Browse Source

Add support for "real" entropy from /dev/[u]random (fixes #1977)

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2524 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.23
Stefan Bühler 13 years ago
parent
commit
7ad4792357
  1. 1
      NEWS
  2. 3
      src/base.h
  3. 1
      src/http_auth.c
  4. 1
      src/mod_usertrack.c
  5. 14
      src/server.c

1
NEWS

@ -50,6 +50,7 @@ NEWS
* Add "lighty.req_env" table to mod_magnet for setting/getting environment values for cgi (fixes #1967, thx presbrey)
* Fix segfault in mod_expire after failed config parsing (fixes #1992)
* Add ssi.content-type option (default text/html, fixes #615)
* Add support for "real" entropy from /dev/[u]random (fixes #1977)
- 1.4.22 - 2009-03-07
* Fix wrong lua type for CACHE_MISS/CACHE_HIT in mod_cml (fixes #533)

3
src/base.h

@ -587,6 +587,9 @@ typedef struct server {
time_t last_generated_debug_ts;
time_t startup_ts;
char entropy[8]; /* from /dev/[u]random if possible, otherwise rand() */
char is_real_entropy; /* whether entropy is from /dev/[u]random */
buffer *ts_debug_str;
buffer *ts_date_str;

1
src/http_auth.c

@ -1188,6 +1188,7 @@ int http_auth_digest_generate_nonce(server *srv, mod_auth_plugin_data *p, buffer
/* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */
LI_ltostr(hh, srv->cur_ts);
MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
LI_ltostr(hh, rand());
MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));

1
src/mod_usertrack.c

@ -229,6 +229,7 @@ URIHANDLER_FUNC(mod_usertrack_uri_handler) {
/* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */
LI_ltostr(hh, srv->cur_ts);
MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
LI_ltostr(hh, rand());
MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));

14
src/server.c

@ -169,6 +169,7 @@ static void daemonize(void) {
static server *server_init(void) {
int i;
FILE *frandom = NULL;
server *srv = calloc(1, sizeof(*srv));
assert(srv);
@ -209,6 +210,19 @@ static server *server_init(void) {
srv->mtime_cache[i].str = buffer_init();
}
if ((NULL != (frandom = fopen("/dev/urandom", "rb")) || NULL != (frandom = fopen("/dev/random", "rb")))
&& 1 == fread(srv->entropy, sizeof(srv->entropy), 1, frandom)) {
srand(*(unsigned int*)srv->entropy);
srv->is_real_entropy = 1;
} else {
unsigned int j;
srand(time(NULL) ^ getpid());
srv->is_real_entropy = 0;
for (j = 0; j < sizeof(srv->entropy); j++)
srv->entropy[j] = rand();
}
if (frandom) fclose(frandom);
srv->cur_ts = time(NULL);
srv->startup_ts = srv->cur_ts;

Loading…
Cancel
Save