openssh unix dev - Aug 2000 - [patch] configurable ssh_prng_cmds

The following patch against openssh-SNAP-20000823 allows to override the
compile-time "ssh_prng_cmds" file at run time by adding new options to
the
server and client configurations. (We move binaries around a bit, and this was
the only absolute path that couldn't be fixed at run-time).

Regards
Jan


diff -ur openssh-SNAP-20000823.orig/entropy.c
openssh-SNAP-20000823.new/entropy.c
--- openssh-SNAP-20000823.orig/entropy.c	Sat Jul 15 06:59:15 2000
+++ openssh-SNAP-20000823.new/entropy.c	Fri Aug 25 14:44:52 2000
@@ -67,6 +67,8 @@
 # define RUSAGE_CHILDREN 0
 #endif
 
+char *ssh_prng_command_file = NULL;
+
 #if defined(EGD_SOCKET) || defined(RANDOM_POOL)
 
 #ifdef EGD_SOCKET
@@ -810,7 +812,7 @@
 	original_uid = getuid();
 
 	/* Read in collection commands */
-	if (!prng_read_commands(SSH_PRNG_COMMAND_FILE))
+	if (!prng_read_commands(ssh_prng_command_file))
 		fatal("PRNG initialisation failed -- exiting.");
 
 	/* Set ourselves up to save a seed upon exit */
diff -ur openssh-SNAP-20000823.orig/entropy.h
openssh-SNAP-20000823.new/entropy.h
--- openssh-SNAP-20000823.orig/entropy.h	Sun Jul  9 14:42:33 2000
+++ openssh-SNAP-20000823.new/entropy.h	Fri Aug 25 14:43:55 2000
@@ -33,4 +33,7 @@
 void seed_rng(void);
 void init_rng(void);
 
+/* SSH_PRNG_COMMAND_FILE from server/client options */
+extern char* ssh_prng_command_file;
+
 #endif /* _RANDOMS_H */
diff -ur openssh-SNAP-20000823.orig/readconf.c
openssh-SNAP-20000823.new/readconf.c
--- openssh-SNAP-20000823.orig/readconf.c	Fri Aug 18 05:59:06 2000
+++ openssh-SNAP-20000823.new/readconf.c	Fri Aug 25 14:43:55 2000
@@ -20,6 +20,7 @@
 #include "cipher.h"
 #include "readconf.h"
 #include "match.h"
+#include "entropy.h"
 #include "xmalloc.h"
 #include "compat.h"
 
@@ -105,7 +106,8 @@
 	oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
 	oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, oTISAuthentication,
 	oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oIdentityFile2,
-	oGlobalKnownHostsFile2, oUserKnownHostsFile2, oDSAAuthentication
+	oGlobalKnownHostsFile2, oUserKnownHostsFile2, oDSAAuthentication,
+        oPrngCommandFile
 } OpCodes;
 
 /* Textual representations of the tokens. */
@@ -161,6 +163,7 @@
 	{ "numberofpasswordprompts", oNumberOfPasswordPrompts },
 	{ "tisauthentication", oTISAuthentication },
 	{ "loglevel", oLogLevel },
+	{ "prngcommandfile", oPrngCommandFile },
 	{ NULL, 0 }
 };
 
@@ -583,6 +586,10 @@
 			*intptr = value;
 		break;
 
+	case oPrngCommandFile:
+		charptr = &ssh_prng_command_file;  /* globally def in ssh.h */
+		goto parse_string;
+
 	default:
 		fatal("process_config_line: Unimplemented opcode %d", opcode);
 	}
@@ -788,6 +795,8 @@
 		options->user_hostfile2 = SSH_USER_HOSTFILE2;
 	if (options->log_level == (LogLevel) - 1)
 		options->log_level = SYSLOG_LEVEL_INFO;
+	if (ssh_prng_command_file == NULL)
+                ssh_prng_command_file = xstrdup(SSH_PRNG_COMMAND_FILE);
 	/* options->proxy_command should not be set by default */
 	/* options->user will be set in the main program if appropriate */
 	/* options->hostname will be set in the main program if appropriate */
diff -ur openssh-SNAP-20000823.orig/servconf.c
openssh-SNAP-20000823.new/servconf.c
--- openssh-SNAP-20000823.orig/servconf.c	Fri Aug 18 05:59:06 2000
+++ openssh-SNAP-20000823.new/servconf.c	Fri Aug 25 14:46:12 2000
@@ -15,6 +15,7 @@
 RCSID("$OpenBSD: servconf.c,v 1.50 2000/07/22 09:14:36 markus Exp
$");
 
 #include "ssh.h"
+#include "entropy.h"
 #include "servconf.h"
 #include "xmalloc.h"
 #include "compat.h"
@@ -162,6 +163,8 @@
 		options->protocol = SSH_PROTO_1|SSH_PROTO_2;
 	if (options->gateway_ports == -1)
 		options->gateway_ports = 0;
+	if (ssh_prng_command_file == NULL)
+		ssh_prng_command_file = xstrdup(SSH_PRNG_COMMAND_FILE);
 	if (options->max_startups == -1)
 		options->max_startups = 10;
 	if (options->max_startups_rate == -1)
@@ -187,7 +190,7 @@
 #endif
 	sPasswordAuthentication, sListenAddress,
 	sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
-	sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
+	sStrictModes, sEmptyPasswd, sRandomSeedFile, sPrngCommandFile, sKeepAlives,
sCheckMail,
 	sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
 	sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile,
 	sGatewayPorts, sDSAAuthentication, sXAuthLocation, sSubsystem, sMaxStartups
@@ -237,6 +240,7 @@
 	{ "permitemptypasswords", sEmptyPasswd },
 	{ "uselogin", sUseLogin },
 	{ "randomseed", sRandomSeedFile },
+	{ "prngcommandfile", sPrngCommandFile },
 	{ "keepalive", sKeepAlives },
 	{ "allowusers", sAllowUsers },
 	{ "denyusers", sDenyUsers },
@@ -406,6 +410,10 @@
 			arg = strdelim(&cp);
 			break;
 
+		case sPrngCommandFile:
+			charptr = &ssh_prng_command_file;  /* globally def in ssh.h */
+			goto parse_filename;
+			
 		case sPermitRootLogin:
 			intptr = &options->permit_root_login;
 			arg = strdelim(&cp);
diff -ur openssh-SNAP-20000823.orig/ssh.1 openssh-SNAP-20000823.new/ssh.1
--- openssh-SNAP-20000823.orig/ssh.1	Fri Aug 18 05:59:06 2000
+++ openssh-SNAP-20000823.new/ssh.1	Fri Aug 25 14:43:55 2000
@@ -826,6 +826,12 @@
 .Cm CheckHostIP
 is not available for connects with a proxy command.
 .Pp
+.It Cm PrngCmdFile
+Specifies a file containing system commands and the estimated amount of
+entropy that can be gathered from their output. Only used when there is no
+other source of entropy available.
+The default is
+.Pa /etc/ssh_prng_cmds .
 .It Cm RemoteForward
 Specifies that a TCP/IP port on the remote machine be forwarded over
 the secure channel to given host:port from the local machine.
@@ -1013,6 +1019,9 @@
 Records host keys for all hosts the user has logged into (that are not
 in
 .Pa /etc/ssh_known_hosts ) .
+See
+.Xr sshd 8 .
+.Pa /etc/ssh_prng_cmds ) .
 See
 .Xr sshd 8 .
 .It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa
diff -ur openssh-SNAP-20000823.orig/sshd.8 openssh-SNAP-20000823.new/sshd.8
--- openssh-SNAP-20000823.orig/sshd.8	Fri Aug 18 05:59:06 2000
+++ openssh-SNAP-20000823.new/sshd.8	Fri Aug 25 14:43:55 2000
@@ -542,6 +542,12 @@
 Multiple versions must be comma-separated.
 The default is
 .Dq 1 .
+.It Cm PrngCmdFile
+Specifies a file containing system commands and the estimated amount of
+entropy that can be gathered from their output. Only used when there is no
+other source of entropy available.
+The default is
+.Pa /etc/ssh_prng_cmds .
 .It Cm RandomSeed
 Obsolete.
 Random number generation uses other techniques.
@@ -844,6 +850,18 @@
 the user so its contents can be copied to known hosts files.
 These two files are created using
 .Xr ssh-keygen 1 .
+.It Pa /etc/ssh_prng_cmds
+Contains a list of system commands and the conservatively estimated amount of
+usable entropy (bits per byte of output) that may be gathered from their
+hashed output. Each line contains 3 whitespace-separated and possibly quoted
+arguments, program-name+args, path and entropy. Non-existent or faulty
+commands will only be tried once. This file should be world-readable but
+writable only by root.
+.Ss Example
+ "ls -alni /var/log"                     /usr/bin/ls     0.02
+ "ls -alni /var/adm"                     /usr/bin/ls     0.02
+ "ps -efl"                               /usr/bin/ps     0.03
+
 .It Pa /var/run/sshd.pid
 Contains the process ID of the
 .Nm

In serverloop.c we have two wait() lines.

POSIX defines wait() was "pid_t wait(int *status)".  However older BSD
systems could have "int wait(union wait *statusp)" as it's
defines.

I'm interested to see how many platforms OpenSSH is ported requires the
latter define.

I know NeXT does.  

Part two of the survey have to be how would be the best way to
"detect"
the older BSD define and account for it (since I know I hate to be
throwing #ifdef all over the place)

Thanks.

Ben Lindstrom