path: root/ssh-rand-helper.c
AgeCommit message (Collapse)Author
2011-05-05 - (djm) [ WARNING.RNG aclocal.m4]Damien Miller
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c] [ssh.c sshd.c contrib/aix/] [regress/README.regress] Remove ssh-rand-helper and all its tentacles. PRNGd seeding has been rolled into entropy.c directly. Thanks to tim@ for testing on affected platforms.
2010-03-05 - (djm) [ssh-rand-helper.c] declare optind, avoiding compilation failureDamien Miller
on some platforms
2009-11-20 - (djm) [ssh-rand-helper.c] Print error and usage() when passed command-Damien Miller
line arguments as none are supported. Exit when passed unrecognised commandline flags. bz#1568 from gson AT
2007-03-13 - (dtucker) [entropy.c scard-opensc.c ssh-rand-helper.c] Bug #1294: includeDarren Tucker
string.h to prevent warnings, from vapier at
2006-09-02 - (dtucker) [ssh-keyscan.c ssh-rand-helper.c ssh.c sshconnect.cDarren Tucker
openbsd-compat/bindresvport.c openbsd-compat/getrrsetbyname.c openbsd-compat/port-tun.c openbsd-compat/rresvport.c] Include <arpa/inet.h> for hton* and ntoh* macros. Required on (at least) HP-UX since we define _XOPEN_SOURCE_EXTENDED. Found by santhi.amirta at gmail com.
2006-08-05 - (dtucker) [ssh-rand-helper.c] Needs stdarg.h for log.h.Darren Tucker
2006-07-24 - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]Damien Miller
[canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c] [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c] [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c] [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c] [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c] [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c] [openbsd-compat/mktemp.c openbsd-compat/port-linux.c] [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c] [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c] make the portable tree compile again - sprinkle unistd.h and string.h back in. Don't redefine __unused, as it turned out to be used in headers on Linux, and replace its use in auth-pam.c with ARGSUSED
2006-07-24 - 2006/07/12 22:42:32Damien Miller
[includes.h ssh.c ssh-rand-helper.c] move #include <stddef.h> out of includes.h
2006-07-12 - (dtucker) [ssh-keyscan.c ssh-rand-helper.c] More errno.h here too.Darren Tucker
2006-07-10 - (djm) [loginrec.c ssh-rand-helper.c sshd.c openbsd-compat/glob.c]Damien Miller
[openbsd-compat/mktemp.c openbsd-compat/openbsd-compat.h] [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c] [openbsd-compat/xcrypt.c] Fix includes.h fallout, mainly fcntl.h
2006-07-10 - 2006/07/06 16:03:53Damien Miller
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c] [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c] [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c] [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c] [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c] [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c] [uidswap.h] move #include <pwd.h> out of includes.h; ok markus@
2006-07-10 - 2006/07/05 02:42:09Damien Miller
[canohost.c hostfile.c includes.h misc.c packet.c readconf.c] [serverloop.c sshconnect.c uuencode.c] move #include <netinet/in.h> out of includes.h; ok deraadt@ (also ssh-rand-helper.c logintest.c loginrec.c)
2006-07-05 - (dtucker) [ssh-rand-helper.c] Don't exit if mkdir fails because theDarren Tucker
target already exists.
2006-05-17 - (dtucker) [ssh-rand-helper.c] Check return code of mkdir and fix fileDarren Tucker
pointer leak. From kjhall at, found by coverity.
2006-05-04 - (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.cDarren Tucker
session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar) in Portable-only code; since calloc zeros, remove now-redundant memsets. Also add a couple of sanity checks. With & ok djm@
2006-03-26 - 2006/03/25 01:13:23Damien Miller
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c] [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c] [uidswap.c] change OpenSSH's xrealloc() function from being xrealloc(p, new_size) to xrealloc(p, new_nmemb, new_itemsize). realloc is particularly prone to integer overflows because it is almost always allocating "n * size" bytes, so this is a far safer API; ok deraadt@
2006-03-26 - 2006/03/19 18:51:18Damien Miller
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] RCSID() can die
2006-03-15 - (djm) [ssh-rand-helper.c] Needs a bunch of headersDamien Miller
2005-07-17 -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c]Damien Miller
[ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
2005-07-17 - (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c]Damien Miller
[cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
2005-06-19 - (djm) [loginrec.c ssh-rand-helper.c] Fix -Wsign-compare for portable,Damien Miller
tested and fixes tim@
2005-02-16Document the path to seed_rng betterDarren Tucker
2005-02-16 - (dtucker) [ssh-rand-helper.c] Provide seed_rng since it may be calledDarren Tucker
via mkstemp in some configurations. ok djm@
2005-02-16write seed to temporary file and atomically rename into place; ok dtucker@Damien Miller
2004-12-20 - (dtucker) [ssh-rand-helper.c] Fall back to command-based seeding if readingDarren Tucker
from prngd is enabled at compile time but fails at run time, eg because prngd is not running. Note that if you have prngd running when OpenSSH is built, OpenSSL will consider itself internally seeded and rand-helper won't be built at all unless explicitly enabled via --with-rand-helper. ok djm@
2004-08-23 - (djm) [ssh-rand-helper.c] Typo. Found byDamien Miller
Martin.Kraemer AT
2004-07-17 - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.cDarren Tucker
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces diff vs OpenBSD; ok mouring@, tested by tim@ too.
2004-06-15 - 2004/06/13 15:03:02Damien Miller
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c] [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5] implement session multiplexing in the client (the server has supported this since 2.0); ok markus@
2003-11-21more whitespace (tabs this time)Damien Miller
2003-11-21 - 2003/11/21 11:57:03Damien Miller
[everything] unexpand and delete whitespace at EOL; ok markus@ (done locally and RCS IDs synced)
2003-09-22 - (bal) "extration" -> "extraction" in ssh-rand-helper.c; repoted by johnBen Lindstrom
on #unixhelp@efnet
2003-08-22 - (djm) s/get_progname/ssh_get_progname/g to avoid conflict with HeimdalDamien Miller
-lbroken; ok dtucker
2003-07-06 - (dtucker) [ssh-rand-helper.c loginrec.c]Darren Tucker
Apply atomicio typing change to these too.
2003-05-16 - (djm) A few type mismatch fixes from Bug #565Damien Miller
2003-03-17 - (djm) Fix return value checks for RAND_bytes. Report fromDamien Miller
Steve G <>
2002-10-21 - (djm) Kill ssh-rand-helper children on timeout, patch fromDamien Miller
2002-07-28 - (stevesk) [ssh-rand-helper.c] RAND_bytes() and SHA1_Final() unsignedKevin Steves
char arg.
2002-06-09unexpandBen Lindstrom
2002-04-14 - (djm) ssh-rand-helper improvementsDamien Miller
- Add commandline debugging options - Don't write binary data if stdout is a tty (use hex instead) - Give it a manpage
2002-02-10 - (djm) OpenBSD CVS SyncDamien Miller
- 2002/02/09 17:37:34 [pathnames.h session.c ssh.1 sshd.8 sshd_config ssh-keyscan.1] move ssh config files to /etc/ssh - (djm) Adjust portable tnd ssh-rand-helper.c o match
2002-01-22 - (djm) Fix some bugs I introduced into ssh-rand-helper yesterdayDamien Miller
2002-01-21 - (djm) Rework ssh-rand-helper:Damien Miller
- Reduce quantity of ifdef code, in preparation for ssh_rand_conf - Always seed from system calls, even when doing PRNGd seeding - Tidy and comment #define knobs - Remove unused facility for multiple runs through command list - KNF, cleanup, update copyright
2001-12-25 - (stevesk) [ ssh-rand-helper.c]Kevin Steves
portable lib and __progname support for ssh-rand-helper; ok djm@
2001-12-24 - (djm) Ignore fix & patchlevel in OpenSSL version check. Patch fromDamien Miller - (djm) Rework entropy code. If the OpenSSL PRNG is has not been internally seeded, execute a subprogram "ssh-rand-helper" to obtain some entropy for us. Rewrite the old in-process entropy collecter as an example ssh-rand-helper. - (djm) Always perform ssh_prng_cmds path lookups in configure, even if we don't end up using ssh_prng_cmds (so we always get a valid file)