3 * $Id: noise.c,v 1.6 1998/06/18 15:08:14 mdw Exp $
5 * Collection of environmental noise
10 /*----- Licensing notice --------------------------------------------------*
12 * This file is part of `become'
14 * `Become' is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
19 * `Become' is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with `become'; if not, write to the Free Software Foundation,
26 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
29 /*----- Revision history --------------------------------------------------*
32 * Revision 1.6 1998/06/18 15:08:14 mdw
33 * Improve signal handling when accumulating noise from child processes.
35 * Revision 1.5 1998/04/23 13:25:23 mdw
36 * Try to reduce the amount of `ps'ing done under OSF/1, because /dev/kmem
39 * Revision 1.4 1998/02/20 17:52:32 mdw
40 * Don't use `df' for noise gathering, because it gets upset when NFS
41 * servers aren't responding.
43 * Revision 1.3 1998/01/12 16:46:19 mdw
46 * Revision 1.2 1997/08/20 16:19:57 mdw
47 * Fix test for `/dev/random' so that it doesn't close `stdin' if it fails!
49 * Revision 1.1 1997/08/07 09:45:26 mdw
50 * New source file added to acquire environmental noise and add it to the
51 * randomness pool (see `rand.c').
55 /*----- Header files ------------------------------------------------------*/
57 /* --- ANSI headers --- */
67 /* --- Unix headers --- */
69 #include <sys/types.h>
73 #if defined(HAVE_GETRUSAGE)
74 # include <sys/resource.h>
75 #elif defined(HAVE_VTIMES)
76 # include <sys/vtimes.h>
84 /* --- Local headers --- */
90 /*----- Main code ---------------------------------------------------------*/
92 /* --- @noise__shell@ --- *
94 * Arguments: @const char *cmd@ = pointer to a shell command
98 * Use: Adds the output of the shell command to the randomness pool.
99 * Some care is taken to do the Right Thing when running setuid.
102 static void noise__shell(const char *cmd
)
107 #ifdef HAVE_SIGPROCMASK
111 /* --- Create a pipe for talking to the child --- */
116 /* --- Sort out the signal handling for the parent --- *
118 * Block @SIGCHLD@ while this is going on. Unlike the standard @system@
119 * function, I won't disable @SIGINT@ and @SIGQUIT@. Then, if the user
120 * stops the child with a terminal signal, the parent (i.e., me) gets
121 * killed too, and I don't end up with a tiny dribble of entropy when I'm
122 * expecting quite a lot.
125 #ifdef HAVE_SIGPROCMASK
127 sigaddset(&nb
, SIGCHLD
);
128 if (sigprocmask(SIG_BLOCK
, &nb
, &ob
))
132 /* --- Create the child process --- */
140 char *argv
[] = { "/bin/sh", "-c", 0, 0 };
142 "PATH=/bin:/usr/bin:/usr/ucb:/usr/etc:/sbin:/usr/sbin",
146 /* --- Restore signal handling things --- */
148 #ifdef HAVE_SIGPROCMASK
149 sigprocmask(SIG_SETMASK
, &nb
, 0);
152 /* --- Become nobody --- *
154 * This assumes that @-2@ is a safe user to be. It shouldn't be root,
155 * because it doesn't need to be, and nothing should be done as root
156 * which could be done as someone else. It shouldn't be the user who
157 * invoked me, because that would enable her to kill the children before
158 * I've read enough entropy from them, and that wouldn't be good.
163 /* --- Close the old standard streams --- */
169 /* --- Set up stdin and stderr to be empty, and stdout as our pipe --- */
171 if (((fd
= open("/dev/null", O_RDONLY
)) != 0 &&
172 (fd
= dup2(fd
, 0)) != 0) ||
173 ((fd
= dup2(pfd
[1], 1)) != 1) ||
174 ((fd
= open("/dev/null", O_WRONLY
)) != 2 &&
175 (fd
= dup2(fd
, 2)) != 2))
178 /* --- Close the original pipe file descriptors --- */
184 /* --- Now run the child process --- */
186 argv
[2] = (char *)cmd
; /* POSIX screwed up the prototype */
187 execve("/bin/sh", argv
, env
);
189 /* --- Something went horribly wrong --- */
195 /* --- Now read from the child until it's all done --- */
203 sz
= read(pfd
[0], buf
, sizeof(buf
));
204 if (sz
== 0 || (sz
< 0 && sz
!= EINTR
))
209 rand_add(pfd
, sizeof(pfd
));
210 burn(buf
); burn(pfd
);
213 /* --- The child should be dead now, so wait for it --- */
218 rand_add(&st
, sizeof(st
));
219 rand_add(&pid
, sizeof(pid
));
222 /* --- Restore signals --- */
225 #ifdef HAVE_SIGPROCMASK
226 sigprocmask(SIG_SETMASK
, &ob
, 0);
231 /* --- @noise_acquire@ --- *
237 * Use: Attempts to acquire an amount of random noise from the
238 * environment. A lot of it's not actually much good, but
239 * it's better than nothing. There's probably a bit or two's
240 * worth in each item which gets added.
243 void noise_acquire(void)
245 /* --- Try a real random number source --- *
247 * Some operating systems (notably Linux) provide a `/dev/random' which
248 * contains distilled random numbers from the outside world.
254 unsigned char buff
[64];
257 if ((fd
= open("/dev/random", O_RDONLY
)) >= 0 &&
258 (f
= fcntl(fd
, F_GETFL
, 0)) >= 0 &&
259 fcntl(fd
, F_SETFL
, f
| O_NONBLOCK
) >= 0 &&
260 (sz
= read(fd
, buff
, sizeof(buff
))) > 0) {
268 /* --- Squeeze some entropy from the current time --- */
274 gettimeofday(&tv
, 0);
276 rand_add(&tv
, sizeof(tv
));
277 rand_add(&c
, sizeof(c
));
281 /* --- Try some commands which ask the outside world some questions --- */
283 noise__shell("ps auxww || ps -ef; netstat -an");
285 /* --- Get our resource usage to see if that's at all interesting --- */
287 #if defined(HAVE_GETRUSAGE)
290 getrusage(RUSAGE_SELF
, &ru
);
291 rand_add(&ru
, sizeof(ru
));
292 getrusage(RUSAGE_CHILDREN
, &ru
);
293 rand_add(&ru
, sizeof(ru
));
296 #elif defined(HAVE_VTIMES)
298 struct vtimes vt
, vtc
;
300 rand_add(&vt
, sizeof(vt
));
301 rand_add(&vtc
, sizeof(vtc
));
306 /* --- Squeeze some more entropy from the current time --- */
312 gettimeofday(&tv
, 0);
314 rand_add(&tv
, sizeof(tv
));
315 rand_add(&c
, sizeof(c
));
319 /* --- Done -- churn the random pool --- */
324 /*----- That's all, folks -------------------------------------------------*/