Blob

Date:
Message:
fix previous; check for getentropy only when arc4random is missing on macos we have the situation where we have arc4random available but no getentropy().
Actions:
History | Blame | Raw File
1 /*

2  * Copyright (c) 1996, David Mazieres <dm@uun.org>

3  * Copyright (c) 2008, Damien Miller <djm@openbsd.org>

4  * Copyright (c) 2013, Markus Friedl <markus@openbsd.org>

5  *

6  * Permission to use, copy, modify, and distribute this software for any

7  * purpose with or without fee is hereby granted, provided that the above

8  * copyright notice and this permission notice appear in all copies.

9  *

10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

14  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

15  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

16  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

17  */

19 #include "../config.h"

21 #ifndef SSH_RANDOM_DEV

22 # define SSH_RANDOM_DEV "/dev/urandom"

23 #endif /* SSH_RANDOM_DEV */

25 #include <sys/types.h>

26 #ifdef HAVE_SYS_RANDOM_H

27 # include <sys/random.h>

28 #endif

30 #include <errno.h>

31 #include <fcntl.h>

32 #include <stdlib.h>

33 #include <string.h>

34 #include <unistd.h>

35 #ifdef WITH_OPENSSL

36 #include <openssl/rand.h>

37 #include <openssl/err.h>

38 #endif

40 #include "log.h"

42 int _ssh_compat_getentropy(void *, size_t);

44 static int

45 seed_from_prngd(unsigned char *buf, size_t bytes)

46 {

47 	return -1;

48 }

50 int

51 _ssh_compat_getentropy(void *s, size_t len)

52 {

53 #if defined(WITH_OPENSSL) && defined(OPENSSL_PRNG_ONLY)

54 	if (RAND_bytes(s, len) <= 0)

55 		fatal("Couldn't obtain random bytes (error 0x%lx)",

56 		    (unsigned long)ERR_get_error());

57 #else

58 	int fd, save_errno;

59 	ssize_t r;

60 	size_t o = 0;

62 #ifdef WITH_OPENSSL

63 	if (RAND_bytes(s, len) == 1)

64 		return 0;

65 #endif

66 #ifdef HAVE_GETENTROPY

67 	if ((r = getentropy(s, len)) == 0)

68 		return 0;

69 #endif /* HAVE_GETENTROPY */

70 #ifdef HAVE_GETRANDOM

71 	if ((r = getrandom(s, len, 0)) > 0 && (size_t)r == len)

72 		return 0;

73 #endif /* HAVE_GETRANDOM */

75 	if ((fd = open(SSH_RANDOM_DEV, O_RDONLY)) == -1) {

76 		save_errno = errno;

77 		/* Try egd/prngd before giving up. */

78 		if (seed_from_prngd(s, len) == 0)

79 			return 0;

80 		fatal("Couldn't open %s: %s", SSH_RANDOM_DEV,

81 		    strerror(save_errno));

82 	}

83 	while (o < len) {

84 		r = read(fd, (u_char *)s + o, len - o);

85 		if (r < 0) {

86 			if (errno == EAGAIN || errno == EINTR ||

87 			    errno == EWOULDBLOCK)

88 				continue;

89 			fatal("read %s: %s", SSH_RANDOM_DEV, strerror(errno));

90 		}

91 		o += r;

92 	}

93 	close(fd);

94 #endif /* WITH_OPENSSL */

95 	return 0;

96 }