used, so it has been removed. * ENABLE_USER_ALGO_LIST was supposed to be renamed DROPBEAR_USER_ALGO_LIST, and this commit completes that work. * DROPBEAR_FUZZ seems to be a relatively new, as-yet undocumented option, which was added by the following commit: commit 6e0b539e9ca0b5628c6c5a3d118ad6a2e79e8039 Author: Matt Johnston <[email protected]> Date: Tue May 23 22:29:21 2017 +0800 split out checkpubkey_line() separately It has now been added to `sysoptions.h' and defined as `0' by default. * The configuration option `DROPBEAR_PASSWORD_ENV' is no longer listed in `default_options.h.in'; it is no longer meant to be set by the user, and is instead left to be defined in `sysoptions.h' (where it was already being defined) as merely the name of the environment variable in question: DROPBEAR_PASSWORD To enable or disable use of that environment variable, the user must now toggle `DROPBEAR_USE_DROPBEAR_PASSWORD'. * The sFTP support is now toggled by setting `DROPBEAR_SFTPSERVER', and the path of the sFTP server program is set independently through the usual SFTPSERVER_PATH.
author Michael Witten <mfwitten@gmail.com>
date Thu, 20 Jul 2017 19:38:26 +0000
parents 06d52bcb8094
children 5916af64acd4
comparison
equal deleted inserted replaced
1497:bf9c06b8dad9 1499:2d450c1056e3
57 static int already_blocked = 0; 57 static int already_blocked = 0;
58 int readfd; 58 int readfd;
59 unsigned int readcount; 59 unsigned int readcount;
60 int ret = DROPBEAR_FAILURE; 60 int ret = DROPBEAR_FAILURE;
61 61
62 #ifdef DROPBEAR_PRNGD_SOCKET 62 #if DROPBEAR_USE_PRNGD
63 if (prngd) 63 if (prngd)
64 { 64 {
65 readfd = connect_unix(filename); 65 readfd = connect_unix(filename);
66 } 66 }
67 else 67 else
105 else 105 else
106 { 106 {
107 wantread = MIN(sizeof(readbuf), len-readcount); 107 wantread = MIN(sizeof(readbuf), len-readcount);
108 } 108 }
109 109
110 #ifdef DROPBEAR_PRNGD_SOCKET 110 #if DROPBEAR_USE_PRNGD
111 if (prngd) 111 if (prngd)
112 { 112 {
113 char egdcmd[2]; 113 char egdcmd[2];
114 egdcmd[0] = 0x02; /* blocking read */ 114 egdcmd[0] = 0x02; /* blocking read */
115 egdcmd[1] = (unsigned char)wantread; 115 egdcmd[1] = (unsigned char)wantread;
155 sha1_done(&hs, hashpool); 155 sha1_done(&hs, hashpool);
156 } 156 }
157 157
158 static void write_urandom() 158 static void write_urandom()
159 { 159 {
160 #ifndef DROPBEAR_PRNGD_SOCKET 160 #if !DROPBEAR_USE_PRNGD
161 /* This is opportunistic, don't worry about failure */ 161 /* This is opportunistic, don't worry about failure */
162 unsigned char buf[INIT_SEED_SIZE]; 162 unsigned char buf[INIT_SEED_SIZE];
163 FILE *f = fopen(DROPBEAR_URANDOM_DEV, "w"); 163 FILE *f = fopen(DROPBEAR_URANDOM_DEV, "w");
164 if (!f) { 164 if (!f) {
165 return; 165 return;
183 /* hash in the new seed data */ 183 /* hash in the new seed data */
184 sha1_init(&hs); 184 sha1_init(&hs);
185 /* existing state */ 185 /* existing state */
186 sha1_process(&hs, (void*)hashpool, sizeof(hashpool)); 186 sha1_process(&hs, (void*)hashpool, sizeof(hashpool));
187 187
188 #ifdef DROPBEAR_PRNGD_SOCKET 188 #if DROPBEAR_USE_PRNGD
189 if (process_file(&hs, DROPBEAR_PRNGD_SOCKET, INIT_SEED_SIZE, 1) 189 if (process_file(&hs, DROPBEAR_PRNGD_SOCKET, INIT_SEED_SIZE, 1)
190 != DROPBEAR_SUCCESS) { 190 != DROPBEAR_SUCCESS) {
191 dropbear_exit("Failure reading random device %s", 191 dropbear_exit("Failure reading random device %s",
192 DROPBEAR_PRNGD_SOCKET); 192 DROPBEAR_PRNGD_SOCKET);
193 } 193 }