etc/rc.d/random

   1 #!/bin/sh
   2 #
   3 # $FreeBSD: src/etc/rc.d/random,v 1.3 2003/04/18 17:55:05 mtm Exp $
   4 #
   5
   6 # PROVIDE: random
   7 # REQUIRE: diskless mountcritlocal initrandom
   8 # BEFORE: netif
   9 # KEYWORD: shutdown
  10
  11 . /etc/rc.subr
  12
  13 name="random"
  14 start_cmd="random_start"
  15 stop_cmd="random_stop"
  16
  17 feed_dev_random()
  18 {
  19         if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then
  20                 ${SYSCTL_W} kern.seedenable=1 >/dev/null
  21                 # Feed using a small block size so that a pool-based CSPRNG
  22                 # is more likely to distribute the entropy over several
  23                 # pools
  24                 cat "${1}" | dd of=/dev/random bs=512 2>/dev/null
  25                 ${SYSCTL_W} kern.seedenable=0 >/dev/null
  26         fi
  27 }
  28
  29 random_start()
  30 {
  31         # Reseed /dev/random with previously stored entropy.
  32         case ${entropy_dir} in
  33         [Nn][Oo] | '')
  34                 ;;
  35         *)
  36                 entropy_dir=${entropy_dir:-/var/db/entropy}
  37                 if [ -d "${entropy_dir}" ]; then
  38                         if [ -w /dev/random ]; then
  39                                 for seedfile in ${entropy_dir}/*; do
  40                                         feed_dev_random "${seedfile}"
  41                                 done
  42                         fi
  43                 fi
  44                 ;;
  45         esac
  46
  47         case ${entropy_file} in
  48         [Nn][Oo] | '')
  49                 ;;
  50         *)
  51                 if [ -w /dev/random ]; then
  52                         feed_dev_random "${entropy_file}"
  53                 fi
  54                 ;;
  55         esac
  56 }
  57
  58 random_stop()
  59 {
  60         # Write some entropy so when the machine reboots /dev/random
  61         # can be reseeded
  62         #
  63         case ${entropy_file} in
  64         [Nn][Oo] | '')
  65                 ;;
  66         *)
  67                 echo -n 'Writing entropy file:'
  68                 rm -f ${entropy_file}
  69                 oumask=`umask`
  70                 umask 077
  71                 if touch ${entropy_file}; then
  72                         entropy_file_confirmed="${entropy_file}"
  73                 fi
  74                 case ${entropy_file_confirmed} in
  75                 '')
  76                         err 1 '${entropy_file}:' \
  77                             ' entropy file write failed.'
  78                         ;;
  79                 *)
  80                         dd if=/dev/random of=${entropy_file_confirmed} \
  81                            bs=${entropy_save_sz} count=1 2> /dev/null
  82                         echo '.'
  83                         ;;
  84                 esac
  85                 umask ${oumask}
  86                 ;;
  87         esac
  88 }
  89
  90 load_rc_config $name
  91 run_rc_command "$1"