mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21175 Commits
28 Branches
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
rspamd/contrib/libottery/ottery_entropy_urandom.c

ottery_entropy_urandom.c 3.3KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117 
  1. /* Libottery by Nick Mathewson.

  2. 

  3.    This software has been dedicated to the public domain under the CC0

  4.    public domain dedication.

  5. 

  6.    To the extent possible under law, the person who associated CC0 with

  7.    libottery has waived all copyright and related or neighboring rights

  8.    to libottery.

  9. 

  10.    You should have received a copy of the CC0 legalcode along with this

  11.    work in doc/cc0.txt.  If not, see

  12.       <http://creativecommons.org/publicdomain/zero/1.0/>.

  13.  */

  14. 

  15. #ifndef _WIN32

  16. 

  17. /**

  18.  * Read from a file into an n-byte buffer until the buffer is full or until

  19.  * we reach an error.  Returns the number of bytes read.  If the return

  20.  * value is less than n, an error occurred.

  21.  */

  22. static int

  23. ottery_read_n_bytes_from_file_(int fd, uint8_t *out, size_t n)

  24. {

  25.   ssize_t r;

  26.   uint8_t *outp = out;

  27.   while (n) {

  28.     r = read(fd, outp, n);

  29.     if (r <= 0 || (size_t)r > n)

  30.       return outp - out;

  31.     outp += r;

  32.     n -= r;

  33.   }

  34.   return outp - out;

  35. }

  36. 

  37. 

  38. /** Generate random bytes using the unix-style /dev/urandom RNG, or another

  39.  * such device as configured in the configuration. */

  40. static int

  41. ottery_get_entropy_urandom(const struct ottery_entropy_config *cfg,

  42.                            struct ottery_entropy_state *state,

  43.                             uint8_t *out, size_t outlen)

  44. {

  45.   /* On most unixes these days, you can get strong random numbers from

  46.    * /dev/urandom.

  47.    *

  48.    * That's assuming that /dev/urandom is seeded.  For most applications,

  49.    * that won't be a problem. But for stuff that starts close to system

  50.    * startup, before the operating system has added any entropy to the pool,

  51.    * it can be pretty bad.

  52.    *

  53.    * You could use /dev/random instead, if you want, but that has another

  54.    * problem.  It will block if the OS PRNG has received less entropy than

  55.    * it has emitted.  If we assume that the OS PRNG isn't cryptographically

  56.    * weak, blocking in that case is simple overkill.

  57.    *

  58.    * It would be best if there were an alternative that blocked if the PRNG

  59.    * had _never_ been seeded.  But most operating systems don't have that.

  60.    */

  61.   int fd;

  62.   ssize_t n;

  63.   int result = 0;

  64.   const char *urandom_fname;

  65.   struct stat st;

  66.   int own_fd = 0;

  67.   int check_device = !cfg || !cfg->allow_nondev_urandom;

  68. #ifndef O_CLOEXEC

  69. #define O_CLOEXEC 0

  70. #endif

  71.   if (cfg && cfg->urandom_fd_is_set && cfg->urandom_fd >= 0) {

  72.     fd = cfg->urandom_fd;

  73.   } else {

  74.     if (cfg && cfg->urandom_fname)

  75.       urandom_fname = cfg->urandom_fname;

  76.     else

  77.       urandom_fname = "/dev/urandom";

  78. 

  79.     fd = open(urandom_fname, O_RDONLY|O_CLOEXEC);

  80.     own_fd = 1;

  81.     if (fd < 0)

  82.       return OTTERY_ERR_INIT_STRONG_RNG;

  83.   }

  84.   if (fstat(fd, &st) < 0) {

  85.     result = OTTERY_ERR_INIT_STRONG_RNG;

  86.     goto end;

  87.   }

  88.   if (check_device) {

  89.     if (0 == (st.st_mode & S_IFCHR)) {

  90.       result = OTTERY_ERR_INIT_STRONG_RNG;

  91.       goto end;

  92.     }

  93. 

  94.     if (state) {

  95.       if (0 == state->urandom_fd_inode) {

  96.         state->urandom_fd_inode = (uint64_t) st.st_ino;

  97.       } else if ((uint64_t)st.st_ino != state->urandom_fd_inode) {

  98.         close(fd);

  99.         return OTTERY_ERR_ACCESS_STRONG_RNG;

  100.       }

  101.     }

  102.   }

  103. 

  104.   n = ottery_read_n_bytes_from_file_(fd, out, outlen);

  105.   if (n < 0 || (size_t)n != outlen)

  106.     result = OTTERY_ERR_ACCESS_STRONG_RNG;

  107. 

  108.  end:

  109.   if (own_fd)

  110.     close(fd);

  111.   return result;

  112. }

  113. 

  114. #define ENTROPY_SOURCE_URANDOM \

  115.   { ottery_get_entropy_urandom, SRC(RANDOMDEV)|DOM(OS)|FL(STRONG) }

  116. 

  117. #endif