summaryrefslogtreecommitdiff
path: root/entropy.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2002-01-22 21:57:53 +1100
committerDamien Miller <djm@mindrot.org>2002-01-22 21:57:53 +1100
commit6c21c51c487ec31ceb5b81b536c9516c5f20b5b0 (patch)
treee5fba473079d684039e0d6b2f0bd393b3e1b0186 /entropy.c
parent7b10ef48771bc3649b6e5ea0b021a2270a5d62f8 (diff)
- (djm) autoconf hacking:
- We don't support --without-zlib currently, so don't allow it. - Rework cryptographic random number support detection. We now detect whether OpenSSL seeds itself. If it does, then we don't bother with the ssh-rand-helper program. You can force the use of ssh-rand-helper using the --with-rand-helper configure argument - Simplify and clean up ssh-rand-helper configuration
Diffstat (limited to 'entropy.c')
-rw-r--r--entropy.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/entropy.c b/entropy.c
index 86ea81aa..03591f06 100644
--- a/entropy.c
+++ b/entropy.c
@@ -45,15 +45,17 @@
* XXX: we should tell the child how many bytes we need.
*/
-#define RANDOM_SEED_SIZE 48
-
-RCSID("$Id: entropy.c,v 1.39 2001/12/23 14:41:48 djm Exp $");
+RCSID("$Id: entropy.c,v 1.40 2002/01/22 10:57:54 djm Exp $");
+#ifndef OPENSSL_PRNG_ONLY
+#define RANDOM_SEED_SIZE 48
static uid_t original_uid, original_euid;
+#endif
void
seed_rng(void)
{
+#ifndef OPENSSL_PRNG_ONLY
int devnull;
int p[2];
pid_t pid;
@@ -121,6 +123,10 @@ seed_rng(void)
RAND_add(buf, sizeof(buf), sizeof(buf));
memset(buf, '\0', sizeof(buf));
+
+#endif /* OPENSSL_PRNG_ONLY */
+ if (RAND_status() != 1)
+ fatal("PRNG is not seeded");
}
void
@@ -134,8 +140,11 @@ init_rng(void)
fatal("OpenSSL version mismatch. Built against %lx, you "
"have %lx", OPENSSL_VERSION_NUMBER, SSLeay());
+#ifndef OPENSSL_PRNG_ONLY
if ((original_uid = getuid()) == -1)
fatal("getuid: %s", strerror(errno));
if ((original_euid = geteuid()) == -1)
fatal("geteuid: %s", strerror(errno));
+#endif
}
+