Attachment #373 for bug #630

View | Details | Raw Unified | Return to bug 630
Collapse All | Expand All




EXEEXT=@EXEEXT@

INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@
INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@

@NO_SSH_RAND_HELPER@RAND_HELPER_PROG=ssh-rand-helper${EXEEXT}
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) $(RAND_HELPER_PROG) sftp-server$(EXEEXT) sftp$(EXEEXT)

LIBSSH_OBJS=authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o \
	cipher.o  cipher-aes.o cipher-bf1.o cipher-ctr.o cipher-3des1.o \

	key.o dispatch.o kex.o mac.o uuencode.o misc.o \
	rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o kexgex.o \
	kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \
	entropy.o scard-opensc.o @SSH_RAND_HELPER_OBJ@

SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
	sshconnect.o sshconnect1.o sshconnect2.o

	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen
	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan
	$(INSTALL) -m 0755 $(STRIP_OPT) sshd $(DESTDIR)$(sbindir)/sshd
	@NO_SSH_RAND_HELPER@$(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper
		$(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \
	fi
	$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign $(DESTDIR)$(SSH_KEYSIGN)
	$(INSTALL) -m 0755 $(STRIP_OPT) sftp $(DESTDIR)$(bindir)/sftp
	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server $(DESTDIR)$(SFTP_SERVER)

	$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
	$(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
	$(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
	@NO_SSH_RAND_HELPER@$(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8
		$(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \
	fi
	$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
	$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
	$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8




	],
)	

AC_ARG_ENABLE(static-rand-helper,
AC_HELP_STRING([--enable-static-rand-helper],[ enable static linking of ssh-rand-helper instead of external subprocess (default=no)]))

NO_SSH_RAND_HELPER="#"
SSH_RAND_HELPER_OBJ=""

# Which randomness source do we use?
if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then
	# OpenSSL only
	AC_DEFINE(OPENSSL_PRNG_ONLY)
	RAND_MSG="OpenSSL internal ONLY"
	INSTALL_SSH_RAND_HELPER=""
elif test ! -z "$USE_RAND_HELPER" ; then
	if test "x$enable_static_rand_helper" = "xyes"; then
		AC_DEFINE(STATIC_RAND_HELPER, 1, [enable static linking of ssh-rand-helper instead of external subprocess])
		RAND_MSG="ssh-rand-helper (static)"
		SSH_RAND_HELPER_OBJ="ssh-rand-helper.o"
	else
		# install rand-helper
		RAND_MSG="ssh-rand-helper"
		NO_SSH_RAND_HELPER=""
	fi
fi

AC_SUBST(NO_SSH_RAND_HELPER)
AC_SUBST(SSH_RAND_HELPER_OBJ)

### Configuration of ssh-rand-helper



# Where does ssh-rand-helper get its randomness from?
INSTALL_SSH_PRNG_CMDS=""
if test ! -z "$USE_RAND_HELPER" ; then
	if test ! -z "$PRNGD_PORT" ; then
		RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
	elif test ! -z "$PRNGD_SOCKET" ; then





RCSID("$Id: entropy.c,v 1.46 2003/08/25 01:16:21 mouring Exp $");

#if !defined(OPENSSL_PRNG_ONLY) || !defined(STATIC_RAND_HELPER)
#define RANDOM_SEED_SIZE 48
static uid_t original_uid, original_euid;
#endif


seed_rng(void)
{
#ifndef OPENSSL_PRNG_ONLY
	unsigned char buf[RANDOM_SEED_SIZE];

#ifndef STATIC_RAND_HELPER
	int devnull;
	int p[2];
	pid_t pid;
	int ret;
	unsigned char buf[RANDOM_SEED_SIZE];
	mysig_t old_sigchld;

	if (RAND_status() == 1) {

		fatal("ssh-rand-helper terminated abnormally");
	if (WEXITSTATUS(ret) != 0)
		fatal("ssh-rand-helper exit with exit status %d", ret);
#else
	rand_helper(buf, sizeof(buf));
#endif
	RAND_add(buf, sizeof(buf), sizeof(buf));
	memset(buf, '\0', sizeof(buf));

#endif /* OPENSSL_PRNG_ONLY */
	if (RAND_status() != 1)
		fatal("PRNG is not seeded");

Lines 24-33 Link Here

(-)entropy.h (-3 / +7 lines)
24		24
25	/* $Id: entropy.h,v 1.4 2001/02/09 01:55:36 djm Exp $ */	25	/* $Id: entropy.h,v 1.4 2001/02/09 01:55:36 djm Exp $ */
26		26
27	#ifndef _RANDOMS_H	27	#ifndef _ENTROPY_H
28	#define _RANDOMS_H	28	#define _ENTROPY_H
		29
		30	#define RANDOM_SEED_SIZE 48
29		31
30	void seed_rng(void);	32	void seed_rng(void);
31	void init_rng(void);	33	void init_rng(void);
32		34
33	#endif /* _RANDOMS_H */	35	void rand_helper(unsigned char *buf, int bytes);
		36
		37	#endif /* _ENTROPY_H */





RCSID("$Id: ssh-rand-helper.c,v 1.13 2003/08/21 23:34:41 djm Exp $");

/* Number of bytes we write out */
#define OUTPUT_SEED_SIZE	48

/* Length of on-disk seedfiles */
#define SEED_FILE_SIZE		1024



	if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) {
		if (tcp_port != 0) {
			debug("Couldn't connect to PRNGD port %d: %s",
			    tcp_port, strerror(errno));
		} else {
			debug("Couldn't connect to PRNGD socket \"%s\": %s",
			    addr_un->sun_path, strerror(errno));
		}
		goto done;

	return cur_cmd < MIN_ENTROPY_SOURCES ? -1 : 0;
}

void rand_helper(unsigned char *buf, int bytes)
{
	struct stat st;
	int rval;

	if (!buf)
		return;

#ifdef USE_SEED_FILES
	prng_read_seedfile();
#endif

	/*
	 * Seed the RNG from wherever we can
	 */

	/* Take whatever is on the stack, but don't credit it */
	RAND_add(buf, bytes, 0);

	debug("Seeded RNG with %i bytes from system calls", 
	    (int)stir_from_system());

	rval = -1;
#ifdef PRNGD_PORT
	rval = get_random_bytes_prngd(buf, bytes, PRNGD_PORT, NULL);
#elif defined(PRNGD_SOCKET)
	rval = get_random_bytes_prngd(buf, bytes, 0, PRNGD_SOCKET);
#endif
#if defined(PRNGD_PORT) || defined(PRNGD_SOCKET)
	if (rval == -1)
		debug("Entropy collection from PRNGD failed");
	else
		RAND_add(buf, bytes, bytes);
#endif
	if ((rval == -1) && (stat(SSH_PRNG_COMMAND_FILE, &st) == 0)) {
		/* Read in collection commands */
		if (prng_read_commands(SSH_PRNG_COMMAND_FILE) == -1)
			fatal("PRNG initialisation failed -- exiting.");
		debug("Seeded RNG with %i bytes from programs", 
		    (int)stir_from_programs());
	}

#ifdef USE_SEED_FILES
	prng_write_seedfile();
#endif
}

#ifndef STATIC_RAND_HELPER

void
usage(void)
{

	fprintf(stderr, "  -x          Force output in hexidecimal (for debugging)\n");
	fprintf(stderr, "  -X          Force output in binary\n");
	fprintf(stderr, "  -b bytes    Number of bytes to output (default %d)\n",
	    RANDOM_SEED_SIZE);
}

int 


	ll = SYSLOG_LEVEL_INFO;
	debug_level = output_hex = 0;
	bytes = RANDOM_SEED_SIZE;

	/* Don't write binary data to a tty, unless we are forced to */
	if (isatty(STDOUT_FILENO))

	}

	log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1);
	
#ifdef USE_SEED_FILES
	prng_read_seedfile();
#endif

	buf = xmalloc(bytes);
	rand_helper(buf, bytes);
	/*
	 * Seed the RNG from wherever we can
	 */
	 
	/* Take whatever is on the stack, but don't credit it */
	RAND_add(buf, bytes, 0);

	debug("Seeded RNG with %i bytes from system calls", 
	    (int)stir_from_system());

#ifdef PRNGD_PORT
	if (get_random_bytes_prngd(buf, bytes, PRNGD_PORT, NULL) == -1)
		fatal("Entropy collection failed");
	RAND_add(buf, bytes, bytes);
#elif defined(PRNGD_SOCKET)
	if (get_random_bytes_prngd(buf, bytes, 0, PRNGD_SOCKET) == -1)
		fatal("Entropy collection failed");
	RAND_add(buf, bytes, bytes);
#else
	/* Read in collection commands */
	if (prng_read_commands(SSH_PRNG_COMMAND_FILE) == -1)
		fatal("PRNG initialisation failed -- exiting.");
	debug("Seeded RNG with %i bytes from programs", 
	    (int)stir_from_programs());
#endif

#ifdef USE_SEED_FILES
	prng_write_seedfile();
#endif

	/*
	 * Write the seed to stdout

	
	return ret == bytes ? 0 : 1;
}

#endif

Return to bug 630

Lines 1049-1066 Link Here

(-)configure.ac (-6 / +19 lines)
1049	],	1049	],
1050	)	1050	)
1051		1051
		1052	AC_ARG_ENABLE(static-rand-helper,
		1053	AC_HELP_STRING([--enable-static-rand-helper],[ enable static linking of ssh-rand-helper instead of external subprocess (default=no)]))
		1054
		1055	NO_SSH_RAND_HELPER="#"
		1056	SSH_RAND_HELPER_OBJ=""
		1057
1052	# Which randomness source do we use?	1058	# Which randomness source do we use?
1053	if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then	1059	if test ! -z "$OPENSSL_SEEDS_ITSELF" -a -z "$USE_RAND_HELPER" ; then
1054	# OpenSSL only	1060	# OpenSSL only
1055	AC_DEFINE(OPENSSL_PRNG_ONLY)	1061	AC_DEFINE(OPENSSL_PRNG_ONLY)
1056	RAND_MSG="OpenSSL internal ONLY"	1062	RAND_MSG="OpenSSL internal ONLY"
1057	INSTALL_SSH_RAND_HELPER=""
1058	elif test ! -z "$USE_RAND_HELPER" ; then	1063	elif test ! -z "$USE_RAND_HELPER" ; then
1059	# install rand helper	1064	if test "x$enable_static_rand_helper" = "xyes"; then
1060	RAND_MSG="ssh-rand-helper"	1065	AC_DEFINE(STATIC_RAND_HELPER, 1, [enable static linking of ssh-rand-helper instead of external subprocess])
1061	INSTALL_SSH_RAND_HELPER="yes"	1066	RAND_MSG="ssh-rand-helper (static)"
		1067	SSH_RAND_HELPER_OBJ="ssh-rand-helper.o"
		1068	else
		1069	# install rand-helper
		1070	RAND_MSG="ssh-rand-helper"
		1071	NO_SSH_RAND_HELPER=""
		1072	fi
1062	fi	1073	fi
1063	AC_SUBST(INSTALL_SSH_RAND_HELPER)	1074
		1075	AC_SUBST(NO_SSH_RAND_HELPER)
		1076	AC_SUBST(SSH_RAND_HELPER_OBJ)
1064		1077
1065	### Configuration of ssh-rand-helper	1078	### Configuration of ssh-rand-helper
1066		1079
Lines 1195-1201 Link Here
1195		1208
1196	# Where does ssh-rand-helper get its randomness from?	1209	# Where does ssh-rand-helper get its randomness from?
1197	INSTALL_SSH_PRNG_CMDS=""	1210	INSTALL_SSH_PRNG_CMDS=""
1198	if test ! -z "$INSTALL_SSH_RAND_HELPER" ; then	1211	if test ! -z "$USE_RAND_HELPER" ; then
1199	if test ! -z "$PRNGD_PORT" ; then	1212	if test ! -z "$PRNGD_PORT" ; then
1200	RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"	1213	RAND_HELPER_MSG="TCP localhost:$PRNGD_PORT"
1201	elif test ! -z "$PRNGD_SOCKET" ; then	1214	elif test ! -z "$PRNGD_SOCKET" ; then

Lines 41-49 Link Here

(-)ssh-rand-helper.c (-41 / +56 lines)
41		41
42	RCSID("$Id: ssh-rand-helper.c,v 1.13 2003/08/21 23:34:41 djm Exp $");	42	RCSID("$Id: ssh-rand-helper.c,v 1.13 2003/08/21 23:34:41 djm Exp $");
43		43
44	/* Number of bytes we write out */
45	#define OUTPUT_SEED_SIZE 48
46
47	/* Length of on-disk seedfiles */	44	/* Length of on-disk seedfiles */
48	#define SEED_FILE_SIZE 1024	45	#define SEED_FILE_SIZE 1024
49		46
Lines 174-183 Link Here
174		171
175	if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) {	172	if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) {
176	if (tcp_port != 0) {	173	if (tcp_port != 0) {
177	error("Couldn't connect to PRNGD port %d: %s",	174	debug("Couldn't connect to PRNGD port %d: %s",
178	tcp_port, strerror(errno));	175	tcp_port, strerror(errno));
179	} else {	176	} else {
180	error("Couldn't connect to PRNGD socket \"%s\": %s",	177	debug("Couldn't connect to PRNGD socket \"%s\": %s",
181	addr_un->sun_path, strerror(errno));	178	addr_un->sun_path, strerror(errno));
182	}	179	}
183	goto done;	180	goto done;
Lines 749-754 Link Here
749	return cur_cmd < MIN_ENTROPY_SOURCES ? -1 : 0;	746	return cur_cmd < MIN_ENTROPY_SOURCES ? -1 : 0;
750	}	747	}
751		748
		749	void rand_helper(unsigned char *buf, int bytes)
		750	{
		751	struct stat st;
		752	int rval;
		753
		754	if (!buf)
		755	return;
		756
		757	#ifdef USE_SEED_FILES
		758	prng_read_seedfile();
		759	#endif
		760
		761	/*
		762	* Seed the RNG from wherever we can
		763	*/
		764
		765	/* Take whatever is on the stack, but don't credit it */
		766	RAND_add(buf, bytes, 0);
		767
		768	debug("Seeded RNG with %i bytes from system calls",
		769	(int)stir_from_system());
		770
		771	rval = -1;
		772	#ifdef PRNGD_PORT
		773	rval = get_random_bytes_prngd(buf, bytes, PRNGD_PORT, NULL);
		774	#elif defined(PRNGD_SOCKET)
		775	rval = get_random_bytes_prngd(buf, bytes, 0, PRNGD_SOCKET);
		776	#endif
		777	#if defined(PRNGD_PORT) \|\| defined(PRNGD_SOCKET)
		778	if (rval == -1)
		779	debug("Entropy collection from PRNGD failed");
		780	else
		781	RAND_add(buf, bytes, bytes);
		782	#endif
		783	if ((rval == -1) && (stat(SSH_PRNG_COMMAND_FILE, &st) == 0)) {
		784	/* Read in collection commands */
		785	if (prng_read_commands(SSH_PRNG_COMMAND_FILE) == -1)
		786	fatal("PRNG initialisation failed -- exiting.");
		787	debug("Seeded RNG with %i bytes from programs",
		788	(int)stir_from_programs());
		789	}
		790
		791	#ifdef USE_SEED_FILES
		792	prng_write_seedfile();
		793	#endif
		794	}
		795
		796	#ifndef STATIC_RAND_HELPER
		797
752	void	798	void
753	usage(void)	799	usage(void)
754	{	800	{
Lines 758-764 Link Here
758	fprintf(stderr, " -x Force output in hexidecimal (for debugging)\n");	804	fprintf(stderr, " -x Force output in hexidecimal (for debugging)\n");
759	fprintf(stderr, " -X Force output in binary\n");	805	fprintf(stderr, " -X Force output in binary\n");
760	fprintf(stderr, " -b bytes Number of bytes to output (default %d)\n",	806	fprintf(stderr, " -b bytes Number of bytes to output (default %d)\n",
761	OUTPUT_SEED_SIZE);	807	RANDOM_SEED_SIZE);
762	}	808	}
763		809
764	int	810	int
Lines 774-780 Link Here
774		820
775	ll = SYSLOG_LEVEL_INFO;	821	ll = SYSLOG_LEVEL_INFO;
776	debug_level = output_hex = 0;	822	debug_level = output_hex = 0;
777	bytes = OUTPUT_SEED_SIZE;	823	bytes = RANDOM_SEED_SIZE;
778		824
779	/* Don't write binary data to a tty, unless we are forced to */	825	/* Don't write binary data to a tty, unless we are forced to */
780	if (isatty(STDOUT_FILENO))	826	if (isatty(STDOUT_FILENO))
Lines 806-847 Link Here
806	}	852	}
807		853
808	log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1);	854	log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1);
809
810	#ifdef USE_SEED_FILES
811	prng_read_seedfile();
812	#endif
813		855
814	buf = xmalloc(bytes);	856	buf = xmalloc(bytes);
815		857	rand_helper(buf, bytes);
816	/*
817	* Seed the RNG from wherever we can
818	*/
819
820	/* Take whatever is on the stack, but don't credit it */
821	RAND_add(buf, bytes, 0);
822
823	debug("Seeded RNG with %i bytes from system calls",
824	(int)stir_from_system());
825
826	#ifdef PRNGD_PORT
827	if (get_random_bytes_prngd(buf, bytes, PRNGD_PORT, NULL) == -1)
828	fatal("Entropy collection failed");
829	RAND_add(buf, bytes, bytes);
830	#elif defined(PRNGD_SOCKET)
831	if (get_random_bytes_prngd(buf, bytes, 0, PRNGD_SOCKET) == -1)
832	fatal("Entropy collection failed");
833	RAND_add(buf, bytes, bytes);
834	#else
835	/* Read in collection commands */
836	if (prng_read_commands(SSH_PRNG_COMMAND_FILE) == -1)
837	fatal("PRNG initialisation failed -- exiting.");
838	debug("Seeded RNG with %i bytes from programs",
839	(int)stir_from_programs());
840	#endif
841
842	#ifdef USE_SEED_FILES
843	prng_write_seedfile();
844	#endif
845		858
846	/*	859	/*
847	* Write the seed to stdout	860	* Write the seed to stdout
Lines 865-867 Link Here
865		878
866	return ret == bytes ? 0 : 1;	879	return ret == bytes ? 0 : 1;
867	}	880	}
		881
		882	#endif

Lines 56-64 Link Here

(-)Makefile.in (-9 / +5 lines)
56	EXEEXT=@EXEEXT@	56	EXEEXT=@EXEEXT@
57		57
58	INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@	58	INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@
59	INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
60		59
61	TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT)	60	@NO_SSH_RAND_HELPER@RAND_HELPER_PROG=ssh-rand-helper${EXEEXT}
		61	TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) $(RAND_HELPER_PROG) sftp-server$(EXEEXT) sftp$(EXEEXT)
62		62
63	LIBSSH_OBJS=authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o \	63	LIBSSH_OBJS=authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o \
64	cipher.o cipher-aes.o cipher-bf1.o cipher-ctr.o cipher-3des1.o \	64	cipher.o cipher-aes.o cipher-bf1.o cipher-ctr.o cipher-3des1.o \
Lines 68-74 Link Here
68	key.o dispatch.o kex.o mac.o uuencode.o misc.o \	68	key.o dispatch.o kex.o mac.o uuencode.o misc.o \
69	rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o kexgex.o \	69	rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o kexgex.o \
70	kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \	70	kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \
71	entropy.o scard-opensc.o	71	entropy.o scard-opensc.o @SSH_RAND_HELPER_OBJ@
72		72
73	SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \	73	SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
74	sshconnect.o sshconnect1.o sshconnect2.o	74	sshconnect.o sshconnect1.o sshconnect2.o
Lines 248-256 Link Here
248	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen	248	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen
249	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan	249	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan
250	$(INSTALL) -m 0755 $(STRIP_OPT) sshd $(DESTDIR)$(sbindir)/sshd	250	$(INSTALL) -m 0755 $(STRIP_OPT) sshd $(DESTDIR)$(sbindir)/sshd
251	if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \	251	@NO_SSH_RAND_HELPER@$(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper
252	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \
253	fi
254	$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign $(DESTDIR)$(SSH_KEYSIGN)	252	$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign $(DESTDIR)$(SSH_KEYSIGN)
255	$(INSTALL) -m 0755 $(STRIP_OPT) sftp $(DESTDIR)$(bindir)/sftp	253	$(INSTALL) -m 0755 $(STRIP_OPT) sftp $(DESTDIR)$(bindir)/sftp
256	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server $(DESTDIR)$(SFTP_SERVER)	254	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server $(DESTDIR)$(SFTP_SERVER)
Lines 263-271 Link Here
263	$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5	261	$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
264	$(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5	262	$(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
265	$(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8	263	$(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
266	if [ ! -z "$(INSTALL_SSH_RAND_HELPER)" ]; then \	264	@NO_SSH_RAND_HELPER@$(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8
267	$(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \
268	fi
269	$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1	265	$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
270	$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8	266	$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
271	$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8	267	$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8

Lines 47-54 Link Here

(-)entropy.c (-5 / +7 lines)
47		47
48	RCSID("$Id: entropy.c,v 1.46 2003/08/25 01:16:21 mouring Exp $");	48	RCSID("$Id: entropy.c,v 1.46 2003/08/25 01:16:21 mouring Exp $");
49		49
50	#ifndef OPENSSL_PRNG_ONLY	50	#if !defined(OPENSSL_PRNG_ONLY) \|\| !defined(STATIC_RAND_HELPER)
51	#define RANDOM_SEED_SIZE 48
52	static uid_t original_uid, original_euid;	51	static uid_t original_uid, original_euid;
53	#endif	52	#endif
54		53
Lines 56-66 Link Here
56	seed_rng(void)	55	seed_rng(void)
57	{	56	{
58	#ifndef OPENSSL_PRNG_ONLY	57	#ifndef OPENSSL_PRNG_ONLY
		58	unsigned char buf[RANDOM_SEED_SIZE];
		59
		60	#ifndef STATIC_RAND_HELPER
59	int devnull;	61	int devnull;
60	int p[2];	62	int p[2];
61	pid_t pid;	63	pid_t pid;
62	int ret;	64	int ret;
63	unsigned char buf[RANDOM_SEED_SIZE];
64	mysig_t old_sigchld;	65	mysig_t old_sigchld;
65		66
66	if (RAND_status() == 1) {	67	if (RAND_status() == 1) {
Lines 124-133 Link Here
124	fatal("ssh-rand-helper terminated abnormally");	125	fatal("ssh-rand-helper terminated abnormally");
125	if (WEXITSTATUS(ret) != 0)	126	if (WEXITSTATUS(ret) != 0)
126	fatal("ssh-rand-helper exit with exit status %d", ret);	127	fatal("ssh-rand-helper exit with exit status %d", ret);
127		128	#else
		129	rand_helper(buf, sizeof(buf));
		130	#endif
128	RAND_add(buf, sizeof(buf), sizeof(buf));	131	RAND_add(buf, sizeof(buf), sizeof(buf));
129	memset(buf, '\0', sizeof(buf));	132	memset(buf, '\0', sizeof(buf));
130
131	#endif /* OPENSSL_PRNG_ONLY */	133	#endif /* OPENSSL_PRNG_ONLY */
132	if (RAND_status() != 1)	134	if (RAND_status() != 1)
133	fatal("PRNG is not seeded");	135	fatal("PRNG is not seeded");