You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by je...@apache.org on 2002/01/08 07:22:26 UTC
cvs commit: apr/misc/unix rand.c
jerenkrantz 02/01/07 22:22:26
Modified: . CHANGES acconfig.h configure.in
include apr.h.in
misc/unix rand.c
Log:
Add support for EGD-compatible entropy gatherers (such as EGD or PRNGd).
At configure-time, specify --with-egd=/path/to/egd/socket.
Revision Changes Path
1.202 +3 -0 apr/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/apr/CHANGES,v
retrieving revision 1.201
retrieving revision 1.202
diff -u -r1.201 -r1.202
--- CHANGES 29 Dec 2001 23:14:20 -0000 1.201
+++ CHANGES 8 Jan 2002 06:22:25 -0000 1.202
@@ -1,5 +1,8 @@
Changes with APR b1
+ *) Add --with-egd to support EGD-compatible entropy gatherers for
+ those platforms without native support. [Justin Erenkrantz]
+
*) apr_lock_create() and apr_proc_mutex_create() now have an
additional parameter for specifying the lock mechanism.
apr_lock_create_np() and apr_proc_mutex_create_np() have been
1.54 +2 -0 apr/acconfig.h
Index: acconfig.h
===================================================================
RCS file: /home/cvs/apr/acconfig.h,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -r1.53 -r1.54
--- acconfig.h 29 Nov 2001 00:34:27 -0000 1.53
+++ acconfig.h 8 Jan 2002 06:22:26 -0000 1.54
@@ -10,6 +10,8 @@
#undef HAVE_CODESET
#undef HAVE_PTHREAD_PROCESS_SHARED
#undef DEV_RANDOM
+#undef HAVE_EGD
+#undef EGD_DEFAULT_SOCKET
#undef HAVE_TRUERAND
#undef HAVE_POLLIN
#undef HAVE_isascii
1.393 +20 -5 apr/configure.in
Index: configure.in
===================================================================
RCS file: /home/cvs/apr/configure.in,v
retrieving revision 1.392
retrieving revision 1.393
diff -u -r1.392 -r1.393
--- configure.in 2 Jan 2002 09:12:37 -0000 1.392
+++ configure.in 8 Jan 2002 06:22:26 -0000 1.393
@@ -671,6 +671,7 @@
sys/time.h \
sys/types.h \
sys/uio.h \
+ sys/un.h \
sys/wait.h)
dnl IRIX 6.5 has a problem in <netinet/tcp.h> which prevents it from
@@ -714,6 +715,7 @@
AC_SUBST(sys_typesh)
AC_SUBST(sys_timeh)
AC_SUBST(sys_uioh)
+AC_SUBST(sys_unh)
AC_SUBST(unistdh)
AC_SUBST(signalh)
AC_SUBST(sys_waith)
@@ -1186,19 +1188,32 @@
AC_MSG_RESULT(/dev/urandom)
rand="1"
else
- AC_MSG_RESULT(not found);
-
case $host in
# we have built in support for OS/2
*-os2*)
+ AC_MSG_RESULT([Using OS/2 builtin random])
rand="1"
;;
- # no other choice, try for truerand
*)
- if test "$ac_cv_lib_truerand_main" = "yes"; then
+ AC_ARG_WITH(egd,
+ [ --with-egd=<path> use egd-compatible socket],
+ [ if test "$withval" = "yes"; then
+ AC_ERROR([You must specify a default EGD socket path.])
+ fi
+ AC_DEFINE(HAVE_EGD)
+ AC_DEFINE_UNQUOTED(EGD_DEFAULT_SOCKET, [$withval])
+ AC_MSG_RESULT(EGD-compatible daemon)
+ rand="1"
+ ])
+ if test "$rand" != "1"; then
+ if test "$ac_cv_lib_truerand_main" = "yes"; then
+ AC_DEFINE(HAVE_TRUERAND)
+ AC_MSG_RESULT(truerand)
rand="1"
- else
+ else
+ AC_MSG_RESULT(not found)
rand="0"
+ fi
fi
;;
esac
1.97 +1 -0 apr/include/apr.h.in
Index: apr.h.in
===================================================================
RCS file: /home/cvs/apr/include/apr.h.in,v
retrieving revision 1.96
retrieving revision 1.97
diff -u -r1.96 -r1.97
--- apr.h.in 29 Dec 2001 23:14:21 -0000 1.96
+++ apr.h.in 8 Jan 2002 06:22:26 -0000 1.97
@@ -59,6 +59,7 @@
#define APR_HAVE_SYS_TIME_H @sys_timeh@
#define APR_HAVE_SYS_TYPES_H @sys_typesh@
#define APR_HAVE_SYS_UIO_H @sys_uioh@
+#define APR_HAVE_SYS_UN_H @sys_unh@
#define APR_HAVE_SYS_WAIT_H @sys_waith@
#define APR_HAVE_UNISTD_H @unistdh@
1.8 +100 -3 apr/misc/unix/rand.c
Index: rand.c
===================================================================
RCS file: /home/cvs/apr/misc/unix/rand.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- rand.c 10 Aug 2001 21:04:47 -0000 1.7
+++ rand.c 8 Jan 2002 06:22:26 -0000 1.8
@@ -52,23 +52,38 @@
* <http://www.apache.org/>.
*/
+#define APR_WANT_MEMFUNC
+#include "apr_want.h"
+#include "apr_general.h"
+
#include "misc.h"
-#include <sys/types.h>
#include <sys/stat.h>
+#if APR_HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#if APR_HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#if APR_HAVE_FCNTL_H
#include <fcntl.h>
+#endif
#if APR_HAVE_UNISTD_H
#include <unistd.h>
#endif
+#if APR_HAVE_SYS_UN_H
+#include <sys/un.h>
+#endif
#if APR_HAS_RANDOM
+/* This tells the preprocessor to put quotes around the value. */
#define XSTR(x) #x
#define STR(x) XSTR(x)
APR_DECLARE(apr_status_t) apr_generate_random_bytes(unsigned char *buf,
int length)
{
-#ifdef DEV_RANDOM
+#ifdef DEV_RANDOM
int rnd;
size_t got, tot;
@@ -89,7 +104,89 @@
for (idx=0; idx<length; idx++)
buf[idx] = randbyte();
-#else /* use truerand */
+#elif defined(HAVE_EGD)
+ /* use EGD-compatible socket daemon (such as EGD or PRNGd).
+ * message format:
+ * 0x00 (get entropy level)
+ * 0xMM (msb) 0xmm 0xll 0xLL (lsb)
+ * 0x01 (read entropy nonblocking) 0xNN (bytes requested)
+ * 0xMM (bytes granted) MM bytes
+ * 0x02 (read entropy blocking) 0xNN (bytes desired)
+ * [block] NN bytes
+ * 0x03 (write entropy) 0xMM 0xLL (bits of entropy) 0xNN (bytes of data)
+ * NN bytes
+ * (no response - write only)
+ * 0x04 (report PID)
+ * 0xMM (length of PID string, not null-terminated) MM chars
+ */
+ int egd_socket, egd_path_len, rv;
+ struct sockaddr_un addr;
+ socklen_t egd_addr_len;
+ size_t resp_expected;
+ unsigned char req[2], resp[255];
+ char *curbuf = buf;
+
+ egd_path_len = strlen(STR(EGD_DEFAULT_SOCKET));
+
+ if (egd_path_len > sizeof(addr.sun_path)) {
+ return APR_EINVAL;
+ }
+
+ memset(&addr, 0, sizeof(struct sockaddr_un));
+ addr.sun_family = AF_UNIX;
+ memcpy(addr.sun_path, STR(EGD_DEFAULT_SOCKET), egd_path_len);
+ egd_addr_len = APR_XtOffsetOf(struct sockaddr_un, sun_path) +
+ egd_path_len;
+
+ egd_socket = socket(PF_UNIX, SOCK_STREAM, 0);
+
+ if (egd_socket == -1) {
+ /* Does socket set errno? */
+ return APR_EGENERAL;
+ }
+
+ rv = connect(egd_socket, (struct sockaddr*)&addr, egd_addr_len);
+
+ if (rv == -1) {
+ return errno;
+ }
+
+ /* EGD can only return 255 bytes of data at a time. Silly. */
+ while (length > 0) {
+ ssize_t srv;
+ req[0] = 2; /* We'll block for now. */
+ req[1] = length > 255 ? 255: length;
+
+ srv = write(egd_socket, req, 2);
+ if (srv == -1) {
+ shutdown(egd_socket, SHUT_RDWR);
+ close(egd_socket);
+ return errno;
+ }
+
+ if (srv != 2) {
+ shutdown(egd_socket, SHUT_RDWR);
+ close(egd_socket);
+ return APR_EGENERAL; /* Try again. */
+ }
+
+ resp_expected = req[1];
+ srv = read(egd_socket, resp, resp_expected);
+ if (srv == -1) {
+ shutdown(egd_socket, SHUT_RDWR);
+ close(egd_socket);
+ return errno;
+ }
+
+ memcpy(curbuf, resp, srv);
+ curbuf += srv;
+ length -= srv;
+ }
+
+ shutdown(egd_socket, SHUT_RDWR);
+ close(egd_socket);
+
+#elif defined(HAVE_TRUERAND) /* use truerand */
extern int randbyte(void); /* from the truerand library */
unsigned int idx;
Re: cvs commit: apr/misc/unix rand.c
Posted by Justin Erenkrantz <je...@ebuilt.com>.
On Tue, Jan 08, 2002 at 06:22:26AM -0000, jerenkrantz@apache.org wrote:
> jerenkrantz 02/01/07 22:22:26
>
> Modified: . CHANGES acconfig.h configure.in
> include apr.h.in
> misc/unix rand.c
> Log:
> Add support for EGD-compatible entropy gatherers (such as EGD or PRNGd).
> At configure-time, specify --with-egd=/path/to/egd/socket.
As you can see, I ditched going the pure APR route and wrote the
code (*holding nose*) with native calls. It compiles on Solaris
and testrand works. Please test on other platforms and commit
relevant portability fixes. =)
At some point, we'll need to setup some type of hook to setup
the random number funcs so we can allow httpd/flood to specify
the EGD socket. But, let's get this in now. -- justin