search for: egd_socket

...l lead to a "fatal()" abort of the sshd server process. Since a dying server process can not be accepted, I would recommend to not have sshd call it "fatal()" if EGD cannot be queried and there is already enough seed available. Something like: if (error_condition) { close(egd_socket); egd_socket = -1; /* Try to reopen next time */ if (RAND_status() == 0) fatal("Could not get entropy"); /* not enough seed -> fatal */ } Best regards, Lutz -- Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE BTU Cottbus http://ww...

...d) My environemnt: Solaris2.6 for Sparc gcc-2.95.2 perl.5.005_03 openssl-0.9.5a zlib-1.1.3 egd-0.7 socks5-v1.0r10 (`runsocks' is a tool in it.) --- entropy.c.ORIG Tue May 30 18:34:31 2000 +++ entropy.c Tue May 30 18:49:45 2000 @@ -82,8 +82,6 @@ c = atomicio(read, egd_socket, buf, len); if (c <= 0) fatal("Couldn't read from EGD socket \"%s\": %s", EGD_SOCKET, strerror(errno)); - - close(EGD_SOCKET); } #else /* !EGD_SOCKET */ #ifdef RANDOM_POOL (When close(EGD_SOCKET) -> close(egd_socket), ssh don't work.) -- IWAMURO, Motonor...

...t) # Insert other locations here - for egdsock in /var/run/egd-pool /etc/entropy /tmp/entropy ; do + for egdsock in /var/run/egd-pool /tmp/egd-pool /etc/entropy /tmp/entropy ; do if test -r $egdsock && $TEST_MINUS_S_SH -c "test -S $egdsock -o -p $egdsock" ; then EGD_SOCKET="$egdsock" AC_DEFINE_UNQUOTED(EGD_SOCKET, "$EGD_SOCKET") break; fi done - if test -x "$EGD_SOCKET" ; then + if test -n "$EGD_SOCKET" ; then AC_MSG_RESULT($EGD_SOCKET) else AC_MSG_RESULT(not found)

...gt;) # on a Compaq Alpha (Tru64 UNIX 4.0F and 5.1) at boot time. # # Author: Hans-Georg Pabst, CH-8702 Zollikon, Switzerland # <hans-georg.pabst at ch.adtranz.com> # PATH=/sbin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin export PATH EGD_DAEMON=/usr/local/sbin/egd.pl EGD_SOCKET=/tmp/entropy EGD_TITLE="Entropy Gathering Daemon (EGD 0.8)" EGD_LOG=/dev/null # # create $EGD_SOCKET writable to all # umask 000 Pid=`/sbin/init.d/bin/getpid $EGD_DAEMON -uroot` case "$1" in 'start') if [ -z "$Pid" ]; then if [ -x $EGD_DAEMON ];...

...((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:diqQ46")) != EOF) { switch (opt) { --- entropy.c.DIST Mon Oct 16 03:13:43 2000 +++ entropy.c Mon Feb 12 11:00:53 2001 @@ -69,6 +69,7 @@ char msg[2]; struct sockaddr_un addr; int addr_len; + int i, rval; /* Sanity checks */ if (sizeof(EGD_SOCKET) > sizeof(addr.sun_path)) @@ -81,13 +82,25 @@ strlcpy(addr.sun_path, EGD_SOCKET, sizeof(addr.sun_path)); addr_len = offsetof(struct sockaddr_un, sun_path) + sizeof(EGD_SOCKET); +reopen: fd = socket(AF_UNIX, SOCK_STREAM, 0); if (fd == -1) { error("Couldn't create AF_UNIX so...

entropy.c assumes RUSAGE_SELF and RUSAGE_CHILDREN *** entropy.c.orig Thu Jun 15 13:57:28 2000 --- entropy.c Thu Jun 15 13:58:25 2000 *************** *** 201,207 **** --- 201,209 ---- total_entropy_estimate += stir_gettimeofday(1.0); total_entropy_estimate += stir_clock(0.2); + #ifdef HAVE_GETRUSAGE total_entropy_estimate += stir_rusage(RUSAGE_SELF, 2.0); + #endif

Known issues: 1) Linux 'sleep 20' -- Unfixable before 2.5.0 (known work around) 2) HP/UX signal issue -- Patched and HP/UX 11 works in v2 3) SCO 2/ Native Compiler -- Unfixable before 2.5.0 (known work around) 4) NeXTStep -- Resynced, MAX_GROUPS vs NGROUPS unresolved (not major) 5) DG/UX regcomp/regexec -- Fixed. 6) Cray signal issues -- ??? 7) Solaris '$PATH' issue -- ??

...-20000823.orig/entropy.c openssh-SNAP-20000823.new/entropy.c --- openssh-SNAP-20000823.orig/entropy.c Sat Jul 15 06:59:15 2000 +++ openssh-SNAP-20000823.new/entropy.c Fri Aug 25 14:44:52 2000 @@ -67,6 +67,8 @@ # define RUSAGE_CHILDREN 0 #endif +char *ssh_prng_command_file = NULL; + #if defined(EGD_SOCKET) || defined(RANDOM_POOL) #ifdef EGD_SOCKET @@ -810,7 +812,7 @@ original_uid = getuid(); /* Read in collection commands */ - if (!prng_read_commands(SSH_PRNG_COMMAND_FILE)) + if (!prng_read_commands(ssh_prng_command_file)) fatal("PRNG initialisation failed -- exiting."); /*...