Line 0
Link Here
|
|
|
1 |
From 613c29869dea8b1b424eb74b14a29d3595042fd4 Mon Sep 17 00:00:00 2001 |
2 |
From: hasufell <hasufell@gentoo.org> |
3 |
Date: Tue, 6 Oct 2015 11:45:29 +0200 |
4 |
Subject: [PATCH] Remove RAND_egd support |
5 |
|
6 |
The EGD daemon is unmaintained and deemed insecure. |
7 |
This also fixes LibreSSL compatibility. |
8 |
--- |
9 |
heimdal-1.5.3/lib/hcrypto/Makefile.am | 1 - |
10 |
heimdal-1.5.3/lib/hcrypto/libhcrypto-exports.def | 3 - |
11 |
heimdal-1.5.3/lib/hcrypto/rand-egd.c | 260 ----------------------- |
12 |
heimdal-1.5.3/lib/hcrypto/rand-fortuna.c | 14 -- |
13 |
heimdal-1.5.3/lib/hcrypto/rand.h | 6 - |
14 |
heimdal-1.5.3/lib/hcrypto/randi.h | 1 - |
15 |
heimdal-1.5.3/lib/hcrypto/test_rand.c | 4 - |
16 |
heimdal-1.5.3/lib/hcrypto/version-script.map | 3 - |
17 |
heimdal-1.5.3/lib/krb5/crypto-rand.c | 14 -- |
18 |
9 files changed, 306 deletions(-) |
19 |
delete mode 100644 heimdal-1.5.3/lib/hcrypto/rand-egd.c |
20 |
|
21 |
diff --git a/heimdal-1.5.3/lib/hcrypto/Makefile.am b/heimdal-1.5.3/lib/hcrypto/Makefile.am |
22 |
index 0286c89..959ddad 100644 |
23 |
--- a/heimdal-1.5.3/lib/hcrypto/Makefile.am |
24 |
+++ b/heimdal-1.5.3/lib/hcrypto/Makefile.am |
25 |
@@ -125,7 +125,6 @@ libhcrypto_la_SOURCES = \ |
26 |
md5.h \ |
27 |
pkcs5.c \ |
28 |
pkcs12.c \ |
29 |
- rand-egd.c \ |
30 |
rand-fortuna.c \ |
31 |
rand-timer.c \ |
32 |
rand-unix.c \ |
33 |
diff --git a/heimdal-1.5.3/lib/hcrypto/libhcrypto-exports.def b/heimdal-1.5.3/lib/hcrypto/libhcrypto-exports.def |
34 |
index a7208f9..c40f151 100644 |
35 |
--- a/heimdal-1.5.3/lib/hcrypto/libhcrypto-exports.def |
36 |
+++ b/heimdal-1.5.3/lib/hcrypto/libhcrypto-exports.def |
37 |
@@ -221,9 +221,6 @@ EXPORTS |
38 |
hc_RAND_add |
39 |
hc_RAND_bytes |
40 |
hc_RAND_cleanup |
41 |
-;! hc_RAND_egd |
42 |
-;! hc_RAND_egd_bytes |
43 |
-;! hc_RAND_egd_method |
44 |
hc_RAND_file_name |
45 |
;! hc_RAND_fortuna_method |
46 |
hc_RAND_get_rand_method |
47 |
diff --git a/heimdal-1.5.3/lib/hcrypto/rand-egd.c b/heimdal-1.5.3/lib/hcrypto/rand-egd.c |
48 |
deleted file mode 100644 |
49 |
index dd2d3e1..0000000 |
50 |
--- a/heimdal-1.5.3/lib/hcrypto/rand-egd.c |
51 |
+++ /dev/null |
52 |
@@ -1,260 +0,0 @@ |
53 |
-/* |
54 |
- * Copyright (c) 2007 Kungliga Tekniska Högskolan |
55 |
- * (Royal Institute of Technology, Stockholm, Sweden). |
56 |
- * All rights reserved. |
57 |
- * |
58 |
- * Redistribution and use in source and binary forms, with or without |
59 |
- * modification, are permitted provided that the following conditions |
60 |
- * are met: |
61 |
- * |
62 |
- * 1. Redistributions of source code must retain the above copyright |
63 |
- * notice, this list of conditions and the following disclaimer. |
64 |
- * |
65 |
- * 2. Redistributions in binary form must reproduce the above copyright |
66 |
- * notice, this list of conditions and the following disclaimer in the |
67 |
- * documentation and/or other materials provided with the distribution. |
68 |
- * |
69 |
- * 3. Neither the name of the Institute nor the names of its contributors |
70 |
- * may be used to endorse or promote products derived from this software |
71 |
- * without specific prior written permission. |
72 |
- * |
73 |
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND |
74 |
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
75 |
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
76 |
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE |
77 |
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
78 |
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
79 |
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
80 |
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
81 |
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
82 |
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
83 |
- * SUCH DAMAGE. |
84 |
- */ |
85 |
- |
86 |
-#include <config.h> |
87 |
- |
88 |
-#include <sys/types.h> |
89 |
-#ifdef HAVE_SYS_UN_H |
90 |
-#include <sys/un.h> |
91 |
-#endif |
92 |
- |
93 |
-#include <stdio.h> |
94 |
-#include <stdlib.h> |
95 |
-#ifdef HAVE_UNISTD_H |
96 |
-#include <unistd.h> |
97 |
-#endif |
98 |
-#include <assert.h> |
99 |
- |
100 |
-#include <rand.h> |
101 |
-#include <randi.h> |
102 |
- |
103 |
-#include <roken.h> |
104 |
- |
105 |
-static const char *egd_path = "/var/run/egd-pool"; |
106 |
- |
107 |
-#define MAX_EGD_DATA 255 |
108 |
- |
109 |
-static int |
110 |
-connect_egd(const char *path) |
111 |
-{ |
112 |
- struct sockaddr_un addr; |
113 |
- int fd; |
114 |
- |
115 |
- memset(&addr, 0, sizeof(addr)); |
116 |
- |
117 |
- if (strlen(path) > sizeof(addr.sun_path)) |
118 |
- return -1; |
119 |
- |
120 |
- addr.sun_family = AF_UNIX; |
121 |
- strlcpy(addr.sun_path, path, sizeof(addr.sun_path)); |
122 |
- |
123 |
- fd = socket(AF_UNIX, SOCK_STREAM, 0); |
124 |
- if (fd < 0) |
125 |
- return -1; |
126 |
- |
127 |
- rk_cloexec(fd); |
128 |
- |
129 |
- if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) != 0) { |
130 |
- close(fd); |
131 |
- return -1; |
132 |
- } |
133 |
- |
134 |
- return fd; |
135 |
-} |
136 |
- |
137 |
-static int |
138 |
-get_entropy(int fd, void *data, size_t len) |
139 |
-{ |
140 |
- unsigned char msg[2]; |
141 |
- |
142 |
- assert(len <= MAX_EGD_DATA); |
143 |
- |
144 |
- msg[0] = 0x02; /* read blocking data */ |
145 |
- msg[1] = len; /* wanted length */ |
146 |
- |
147 |
- if (net_write(fd, msg, sizeof(msg)) != sizeof(msg)) |
148 |
- return 0; |
149 |
- |
150 |
- if (net_read(fd, data, len) != len) |
151 |
- return 0; |
152 |
- |
153 |
- return 1; |
154 |
-} |
155 |
- |
156 |
-static int |
157 |
-put_entropy(int fd, const void *data, size_t len) |
158 |
-{ |
159 |
- unsigned char msg[4]; |
160 |
- |
161 |
- assert (len <= MAX_EGD_DATA); |
162 |
- |
163 |
- msg[0] = 0x03; /* write data */ |
164 |
- msg[1] = 0; /* dummy */ |
165 |
- msg[2] = 0; /* entropy */ |
166 |
- msg[3] = len; /* length */ |
167 |
- |
168 |
- if (net_write(fd, msg, sizeof(msg)) != sizeof(msg)) |
169 |
- return 0; |
170 |
- if (net_write(fd, data, len) != len) |
171 |
- return 0; |
172 |
- |
173 |
- return 1; |
174 |
-} |
175 |
- |
176 |
-/* |
177 |
- * |
178 |
- */ |
179 |
- |
180 |
-static void |
181 |
-egd_seed(const void *indata, int size) |
182 |
-{ |
183 |
- size_t len; |
184 |
- int fd, ret = 1; |
185 |
- |
186 |
- fd = connect_egd(egd_path); |
187 |
- if (fd < 0) |
188 |
- return; |
189 |
- |
190 |
- while(size) { |
191 |
- len = size; |
192 |
- if (len > MAX_EGD_DATA) |
193 |
- len = MAX_EGD_DATA; |
194 |
- ret = put_entropy(fd, indata, len); |
195 |
- if (ret != 1) |
196 |
- break; |
197 |
- indata = ((unsigned char *)indata) + len; |
198 |
- size -= len; |
199 |
- } |
200 |
- close(fd); |
201 |
-} |
202 |
- |
203 |
-static int |
204 |
-get_bytes(const char *path, unsigned char *outdata, int size) |
205 |
-{ |
206 |
- size_t len; |
207 |
- int fd, ret = 1; |
208 |
- |
209 |
- if (path == NULL) |
210 |
- path = egd_path; |
211 |
- |
212 |
- fd = connect_egd(path); |
213 |
- if (fd < 0) |
214 |
- return 0; |
215 |
- |
216 |
- while(size) { |
217 |
- len = size; |
218 |
- if (len > MAX_EGD_DATA) |
219 |
- len = MAX_EGD_DATA; |
220 |
- ret = get_entropy(fd, outdata, len); |
221 |
- if (ret != 1) |
222 |
- break; |
223 |
- outdata += len; |
224 |
- size -= len; |
225 |
- } |
226 |
- close(fd); |
227 |
- |
228 |
- return ret; |
229 |
-} |
230 |
- |
231 |
-static int |
232 |
-egd_bytes(unsigned char *outdata, int size) |
233 |
-{ |
234 |
- return get_bytes(NULL, outdata, size); |
235 |
-} |
236 |
- |
237 |
-static void |
238 |
-egd_cleanup(void) |
239 |
-{ |
240 |
-} |
241 |
- |
242 |
-static void |
243 |
-egd_add(const void *indata, int size, double entropi) |
244 |
-{ |
245 |
- egd_seed(indata, size); |
246 |
-} |
247 |
- |
248 |
-static int |
249 |
-egd_pseudorand(unsigned char *outdata, int size) |
250 |
-{ |
251 |
- return get_bytes(NULL, outdata, size); |
252 |
-} |
253 |
- |
254 |
-static int |
255 |
-egd_status(void) |
256 |
-{ |
257 |
- int fd; |
258 |
- fd = connect_egd(egd_path); |
259 |
- if (fd < 0) |
260 |
- return 0; |
261 |
- close(fd); |
262 |
- return 1; |
263 |
-} |
264 |
- |
265 |
-const RAND_METHOD hc_rand_egd_method = { |
266 |
- egd_seed, |
267 |
- egd_bytes, |
268 |
- egd_cleanup, |
269 |
- egd_add, |
270 |
- egd_pseudorand, |
271 |
- egd_status |
272 |
-}; |
273 |
- |
274 |
-const RAND_METHOD * |
275 |
-RAND_egd_method(void) |
276 |
-{ |
277 |
- return &hc_rand_egd_method; |
278 |
-} |
279 |
- |
280 |
- |
281 |
-int |
282 |
-RAND_egd(const char *filename) |
283 |
-{ |
284 |
- return RAND_egd_bytes(filename, 128); |
285 |
-} |
286 |
- |
287 |
-int |
288 |
-RAND_egd_bytes(const char *filename, int size) |
289 |
-{ |
290 |
- void *data; |
291 |
- int ret; |
292 |
- |
293 |
- if (size <= 0) |
294 |
- return 0; |
295 |
- |
296 |
- data = malloc(size); |
297 |
- if (data == NULL) |
298 |
- return 0; |
299 |
- |
300 |
- ret = get_bytes(filename, data, size); |
301 |
- if (ret != 1) { |
302 |
- free(data); |
303 |
- return ret; |
304 |
- } |
305 |
- |
306 |
- RAND_seed(data, size); |
307 |
- |
308 |
- memset(data, 0, size); |
309 |
- free(data); |
310 |
- |
311 |
- return 1; |
312 |
-} |
313 |
diff --git a/heimdal-1.5.3/lib/hcrypto/rand-fortuna.c b/heimdal-1.5.3/lib/hcrypto/rand-fortuna.c |
314 |
index 11027b4..a4c3885 100644 |
315 |
--- a/heimdal-1.5.3/lib/hcrypto/rand-fortuna.c |
316 |
+++ b/heimdal-1.5.3/lib/hcrypto/rand-fortuna.c |
317 |
@@ -486,20 +486,6 @@ fortuna_reseed(void) |
318 |
entropy_p = 1; |
319 |
} |
320 |
#endif |
321 |
-#ifndef NO_RAND_EGD_METHOD |
322 |
- /* |
323 |
- * Only to get egd entropy if /dev/random or arc4rand failed since |
324 |
- * it can be horribly slow to generate new bits. |
325 |
- */ |
326 |
- if (!entropy_p) { |
327 |
- unsigned char buf[INIT_BYTES]; |
328 |
- if ((*hc_rand_egd_method.bytes)(buf, sizeof(buf)) == 1) { |
329 |
- add_entropy(&main_state, buf, sizeof(buf)); |
330 |
- entropy_p = 1; |
331 |
- memset(buf, 0, sizeof(buf)); |
332 |
- } |
333 |
- } |
334 |
-#endif |
335 |
/* |
336 |
* Fall back to gattering data from timer and secret files, this |
337 |
* is really the last resort. |
338 |
diff --git a/heimdal-1.5.3/lib/hcrypto/rand.h b/heimdal-1.5.3/lib/hcrypto/rand.h |
339 |
index 590bd8c..1c9df8a 100644 |
340 |
--- a/heimdal-1.5.3/lib/hcrypto/rand.h |
341 |
+++ b/heimdal-1.5.3/lib/hcrypto/rand.h |
342 |
@@ -56,10 +56,7 @@ typedef struct RAND_METHOD RAND_METHOD; |
343 |
#define RAND_load_file hc_RAND_load_file |
344 |
#define RAND_write_file hc_RAND_write_file |
345 |
#define RAND_status hc_RAND_status |
346 |
-#define RAND_egd hc_RAND_egd |
347 |
-#define RAND_egd_bytes hc_RAND_egd_bytes |
348 |
#define RAND_fortuna_method hc_RAND_fortuna_method |
349 |
-#define RAND_egd_method hc_RAND_egd_method |
350 |
#define RAND_unix_method hc_RAND_unix_method |
351 |
#define RAND_w32crypto_method hc_RAND_w32crypto_method |
352 |
|
353 |
@@ -97,13 +94,10 @@ const char * |
354 |
int RAND_load_file(const char *, size_t); |
355 |
int RAND_write_file(const char *); |
356 |
int RAND_status(void); |
357 |
-int RAND_egd(const char *); |
358 |
-int RAND_egd_bytes(const char *, int); |
359 |
|
360 |
|
361 |
const RAND_METHOD * RAND_fortuna_method(void); |
362 |
const RAND_METHOD * RAND_unix_method(void); |
363 |
-const RAND_METHOD * RAND_egd_method(void); |
364 |
const RAND_METHOD * RAND_w32crypto_method(void); |
365 |
|
366 |
#endif /* _HEIM_RAND_H */ |
367 |
diff --git a/heimdal-1.5.3/lib/hcrypto/randi.h b/heimdal-1.5.3/lib/hcrypto/randi.h |
368 |
index fe021a8..85d5d66 100644 |
369 |
--- a/heimdal-1.5.3/lib/hcrypto/randi.h |
370 |
+++ b/heimdal-1.5.3/lib/hcrypto/randi.h |
371 |
@@ -40,7 +40,6 @@ |
372 |
|
373 |
extern const RAND_METHOD hc_rand_fortuna_method; |
374 |
extern const RAND_METHOD hc_rand_unix_method; |
375 |
-extern const RAND_METHOD hc_rand_egd_method; |
376 |
extern const RAND_METHOD hc_rand_timer_method; |
377 |
extern const RAND_METHOD hc_rand_w32crypto_method; |
378 |
|
379 |
diff --git a/heimdal-1.5.3/lib/hcrypto/test_rand.c b/heimdal-1.5.3/lib/hcrypto/test_rand.c |
380 |
index c90ed3c..526be9b 100644 |
381 |
--- a/heimdal-1.5.3/lib/hcrypto/test_rand.c |
382 |
+++ b/heimdal-1.5.3/lib/hcrypto/test_rand.c |
383 |
@@ -123,10 +123,6 @@ main(int argc, char **argv) |
384 |
else if (strcasecmp(rand_method, "unix") == 0) |
385 |
RAND_set_rand_method(RAND_unix_method()); |
386 |
#endif |
387 |
-#ifndef NO_RAND_EGD_METHOD |
388 |
- else if (strcasecmp(rand_method, "egd") == 0) |
389 |
- RAND_set_rand_method(RAND_egd_method()); |
390 |
-#endif |
391 |
#ifdef WIN32 |
392 |
else if (strcasecmp(rand_method, "w32crypto") == 0) |
393 |
RAND_set_rand_method(RAND_w32crypto_method()); |
394 |
diff --git a/heimdal-1.5.3/lib/hcrypto/version-script.map b/heimdal-1.5.3/lib/hcrypto/version-script.map |
395 |
index 6985d1b..771ab8a 100644 |
396 |
--- a/heimdal-1.5.3/lib/hcrypto/version-script.map |
397 |
+++ b/heimdal-1.5.3/lib/hcrypto/version-script.map |
398 |
@@ -226,9 +226,6 @@ HEIMDAL_CRYPTO_1.0 { |
399 |
hc_RAND_add; |
400 |
hc_RAND_bytes; |
401 |
hc_RAND_cleanup; |
402 |
- hc_RAND_egd; |
403 |
- hc_RAND_egd_bytes; |
404 |
- hc_RAND_egd_method; |
405 |
hc_RAND_file_name; |
406 |
hc_RAND_fortuna_method; |
407 |
hc_RAND_get_rand_method; |
408 |
diff --git a/heimdal-1.5.3/lib/krb5/crypto-rand.c b/heimdal-1.5.3/lib/krb5/crypto-rand.c |
409 |
index 49bd679..0fbd95d 100644 |
410 |
--- a/heimdal-1.5.3/lib/krb5/crypto-rand.c |
411 |
+++ b/heimdal-1.5.3/lib/krb5/crypto-rand.c |
412 |
@@ -62,22 +62,8 @@ seed_something(void) |
413 |
/* Calling RAND_status() will try to use /dev/urandom if it exists so |
414 |
we do not have to deal with it. */ |
415 |
if (RAND_status() != 1) { |
416 |
-#ifndef _WIN32 |
417 |
- krb5_context context; |
418 |
- const char *p; |
419 |
- |
420 |
- /* Try using egd */ |
421 |
- if (!krb5_init_context(&context)) { |
422 |
- p = krb5_config_get_string(context, NULL, "libdefaults", |
423 |
- "egd_socket", NULL); |
424 |
- if (p != NULL) |
425 |
- RAND_egd_bytes(p, ENTROPY_NEEDED); |
426 |
- krb5_free_context(context); |
427 |
- } |
428 |
-#else |
429 |
/* TODO: Once a Windows CryptoAPI RAND method is defined, we |
430 |
can use that and failover to another method. */ |
431 |
-#endif |
432 |
} |
433 |
|
434 |
if (RAND_status() == 1) { |
435 |
-- |
436 |
2.6.0 |
437 |
|