diff options
author | Toni Uhlig <matzeton@googlemail.com> | 2019-03-29 01:09:16 +0100 |
---|---|---|
committer | Toni Uhlig <matzeton@googlemail.com> | 2019-03-29 01:13:23 +0100 |
commit | ad688f7b47afbed5c6e4a9f708c93e1c0d7f8b78 (patch) | |
tree | 6c15b67b2c51c559178cb8696e8402ff4621261d | |
parent | da8d892491d18be9980970596f55ba369340a333 (diff) |
change the path to the random number generator during build time (see PR #11)
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
-rw-r--r-- | configure.ac | 26 | ||||
-rw-r--r-- | src/Makefile.am | 6 | ||||
-rw-r--r-- | src/ptunnel.c | 3 | ||||
-rw-r--r-- | src/utils.c | 29 |
4 files changed, 48 insertions, 16 deletions
diff --git a/configure.ac b/configure.ac index 6cecd6f..6625560 100644 --- a/configure.ac +++ b/configure.ac @@ -134,6 +134,21 @@ case ${selinux_enabled} in *) AC_MSG_ERROR([Unknown option \`${selinux_enabled}\` for --disable-selinux]) ;; esac +dnl `--with-randomdev`: Default value /dev/random +use_customrng=no +AC_MSG_CHECKING([for random device]) +AC_ARG_WITH([rngdev], + [AS_HELP_STRING([--with-rngdev], [Set an alternative random device. (default: /dev/random)])], + [use_customrng=yes], [with_rngdev="/dev/random"]) +case ${with_rngdev} in + /dev/random) ;; + /dev/urandom) ;; + *) AC_MSG_ERROR([Unknown random device \`${with_rngdev}\` for --with-rngdev: Only \`/dev/random\` xor \`/dev/urandom\` allowed. This option is unused on Windows targets.]) ;; +esac +AC_MSG_RESULT([${with_rngdev}]) +AC_DEFINE_UNQUOTED([RNGDEV], ["${with_rngdev}"], + [set the path to the random device you want to use for pt_random]) + dnl Check libcap headers/functions. if test x"${pcap_enabled}" != x -a \ x"${use_msw}" != xyes; then @@ -146,11 +161,10 @@ if test x"${pcap_enabled}" != x -a \ fi dnl Check for more secure randomization functions -AC_CHECK_HEADERS([bsd/stdlib.h],, [random_enabled=yes]) -AC_SEARCH_LIBS([arc4random], [bsd],,,) -AC_CHECK_FUNCS([arc4random], [random_enabled=],) -if test x"${random_enabled}" = x; then - arc4random_enabled=yes +if test x"${use_customrng}" != xyes; then + AC_CHECK_HEADERS([bsd/stdlib.h],,) + AC_SEARCH_LIBS([arc4random], [bsd],,,) + AC_CHECK_FUNCS([arc4random], [arc4random_enabled=yes],) fi dnl Check for SELINUX @@ -187,8 +201,8 @@ AM_CONDITIONAL([HAVE_PCAP], [test x"${pcap_enabled}" = xyes]) AM_CONDITIONAL([HAVE_SELINUX], [test x"${selinux_enabled}" = xyes]) AM_CONDITIONAL([IS_WINDOWS], [test x"${use_msw}" = xyes]) AM_CONDITIONAL([HAVE_ICMPFILTER], [test x"${with_icmp_filter}" = xyes]) -AM_CONDITIONAL([HAVE_RANDOM], [test x"${random_enabled}" = xyes]) AM_CONDITIONAL([HAVE_ARC4RANDOM], [test x"${arc4random_enabled}" = xyes]) +AM_CONDITIONAL([USE_CUSTOMRNG], [test x"${use_customrng}" = xyes]) dnl output config headers AC_CONFIG_HEADERS([src/config.h:src/config.h.in]) diff --git a/src/Makefile.am b/src/Makefile.am index 1d161a2..8d4787a 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -20,10 +20,10 @@ endif if HAVE_ARC4RANDOM ptunnel_ng_CFLAGS += -DHAVE_ARC4RANDOM=1 -else -if HAVE_RANDOM -ptunnel_ng_CFLAGS += -DHAVE_RANDOM=1 endif + +if USE_CUSTOMRNG +ptunnel_ng_CFLAGS += -DUSE_CUSTOMRNG=1 endif ptunnel_ng_SOURCES = \ diff --git a/src/ptunnel.c b/src/ptunnel.c index 4463077..01e0ef5 100644 --- a/src/ptunnel.c +++ b/src/ptunnel.c @@ -136,6 +136,9 @@ int main(int argc, char *argv[]) { if (parse_options(argc, argv)) return -1; + /* Init ptunnel RNG */ + pt_random(); + #ifdef HAVE_PCAP if (opts.pcap && opts.udp) { pt_log(kLog_error, "Packet capture is not supported (or needed) when using UDP for transport.\n"); diff --git a/src/utils.c b/src/utils.c index 6188543..a65f947 100644 --- a/src/utils.c +++ b/src/utils.c @@ -53,12 +53,12 @@ #include <stdarg.h> #include <string.h> #include <time.h> -#include <assert.h> #ifdef HAVE_BSD_STDLIB_H #include <bsd/stdlib.h> #endif #ifndef WIN32 +#include <errno.h> #include <syslog.h> #include <sys/types.h> #include <sys/stat.h> @@ -97,7 +97,7 @@ void pt_log(int level, const char *fmt, ...) { } else #endif /* !WIN32 */ - fprintf(opts.log_file, "%s", header[level]), vfprintf(opts.log_file, fmt, args); + fprintf(opts.log_file, "%s", header[level]), vfprintf(opts.log_file, fmt, args); va_end(args); #ifndef WIN32 if (opts.log_file != stdout && !opts.use_syslog) @@ -160,13 +160,28 @@ int pt_random(void) { #ifdef HAVE_ARC4RANDOM return arc4random(); #else -#if defined(HAVE_RANDOM) && !defined(_WIN32) +#if defined(USE_CUSTOMRNG) && !defined(_WIN32) static int rng_fd = -1; + ssize_t bytes_read; int rnd_val; - if (rng_fd < 0) - rng_fd = open("/dev/random", O_RDONLY); - assert(rng_fd >= 0); - assert( read(rng_fd, &rnd_val, sizeof rnd_val) == sizeof rnd_val ); + if (rng_fd < 0) { + rng_fd = open(RNGDEV, O_RDONLY); + if (rng_fd < 0) { + pt_log(kLog_error, "FATAL: Could not open random device '%s': %s\n", + RNGDEV, strerror(errno)); + exit(EXIT_FAILURE); + } + } + bytes_read = read(rng_fd, &rnd_val, sizeof rnd_val); + if (bytes_read != sizeof rnd_val) { + if (bytes_read < 0) + pt_log(kLog_error, "FATAL: Read from random device failed: %s\n", + strerror(errno)); + else + pt_log(kLog_error, "FATAL: Read only %zd bytes (wanted %zd bytes)\n", + bytes_read, sizeof rnd_val); + exit(EXIT_FAILURE); + } return rnd_val; #else srand(time(0)); |