Only read /dev/random once when the program starts

rather than for every connection, to "conserve entropy". --HG-- extra : convert_revision : 21df240b71c0af8454725dec9abb428dd4bb97a2
2025-06-26 18:17:32 +00:00 · 2006-02-11 15:15:37 +00:00
parent fcba907998
commit 1eb9209afe
6 changed files with 39 additions and 13 deletions
--- a/random.c
+++ b/random.c
@@ -30,8 +30,8 @@
 static int donerandinit = 0;

 /* this is used to generate unique output from the same hashpool */
-static unsigned int counter = 0;
-#define MAX_COUNTER 1000000/* the max value for the counter, so it won't loop */
+static uint32_t counter = 0;
+#define MAX_COUNTER 1<<31 /* the max value for the counter, so it won't loop */

 static unsigned char hashpool[SHA1_HASH_SIZE];

@@ -132,7 +132,8 @@ void seedrandom() {

 	hash_state hs;

-	/* initialise so compilers will be happy about hashing it */
+	/* initialise so that things won't warn about
+     * hashing an undefined buffer */
 	if (!donerandinit) {
 		m_burn(hashpool, sizeof(hashpool));
 	}
@@ -150,6 +151,30 @@ void seedrandom() {
 	donerandinit = 1;
 }

+/* hash the current random pool with some unique identifiers
+ * for this process and point-in-time. this is used to separate
+ * the random pools for fork()ed processes. */
+void reseedrandom() {
+
+    pid_t pid;
+    struct timeval tv;
+
+	if (!donerandinit) {
+		dropbear_exit("seedrandom not done");
+	}
+
+    pid = getpid();
+    gettimeofday(&tv, NULL);
+
+	hash_state hs;
+	unsigned char hash[SHA1_HASH_SIZE];
+	sha1_init(&hs);
+	sha1_process(&hs, (void*)hashpool, sizeof(hashpool));
+	sha1_process(&hs, (void*)&pid, sizeof(pid));
+	sha1_process(&hs, (void*)&tv, sizeof(tv));
+	sha1_done(&hs, hashpool);
+}
+
 /* return len bytes of pseudo-random data */
 void genrandom(unsigned char* buf, unsigned int len) {