- (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed

process when sshd relies on ssh-random-helper. Should result in faster logins on systems without a real random device or prngd. ok djm@
2005-09-27 22:46:32 +10:00 · 2005-09-27 22:46:32 +10:00 · c6f8219e0d
--- a/5
+++ b/5
@ -1,6 +1,9 @@
 20050927
 - (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid
   calls, since they can't possibly fail.  ok djm@
+ - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
+   process when sshd relies on ssh-random-helper.  Should result in faster
+   logins on systems without a real random device or prngd.  ok djm@

 20050924
 - (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove
@ -3017,4 +3020,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu

-$Id: ChangeLog,v 1.3895 2005/09/27 09:50:25 dtucker Exp $
+$Id: ChangeLog,v 1.3896 2005/09/27 12:46:32 dtucker Exp $
--- a/entropy.c
+++ b/entropy.c
@ -26,6 +26,7 @@

 #include <openssl/rand.h>
 #include <openssl/crypto.h>
+#include <openssl/err.h>

 #include "ssh.h"
 #include "misc.h"
@ -33,6 +34,8 @@
 #include "atomicio.h"
 #include "pathnames.h"
 #include "log.h"
+#include "buffer.h"
+#include "bufaux.h"

 /*
 * Portable OpenSSH PRNG seeding:
@ -45,7 +48,7 @@
 * XXX: we should tell the child how many bytes we need.
 */

-RCSID("$Id: entropy.c,v 1.50 2005/09/27 09:50:25 dtucker Exp $");
+RCSID("$Id: entropy.c,v 1.51 2005/09/27 12:46:32 dtucker Exp $");

 #ifndef OPENSSL_PRNG_ONLY
 #define RANDOM_SEED_SIZE 48
@ -150,3 +153,30 @@ init_rng(void)
 #endif
 }

+#ifndef OPENSSL_PRNG_ONLY
+void
+rexec_send_rng_seed(Buffer *m)
+{
+	u_char buf[RANDOM_SEED_SIZE];
+
+	if (RAND_bytes(buf, sizeof(buf)) <= 0) {
+		error("Couldn't obtain random bytes (error %ld)",
+		    ERR_get_error());
+		buffer_put_string(m, "", 0);
+	} else 
+		buffer_put_string(m, buf, sizeof(buf));
+}
+
+void
+rexec_recv_rng_seed(Buffer *m)
+{
+	char *buf;
+	u_int len;
+
+	buf = buffer_get_string_ret(m, &len);
+	if (buf != NULL) {
+		debug3("rexec_recv_rng_seed: seeding rng with %u bytes", len);
+		RAND_add(buf, len, len);
+	}
+}
+#endif
--- a/entropy.h
+++ b/entropy.h
@ -22,12 +22,17 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

-/* $Id: entropy.h,v 1.4 2001/02/09 01:55:36 djm Exp $ */
+/* $Id: entropy.h,v 1.5 2005/09/27 12:46:32 dtucker Exp $ */

 #ifndef _RANDOMS_H
 #define _RANDOMS_H

+#include "buffer.h"
+
 void seed_rng(void);
 void init_rng(void);

+void rexec_send_rng_seed(Buffer *);
+void rexec_recv_rng_seed(Buffer *);
+
 #endif /* _RANDOMS_H */
--- a/sshd.c
+++ b/sshd.c
@ -800,6 +800,7 @@ send_rexec_state(int fd, Buffer *conf)
 	 *	bignum	iqmp			"
 	 *	bignum	p			"
 	 *	bignum	q			"
+	 *	string rngseed		(only if OpenSSL is not self-seeded)
 	 */
 	buffer_init(&m);
 	buffer_put_cstring(&m, buffer_ptr(conf));
@ -816,6 +817,10 @@ send_rexec_state(int fd, Buffer *conf)
 	} else
 		buffer_put_int(&m, 0);

+#ifndef OPENSSL_PRNG_ONLY
+	rexec_send_rng_seed(&m);
+#endif
+
 	if (ssh_msg_send(fd, 0, &m) == -1)
 		fatal("%s: ssh_msg_send failed", __func__);

@ -858,6 +863,11 @@ recv_rexec_state(int fd, Buffer *conf)
 		rsa_generate_additional_parameters(
 		    sensitive_data.server_key->rsa);
 	}
+
+#ifndef OPENSSL_PRNG_ONLY
+	rexec_recv_rng_seed(&m);
+#endif
+
 	buffer_free(&m);

 	debug3("%s: done", __func__);
@ -1051,8 +1061,6 @@ main(int ac, char **av)
 	drop_cray_privs();
 #endif

-	seed_rng();
-
 	sensitive_data.server_key = NULL;
 	sensitive_data.ssh1_host_key = NULL;
 	sensitive_data.have_ssh1_key = 0;
@ -1071,6 +1079,8 @@ main(int ac, char **av)
 	if (!rexec_flag)
 		buffer_free(&cfg);

+	seed_rng();
+
 	/* Fill in default values for those options not explicitly set. */
 	fill_default_server_options(&options);