From f9b625c36e3dea521c02919e90ac2ddcfd19b06a Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 9 Jul 2000 22:42:32 +1000 Subject: [PATCH] - (djm) Fix pam sprintf fix - (djm) Cleanup entropy collection code a little more. Split initialisation from seeding, perform intialisation immediatly at start, be careful with uids. Based on problem report from Jim Watt --- ChangeLog | 4 +++ auth-pam.c | 4 +-- entropy.c | 91 +++++++++++++++++++++++++++++----------------------- entropy.h | 1 + ssh-add.c | 2 ++ ssh-agent.c | 2 ++ ssh-keygen.c | 2 ++ ssh.c | 2 ++ sshd.c | 2 ++ 9 files changed, 67 insertions(+), 43 deletions(-) diff --git a/ChangeLog b/ChangeLog index 20831f2e3..88ae8b4ad 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,6 +7,10 @@ builds. Problem report from Gregory Leblanc - (djm) Replace ut_name with ut_user. Patch from Jim Watt + - (djm) Fix pam sprintf fix + - (djm) Cleanup entropy collection code a little more. Split initialisation + from seeding, perform intialisation immediatly at start, be careful with + uids. Based on problem report from Jim Watt 20000708 - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from diff --git a/auth-pam.c b/auth-pam.c index a3067d619..852dbdc21 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -34,7 +34,7 @@ #include "xmalloc.h" #include "servconf.h" -RCSID("$Id: auth-pam.c,v 1.10 2000/07/09 11:21:52 djm Exp $"); +RCSID("$Id: auth-pam.c,v 1.11 2000/07/09 12:42:33 djm Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: You password has expired, please change it now" @@ -279,7 +279,7 @@ char **fetch_pam_environment(void) void print_pam_messages(void) { if (pam_msg != NULL) - fputs(stderr, pam_msg); + fputs(pam_msg, stderr); } /* Append a message to the PAM message buffer */ diff --git a/entropy.c b/entropy.c index d8eba6547..842760992 100644 --- a/entropy.c +++ b/entropy.c @@ -35,7 +35,7 @@ #include #include -RCSID("$Id: entropy.c,v 1.16 2000/06/26 03:55:31 djm Exp $"); +RCSID("$Id: entropy.c,v 1.17 2000/07/09 12:42:33 djm Exp $"); #ifndef offsetof # define offsetof(type, member) ((size_t) &((type *)0)->member) @@ -168,6 +168,9 @@ seed_rng(void) memset(buf, '\0', sizeof(buf)); } +/* No-op */ +void init_rng(void) {} + #else /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */ /* @@ -180,9 +183,9 @@ seed_rng(void) /* static int entropy_timeout_default = ENTROPY_TIMEOUT_MSEC; */ static int entropy_timeout_current = ENTROPY_TIMEOUT_MSEC; -static int prng_seed_loaded = 0; static int prng_seed_saved = 0; -static int prng_commands_loaded = 0; +static int prng_initialised = 0; +uid_t original_uid; typedef struct { @@ -395,10 +398,10 @@ hash_output_from_command(entropy_source_t *src, char *hash) close(p[1]); close(devnull); + setuid(original_uid); execv(src->path, (char**)(src->args)); debug("(child) Couldn't exec '%s': %s", src->cmdstring, strerror(errno)); - src->badness = src->sticky_badness = 128; _exit(-1); default: /* Parent */ break; @@ -432,38 +435,36 @@ hash_output_from_command(entropy_source_t *src, char *hash) ret = select(p[0]+1, &rdset, NULL, NULL, &tv); + RAND_add(&tv, sizeof(tv), 0.0); + switch (ret) { case 0: /* timer expired */ error_abort = 1; break; - case 1: /* command input */ bytes_read = read(p[0], buf, sizeof(buf)); + RAND_add(&bytes_read, sizeof(&bytes_read), 0.0); if (bytes_read == -1) { error_abort = 1; break; - } - if (bytes_read) { + } else if (bytes_read) { SHA1_Update(&sha, buf, bytes_read); total_bytes_read += bytes_read; - RAND_add(&bytes_read, sizeof(&bytes_read), 0.0); - } else + } else { cmd_eof = 1; - + } break; - case -1: default: + /* error */ debug("Command '%s': select() failed: %s", src->cmdstring, strerror(errno)); error_abort = 1; break; - } /* switch ret */ - - RAND_add(&tv, sizeof(&tv), 0.0); - } /* while !error_abort && !cmd_eof */ + } + } SHA1_Final(hash, &sha); @@ -533,7 +534,7 @@ prng_check_seedfile(char *filename) { fatal("PRNG seedfile %.100s is not a regular file", filename); /* mode 0600, owned by root or the current user? */ - if (((st.st_mode & 0177) != 0) || !(st.st_uid == getuid())) + if (((st.st_mode & 0177) != 0) || !(st.st_uid == original_uid)) fatal("PRNG seedfile %.100s must be mode 0600, owned by uid %d", filename, getuid()); @@ -551,12 +552,14 @@ prng_write_seedfile(void) { if (prng_seed_saved) return; + setuid(original_uid); + prng_seed_saved = 1; - pw = getpwuid(getuid()); + pw = getpwuid(original_uid); if (pw == NULL) fatal("Couldn't get password entry for current user (%i): %s", - getuid(), strerror(errno)); + original_uid, strerror(errno)); /* Try to ensure that the parent directory is there */ snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, @@ -591,10 +594,10 @@ prng_read_seedfile(void) { char filename[1024]; struct passwd *pw; - pw = getpwuid(getuid()); + pw = getpwuid(original_uid); if (pw == NULL) fatal("Couldn't get password entry for current user (%i): %s", - getuid(), strerror(errno)); + original_uid, strerror(errno)); snprintf(filename, sizeof(filename), "%.512s/%s", pw->pw_dir, SSH_PRNG_SEED_FILE); @@ -755,7 +758,7 @@ prng_read_commands(char *cmdfilename) /* trim to size */ entropy_sources = xrealloc(entcmd, (cur_cmd+1) * sizeof(entropy_source_t)); - debug("loaded %d entropy commands from %.100s", cur_cmd, cmdfilename); + debug("Loaded %d entropy commands from %.100s", cur_cmd, cmdfilename); return (cur_cmd >= MIN_ENTROPY_SOURCES); } @@ -777,35 +780,41 @@ void seed_rng(void) { void *old_sigchld_handler; - - if (!prng_commands_loaded) { - if (!prng_read_commands(SSH_PRNG_COMMAND_FILE)) - fatal("PRNG initialisation failed -- exiting."); - prng_commands_loaded = 1; - } + if (!prng_initialised) + fatal("RNG not initialised"); + /* Make sure some other sigchld handler doesn't reap our entropy */ /* commands */ old_sigchld_handler = signal(SIGCHLD, SIG_DFL); - debug("Seeding random number generator."); - debug("OpenSSL random status is now %i\n", RAND_status()); - debug("%i bytes from system calls", (int)stir_from_system()); - debug("%i bytes from programs", (int)stir_from_programs()); - debug("OpenSSL random status is now %i\n", RAND_status()); + debug("Seeded RNG with %i bytes from programs", (int)stir_from_programs()); + debug("Seeded RNG with %i bytes from system calls", (int)stir_from_system()); + + if (!RAND_status()) + fatal("Not enough entropy in RNG"); signal(SIGCHLD, old_sigchld_handler); if (!RAND_status()) fatal("Couldn't initialise builtin random number generator -- exiting."); - - if (!prng_seed_loaded) - { - prng_seed_loaded = 1; - prng_seed_saved = 0; - prng_read_seedfile(); - fatal_add_cleanup(prng_seed_cleanup, NULL); - atexit(prng_write_seedfile); - } } + +void init_rng(void) +{ + original_uid = getuid(); + + /* Read in collection commands */ + if (!prng_read_commands(SSH_PRNG_COMMAND_FILE)) + fatal("PRNG initialisation failed -- exiting."); + + /* Set ourselves up to save a seed upon exit */ + prng_seed_saved = 0; + prng_read_seedfile(); + fatal_add_cleanup(prng_seed_cleanup, NULL); + atexit(prng_write_seedfile); + + prng_initialised = 1; +} + #endif /* defined(EGD_SOCKET) || defined(RANDOM_POOL) */ diff --git a/entropy.h b/entropy.h index ec425a0cb..a6f7bfc60 100644 --- a/entropy.h +++ b/entropy.h @@ -31,5 +31,6 @@ #define _RANDOMS_H void seed_rng(void); +void init_rng(void); #endif /* _RANDOMS_H */ diff --git a/ssh-add.c b/ssh-add.c index 661e1ffa9..a5d785ce7 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -210,6 +210,8 @@ main(int argc, char **argv) int i; int deleting = 0; + init_rng(); + /* check if RSA support exists */ if (rsa_alive() == 0) { fprintf(stderr, diff --git a/ssh-agent.c b/ssh-agent.c index 7bfa29042..148bcff6e 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -509,6 +509,8 @@ main(int ac, char **av) char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid]; extern int optind; + init_rng(); + /* check if RSA support exists */ if (rsa_alive() == 0) { fprintf(stderr, diff --git a/ssh-keygen.c b/ssh-keygen.c index 4b89c15e1..dbd0443fc 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -520,6 +520,8 @@ main(int ac, char **av) extern int optind; extern char *optarg; + init_rng(); + SSLeay_add_all_algorithms(); /* we need this for the home * directory. */ diff --git a/ssh.c b/ssh.c index f9742dc8d..be2ba4469 100644 --- a/ssh.c +++ b/ssh.c @@ -206,6 +206,8 @@ main(int ac, char **av) int dummy; uid_t original_effective_uid; + init_rng(); + /* * Save the original real uid. It will be needed later (uid-swapping * may clobber the real uid). diff --git a/sshd.c b/sshd.c index a4749fbe4..93d68404f 100644 --- a/sshd.c +++ b/sshd.c @@ -422,6 +422,8 @@ main(int ac, char **av) char ntop[NI_MAXHOST], strport[NI_MAXSERV]; int listen_sock, maxfd; + init_rng(); + /* Save argv[0]. */ saved_argc = ac; saved_argv = av;