etc/rc.d/random

   1 #!/bin/sh
   2 #
   3 # $FreeBSD: src/etc/rc.d/random,v 1.3 2003/04/18 17:55:05 mtm Exp $
   4 # $DragonFly: src/etc/rc.d/random,v 1.4 2006/07/10 22:19:14 dillon Exp $
   5 #
   6
   7 # PROVIDE: random
   8 # REQUIRE: diskless mountcritlocal initrandom
   9 # BEFORE: netif
  10 # KEYWORD: shutdown
  11
  12 . /etc/rc.subr
  13
  14 name="random"
  15 start_cmd="random_start"
  16 stop_cmd="random_stop"
  17
  18 feed_dev_random()
  19 {
  20         if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then
  21                 sysctl kern.seedenable=1 >/dev/null
  22                 # Feed using a small block size so that a pool-based CSPRNG
  23                 # is more likely to distribute the entropy over several
  24                 # pools
  25                 cat "${1}" | dd of=/dev/random bs=512 2>/dev/null
  26                 sysctl kern.seedenable=0 >/dev/null
  27         fi
  28 }
  29
  30 random_start()
  31 {
  32         # Reseed /dev/random with previously stored entropy.
  33         case ${entropy_dir} in
  34         [Nn][Oo] | '')
  35                 ;;
  36         *)
  37                 entropy_dir=${entropy_dir:-/var/db/entropy}
  38                 if [ -d "${entropy_dir}" ]; then
  39                         if [ -w /dev/random ]; then
  40                                 for seedfile in ${entropy_dir}/*; do
  41                                         feed_dev_random "${seedfile}"
  42                                 done
  43                         fi
  44                 fi
  45                 ;;
  46         esac
  47
  48         case ${entropy_file} in
  49         [Nn][Oo] | '')
  50                 ;;
  51         *)
  52                 if [ -w /dev/random ]; then
  53                         feed_dev_random "${entropy_file}"
  54                 fi
  55                 ;;
  56         esac
  57 }
  58
  59 random_stop()
  60 {
  61         # Write some entropy so when the machine reboots /dev/random
  62         # can be reseeded
  63         #
  64         case ${entropy_file} in
  65         [Nn][Oo] | '')
  66                 ;;
  67         *)
  68                 echo -n 'Writing entropy file:'
  69                 rm -f ${entropy_file}
  70                 oumask=`umask`
  71                 umask 077
  72                 if touch ${entropy_file}; then
  73                         entropy_file_confirmed="${entropy_file}"
  74                 fi
  75                 case ${entropy_file_confirmed} in
  76                 '')
  77                         err 1 '${entropy_file}:' \
  78                             ' entropy file write failed.'
  79                         ;;
  80                 *)
  81                         dd if=/dev/random of=${entropy_file_confirmed} \
  82                            bs=${entropy_save_sz} count=1 2> /dev/null
  83                         echo '.'
  84                         ;;
  85                 esac
  86                 umask ${oumask}
  87                 ;;
  88         esac
  89 }
  90
  91 load_rc_config $name
  92 run_rc_command "$1"