Mercurial > dropbear
comparison random.c @ 694:c85bb68e1db6
add loadavg and entropy_avail as sources
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sat, 23 Feb 2013 10:27:49 +0800 |
parents | c3de235d9506 |
children | 5f2d16d3e598 |
comparison
equal
deleted
inserted
replaced
692:c58a15983808 | 694:c85bb68e1db6 |
---|---|
71 if (readfd < 0) { | 71 if (readfd < 0) { |
72 goto out; | 72 goto out; |
73 } | 73 } |
74 | 74 |
75 readcount = 0; | 75 readcount = 0; |
76 while (readcount < len) | 76 while (len == 0 || readcount < len) |
77 { | 77 { |
78 int readlen, wantread; | 78 int readlen, wantread; |
79 unsigned char readbuf[128]; | 79 unsigned char readbuf[2048]; |
80 if (!already_blocked) | 80 if (!already_blocked) |
81 { | 81 { |
82 int ret; | 82 int ret; |
83 struct timeval timeout = { .tv_sec = 2, .tv_usec = 0}; | 83 struct timeval timeout = { .tv_sec = 2, .tv_usec = 0}; |
84 fd_set read_fds; | 84 fd_set read_fds; |
91 dropbear_log(LOG_WARNING, "Warning: Reading the randomness source '%s' seems to have blocked.\nYou may need to find a better entropy source.", filename); | 91 dropbear_log(LOG_WARNING, "Warning: Reading the randomness source '%s' seems to have blocked.\nYou may need to find a better entropy source.", filename); |
92 already_blocked = 1; | 92 already_blocked = 1; |
93 } | 93 } |
94 } | 94 } |
95 | 95 |
96 wantread = MIN(sizeof(readbuf), len-readcount); | 96 if (len == 0) |
97 { | |
98 wantread = sizeof(readbuf); | |
99 } | |
100 else | |
101 { | |
102 wantread = MIN(sizeof(readbuf), len-readcount); | |
103 } | |
97 | 104 |
98 #ifdef DROPBEAR_PRNGD_SOCKET | 105 #ifdef DROPBEAR_PRNGD_SOCKET |
99 if (prngd) | 106 if (prngd) |
100 { | 107 { |
101 char egdcmd[2]; | 108 char egdcmd[2]; |
183 dropbear_exit("Failure reading random device %s", | 190 dropbear_exit("Failure reading random device %s", |
184 DROPBEAR_URANDOM_DEV); | 191 DROPBEAR_URANDOM_DEV); |
185 } | 192 } |
186 #endif | 193 #endif |
187 | 194 |
188 /* A few other sources to fall back on. Add more here for other platforms */ | 195 /* A few other sources to fall back on. |
196 * Add more here for other platforms */ | |
189 #ifdef __linux__ | 197 #ifdef __linux__ |
190 /* Seems to be a reasonable source of entropy from timers. Possibly hard | 198 /* Seems to be a reasonable source of entropy from timers. Possibly hard |
191 * for even local attackers to reproduce */ | 199 * for even local attackers to reproduce */ |
192 process_file(&hs, "/proc/timer_list", 0, 0); | 200 process_file(&hs, "/proc/timer_list", 0, 0); |
193 /* Might help on systems with wireless */ | 201 /* Might help on systems with wireless */ |
194 process_file(&hs, "/proc/interrupts", 0, 0); | 202 process_file(&hs, "/proc/interrupts", 0, 0); |
195 | 203 |
204 process_file(&hs, "/proc/loadavg", 0, 0); | |
205 process_file(&hs, "/proc/sys/kernel/random/entropy_avail", 0, 0); | |
206 | |
196 /* Mostly network visible but useful in some situations */ | 207 /* Mostly network visible but useful in some situations */ |
197 process_file(&hs, "/proc/net/netstat", 0, 0); | 208 process_file(&hs, "/proc/net/netstat", 0, 0); |
198 process_file(&hs, "/proc/net/dev", 0, 0); | 209 process_file(&hs, "/proc/net/dev", 0, 0); |
199 process_file(&hs, "/proc/net/tcp", 0, 0); | 210 process_file(&hs, "/proc/net/tcp", 0, 0); |
200 /* Also includes interface lo */ | 211 /* Also includes interface lo */ |