From 613c29869dea8b1b424eb74b14a29d3595042fd4 Mon Sep 17 00:00:00 2001

From: hasufell <hasufell@gentoo.org>

Date: Tue, 6 Oct 2015 11:45:29 +0200

Subject: [PATCH] Remove RAND_egd support

The EGD daemon is unmaintained and deemed insecure.

This also fixes LibreSSL compatibility.

---

 heimdal-1.5.3/lib/hcrypto/Makefile.am            |   1 -

 heimdal-1.5.3/lib/hcrypto/libhcrypto-exports.def |   3 -

 heimdal-1.5.3/lib/hcrypto/rand-egd.c             | 260 -----------------------

 heimdal-1.5.3/lib/hcrypto/rand-fortuna.c         |  14 --

 heimdal-1.5.3/lib/hcrypto/rand.h                 |   6 -

 heimdal-1.5.3/lib/hcrypto/randi.h                |   1 -

 heimdal-1.5.3/lib/hcrypto/test_rand.c            |   4 -

 heimdal-1.5.3/lib/hcrypto/version-script.map     |   3 -

 heimdal-1.5.3/lib/krb5/crypto-rand.c             |  14 --

 9 files changed, 306 deletions(-)

 delete mode 100644 heimdal-1.5.3/lib/hcrypto/rand-egd.c

diff --git a/heimdal-1.5.3/lib/hcrypto/Makefile.am b/heimdal-1.5.3/lib/hcrypto/Makefile.am

index 0286c89..959ddad 100644

--- a/heimdal-1.5.3/lib/hcrypto/Makefile.am

+++ b/heimdal-1.5.3/lib/hcrypto/Makefile.am

@@ -125,7 +125,6 @@ libhcrypto_la_SOURCES =	\

 	md5.h		\

 	pkcs5.c		\

 	pkcs12.c	\

-	rand-egd.c	\

 	rand-fortuna.c	\

 	rand-timer.c	\

 	rand-unix.c	\

diff --git a/heimdal-1.5.3/lib/hcrypto/libhcrypto-exports.def b/heimdal-1.5.3/lib/hcrypto/libhcrypto-exports.def

index a7208f9..c40f151 100644

--- a/heimdal-1.5.3/lib/hcrypto/libhcrypto-exports.def

+++ b/heimdal-1.5.3/lib/hcrypto/libhcrypto-exports.def

@@ -221,9 +221,6 @@ EXPORTS

 	hc_RAND_add

 	hc_RAND_bytes

 	hc_RAND_cleanup

-;!	hc_RAND_egd

-;!	hc_RAND_egd_bytes

-;!	hc_RAND_egd_method

 	hc_RAND_file_name

 ;!	hc_RAND_fortuna_method

 	hc_RAND_get_rand_method

diff --git a/heimdal-1.5.3/lib/hcrypto/rand-egd.c b/heimdal-1.5.3/lib/hcrypto/rand-egd.c

deleted file mode 100644

index dd2d3e1..0000000

--- a/heimdal-1.5.3/lib/hcrypto/rand-egd.c

+++ /dev/null

@@ -1,260 +0,0 @@

-/*

- * Copyright (c) 2007 Kungliga Tekniska Högskolan

- * (Royal Institute of Technology, Stockholm, Sweden).

- * All rights reserved.

- *

- * Redistribution and use in source and binary forms, with or without

- * modification, are permitted provided that the following conditions

- * are met:

- *

- * 1. Redistributions of source code must retain the above copyright

- *    notice, this list of conditions and the following disclaimer.

- *

- * 2. Redistributions in binary form must reproduce the above copyright

- *    notice, this list of conditions and the following disclaimer in the

- *    documentation and/or other materials provided with the distribution.

- *

- * 3. Neither the name of the Institute nor the names of its contributors

- *    may be used to endorse or promote products derived from this software

- *    without specific prior written permission.

- *

- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND

- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE

- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

- * SUCH DAMAGE.

- */

-

-#include <config.h>

-

-#include <sys/types.h>

-#ifdef HAVE_SYS_UN_H

-#include <sys/un.h>

-#endif

-

-#include <stdio.h>

-#include <stdlib.h>

-#ifdef HAVE_UNISTD_H

-#include <unistd.h>

-#endif

-#include <assert.h>

-

-#include <rand.h>

-#include <randi.h>

-

-#include <roken.h>

-

-static const char *egd_path = "/var/run/egd-pool";

-

-#define MAX_EGD_DATA 255

-

-static int

-connect_egd(const char *path)

-{

-    struct sockaddr_un addr;

-    int fd;

-

-    memset(&addr, 0, sizeof(addr));

-

-    if (strlen(path) > sizeof(addr.sun_path))

-	return -1;

-

-    addr.sun_family = AF_UNIX;

-    strlcpy(addr.sun_path, path, sizeof(addr.sun_path));

-

-    fd = socket(AF_UNIX, SOCK_STREAM, 0);

-    if (fd < 0)

-	return -1;

-

-    rk_cloexec(fd);

-

-    if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) != 0) {

-	close(fd);

-	return -1;

-    }

-

-    return fd;

-}

-

-static int

-get_entropy(int fd, void *data, size_t len)

-{

-    unsigned char msg[2];

-

-    assert(len <= MAX_EGD_DATA);

-

-    msg[0] = 0x02; /* read blocking data */

-    msg[1] = len; /* wanted length */

-

-    if (net_write(fd, msg, sizeof(msg)) != sizeof(msg))

-	return 0;

-

-    if (net_read(fd, data, len) != len)

-	return 0;

-

-    return 1;

-}

-

-static int

-put_entropy(int fd, const void *data, size_t len)

-{

-    unsigned char msg[4];

-

-    assert (len <= MAX_EGD_DATA);

-

-    msg[0] = 0x03; /* write data */

-    msg[1] = 0; /* dummy */

-    msg[2] = 0; /* entropy */

-    msg[3] = len; /* length */

-

-    if (net_write(fd, msg, sizeof(msg)) != sizeof(msg))

-	return 0;

-    if (net_write(fd, data, len) != len)

-	return 0;

-

-    return 1;

-}

-

-/*

- *

- */

-

-static void

-egd_seed(const void *indata, int size)

-{

-    size_t len;

-    int fd, ret = 1;

-

-    fd = connect_egd(egd_path);

-    if (fd < 0)

-	return;

-

-    while(size) {

-	len = size;

-	if (len > MAX_EGD_DATA)

-	    len = MAX_EGD_DATA;

-	ret = put_entropy(fd, indata, len);

-	if (ret != 1)

-	    break;

-	indata = ((unsigned char *)indata) + len;

-	size -= len;

-    }

-    close(fd);

-}

-

-static int

-get_bytes(const char *path, unsigned char *outdata, int size)

-{

-    size_t len;

-    int fd, ret = 1;

-

-    if (path == NULL)

-	path = egd_path;

-

-    fd = connect_egd(path);

-    if (fd < 0)

-	return 0;

-

-    while(size) {

-	len = size;

-	if (len > MAX_EGD_DATA)

-	    len = MAX_EGD_DATA;

-	ret = get_entropy(fd, outdata, len);

-	if (ret != 1)

-	    break;

-	outdata += len;

-	size -= len;

-    }

-    close(fd);

-

-    return ret;

-}

-

-static int

-egd_bytes(unsigned char *outdata, int size)

-{

-    return get_bytes(NULL, outdata, size);

-}

-

-static void

-egd_cleanup(void)

-{

-}

-

-static void

-egd_add(const void *indata, int size, double entropi)

-{

-    egd_seed(indata, size);

-}

-

-static int

-egd_pseudorand(unsigned char *outdata, int size)

-{

-    return get_bytes(NULL, outdata, size);

-}

-

-static int

-egd_status(void)

-{

-    int fd;

-    fd = connect_egd(egd_path);

-    if (fd < 0)

-	return 0;

-    close(fd);

-    return 1;

-}

-

-const RAND_METHOD hc_rand_egd_method = {

-    egd_seed,

-    egd_bytes,

-    egd_cleanup,

-    egd_add,

-    egd_pseudorand,

-    egd_status

-};

-

-const RAND_METHOD *

-RAND_egd_method(void)

-{

-    return &hc_rand_egd_method;

-}

-

-

-int

-RAND_egd(const char *filename)

-{

-    return RAND_egd_bytes(filename, 128);

-}

-

-int

-RAND_egd_bytes(const char *filename, int size)

-{

-    void *data;

-    int ret;

-

-    if (size <= 0)

-	return 0;

-

-    data = malloc(size);

-    if (data == NULL)

-	return 0;

-

-    ret = get_bytes(filename, data, size);

-    if (ret != 1) {

-	free(data);

-	return ret;

-    }

-

-    RAND_seed(data, size);

-

-    memset(data, 0, size);

-    free(data);

-

-    return 1;

-}

diff --git a/heimdal-1.5.3/lib/hcrypto/rand-fortuna.c b/heimdal-1.5.3/lib/hcrypto/rand-fortuna.c

index 11027b4..a4c3885 100644

--- a/heimdal-1.5.3/lib/hcrypto/rand-fortuna.c

+++ b/heimdal-1.5.3/lib/hcrypto/rand-fortuna.c

@@ -486,20 +486,6 @@ fortuna_reseed(void)

 	entropy_p = 1;

     }

 #endif

-#ifndef NO_RAND_EGD_METHOD

-    /*

-     * Only to get egd entropy if /dev/random or arc4rand failed since

-     * it can be horribly slow to generate new bits.

-     */

-    if (!entropy_p) {

-	unsigned char buf[INIT_BYTES];

-	if ((*hc_rand_egd_method.bytes)(buf, sizeof(buf)) == 1) {

-	    add_entropy(&main_state, buf, sizeof(buf));

-	    entropy_p = 1;

-	    memset(buf, 0, sizeof(buf));

-	}

-    }

-#endif

     /*

      * Fall back to gattering data from timer and secret files, this

      * is really the last resort.

diff --git a/heimdal-1.5.3/lib/hcrypto/rand.h b/heimdal-1.5.3/lib/hcrypto/rand.h

index 590bd8c..1c9df8a 100644

--- a/heimdal-1.5.3/lib/hcrypto/rand.h

+++ b/heimdal-1.5.3/lib/hcrypto/rand.h

@@ -56,10 +56,7 @@ typedef struct RAND_METHOD RAND_METHOD;

 #define RAND_load_file hc_RAND_load_file

 #define RAND_write_file hc_RAND_write_file

 #define RAND_status hc_RAND_status

-#define RAND_egd hc_RAND_egd

-#define RAND_egd_bytes hc_RAND_egd_bytes

 #define RAND_fortuna_method hc_RAND_fortuna_method

-#define RAND_egd_method hc_RAND_egd_method

 #define RAND_unix_method hc_RAND_unix_method

 #define RAND_w32crypto_method hc_RAND_w32crypto_method

@@ -97,13 +94,10 @@ const char *

 int	RAND_load_file(const char *, size_t);

 int	RAND_write_file(const char *);

 int	RAND_status(void);

-int	RAND_egd(const char *);

-int	RAND_egd_bytes(const char *, int);

 const RAND_METHOD *	RAND_fortuna_method(void);

 const RAND_METHOD *	RAND_unix_method(void);

-const RAND_METHOD *	RAND_egd_method(void);

 const RAND_METHOD *	RAND_w32crypto_method(void);

 #endif /* _HEIM_RAND_H */

diff --git a/heimdal-1.5.3/lib/hcrypto/randi.h b/heimdal-1.5.3/lib/hcrypto/randi.h

index fe021a8..85d5d66 100644

--- a/heimdal-1.5.3/lib/hcrypto/randi.h

+++ b/heimdal-1.5.3/lib/hcrypto/randi.h

@@ -40,7 +40,6 @@

 extern const RAND_METHOD hc_rand_fortuna_method;

 extern const RAND_METHOD hc_rand_unix_method;

-extern const RAND_METHOD hc_rand_egd_method;

 extern const RAND_METHOD hc_rand_timer_method;

 extern const RAND_METHOD hc_rand_w32crypto_method;

diff --git a/heimdal-1.5.3/lib/hcrypto/test_rand.c b/heimdal-1.5.3/lib/hcrypto/test_rand.c

index c90ed3c..526be9b 100644

--- a/heimdal-1.5.3/lib/hcrypto/test_rand.c

+++ b/heimdal-1.5.3/lib/hcrypto/test_rand.c

@@ -123,10 +123,6 @@ main(int argc, char **argv)

 	else if (strcasecmp(rand_method, "unix") == 0)

 	    RAND_set_rand_method(RAND_unix_method());

 #endif

-#ifndef NO_RAND_EGD_METHOD

-	else if (strcasecmp(rand_method, "egd") == 0)

-	    RAND_set_rand_method(RAND_egd_method());

-#endif

 #ifdef WIN32

 	else if (strcasecmp(rand_method, "w32crypto") == 0)

 	    RAND_set_rand_method(RAND_w32crypto_method());

diff --git a/heimdal-1.5.3/lib/hcrypto/version-script.map b/heimdal-1.5.3/lib/hcrypto/version-script.map

index 6985d1b..771ab8a 100644

--- a/heimdal-1.5.3/lib/hcrypto/version-script.map

+++ b/heimdal-1.5.3/lib/hcrypto/version-script.map

@@ -226,9 +226,6 @@ HEIMDAL_CRYPTO_1.0 {

 		hc_RAND_add;

 		hc_RAND_bytes;

 		hc_RAND_cleanup;

-		hc_RAND_egd;

-		hc_RAND_egd_bytes;

-		hc_RAND_egd_method;

 		hc_RAND_file_name;

 		hc_RAND_fortuna_method;

 		hc_RAND_get_rand_method;

diff --git a/heimdal-1.5.3/lib/krb5/crypto-rand.c b/heimdal-1.5.3/lib/krb5/crypto-rand.c

index 49bd679..0fbd95d 100644

--- a/heimdal-1.5.3/lib/krb5/crypto-rand.c

+++ b/heimdal-1.5.3/lib/krb5/crypto-rand.c

@@ -62,22 +62,8 @@ seed_something(void)

     /* Calling RAND_status() will try to use /dev/urandom if it exists so

        we do not have to deal with it. */

     if (RAND_status() != 1) {

-#ifndef _WIN32

-	krb5_context context;

-	const char *p;

-

-	/* Try using egd */

-	if (!krb5_init_context(&context)) {

-	    p = krb5_config_get_string(context, NULL, "libdefaults",

-				       "egd_socket", NULL);

-	    if (p != NULL)

-		RAND_egd_bytes(p, ENTROPY_NEEDED);

-	    krb5_free_context(context);

-	}

-#else

 	/* TODO: Once a Windows CryptoAPI RAND method is defined, we

 	   can use that and failover to another method. */

-#endif

     }

     if (RAND_status() == 1)	{

-- 

2.6.0