2 * Copyright (C) 2004-2007, 2009 Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 2000-2003 Internet Software Consortium.
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
18 /* $Id: entropy.c,v 1.80.128.2 2009/02/16 23:46:44 tbox Exp $ */
20 /* \file unix/entropy.c
22 * This is the system dependent part of the ISC entropy API.
27 #include <sys/param.h> /* Openserver 5.0.6A and FD_SETSIZE */
28 #include <sys/types.h>
31 #include <sys/socket.h>
39 #include <isc/platform.h>
40 #include <isc/strerror.h>
42 #ifdef ISC_PLATFORM_NEEDSYSSELECTH
43 #include <sys/select.h>
46 #include "errno2result.h"
49 * There is only one variable in the entropy data structures that is not
50 * system independent, but pulling the structure that uses it into this file
51 * ultimately means pulling several other independent structures here also to
52 * resolve their interdependencies. Thus only the problem variable's type
55 #define FILESOURCE_HANDLE_TYPE int
60 isc_usocketsource_disconnected,
61 isc_usocketsource_connecting,
62 isc_usocketsource_connected,
63 isc_usocketsource_ndesired,
64 isc_usocketsource_wrote,
65 isc_usocketsource_reading
68 } isc_entropyusocketsource_t;
70 #include "../entropy.c"
73 get_from_filesource(isc_entropysource_t *source, isc_uint32_t desired) {
74 isc_entropy_t *ent = source->ent;
75 unsigned char buf[128];
76 int fd = source->sources.file.handle;
83 desired = desired / 8 + (((desired & 0x07) > 0) ? 1 : 0);
87 ndesired = ISC_MIN(desired, sizeof(buf));
88 n = read(fd, buf, ndesired);
90 if (errno == EAGAIN || errno == EINTR)
97 entropypool_adddata(ent, buf, n, n * 8);
105 source->sources.file.handle = -1;
106 source->bad = ISC_TRUE;
113 get_from_usocketsource(isc_entropysource_t *source, isc_uint32_t desired) {
114 isc_entropy_t *ent = source->ent;
115 unsigned char buf[128];
116 int fd = source->sources.usocket.handle;
117 ssize_t n = 0, ndesired;
119 size_t sz_to_recv = source->sources.usocket.sz_to_recv;
124 desired = desired / 8 + (((desired & 0x07) > 0) ? 1 : 0);
127 while (desired > 0) {
128 ndesired = ISC_MIN(desired, sizeof(buf));
131 switch ( source->sources.usocket.status ) {
132 case isc_usocketsource_ndesired:
134 if ((n = sendto(fd, buf, 1, 0, NULL, 0)) < 0) {
135 if (errno == EWOULDBLOCK || errno == EINTR ||
141 source->sources.usocket.status =
142 isc_usocketsource_wrote;
145 case isc_usocketsource_connecting:
146 case isc_usocketsource_connected:
149 if ((n = sendto(fd, buf, 2, 0, NULL, 0)) < 0) {
150 if (errno == EWOULDBLOCK || errno == EINTR ||
156 source->sources.usocket.status =
157 isc_usocketsource_ndesired;
161 source->sources.usocket.status =
162 isc_usocketsource_wrote;
165 case isc_usocketsource_wrote:
166 if (recvfrom(fd, buf, 1, 0, NULL, NULL) != 1) {
167 if (errno == EAGAIN) {
169 * The problem of EAGAIN (try again
170 * later) is a major issue on HP-UX.
171 * Solaris actually tries the recvfrom
172 * call again, while HP-UX just dies.
173 * This code is an attempt to let the
174 * entropy pool fill back up (at least
175 * that's what I think the problem is.)
176 * We go to eagain_loop because if we
177 * just "break", then the "desired"
178 * amount gets borked.
180 #ifdef HAVE_NANOSLEEP
184 ts.tv_nsec = 1000000;
185 nanosleep(&ts, NULL);
191 if (errno == EWOULDBLOCK || errno == EINTR)
195 source->sources.usocket.status =
196 isc_usocketsource_reading;
198 source->sources.usocket.sz_to_recv = sz_to_recv;
199 if (sz_to_recv > sizeof(buf))
203 case isc_usocketsource_reading:
204 if (sz_to_recv != 0U) {
205 n = recv(fd, buf, sz_to_recv, 0);
207 if (errno == EWOULDBLOCK ||
220 if ((size_t)n != sz_to_recv)
221 source->sources.usocket.sz_to_recv -= n;
223 source->sources.usocket.status =
224 isc_usocketsource_connected;
229 entropypool_adddata(ent, buf, n, n * 8);
237 source->bad = ISC_TRUE;
238 source->sources.usocket.status = isc_usocketsource_disconnected;
239 source->sources.usocket.handle = -1;
246 * Poll each source, trying to get data from it to stuff into the entropy
250 fillpool(isc_entropy_t *ent, unsigned int desired, isc_boolean_t blocking) {
252 unsigned int remaining;
254 unsigned int nsource;
255 isc_entropysource_t *source;
257 REQUIRE(VALID_ENTROPY(ent));
262 * This logic is a little strange, so an explanation is in order.
264 * If needed is 0, it means we are being asked to "fill to whatever
265 * we think is best." This means that if we have at least a
266 * partially full pool (say, > 1/4th of the pool) we probably don't
267 * need to add anything.
269 * Also, we will check to see if the "pseudo" count is too high.
270 * If it is, try to mix in better data. Too high is currently
271 * defined as 1/4th of the pool.
273 * Next, if we are asked to add a specific bit of entropy, make
274 * certain that we will do so. Clamp how much we try to add to
275 * (DIGEST_SIZE * 8 < needed < POOLBITS - entropy).
277 * Note that if we are in a blocking mode, we will only try to
278 * get as much data as we need, not as much as we might want
284 if ((ent->pool.entropy >= RND_POOLBITS / 4)
285 && (ent->pool.pseudo <= RND_POOLBITS / 4))
288 needed = THRESHOLD_BITS * 4;
290 needed = ISC_MAX(needed, THRESHOLD_BITS);
291 needed = ISC_MIN(needed, RND_POOLBITS);
295 * In any case, clamp how much we need to how much we can add.
297 needed = ISC_MIN(needed, RND_POOLBITS - ent->pool.entropy);
300 * But wait! If we're not yet initialized, we need at least
304 if (ent->initialized < THRESHOLD_BITS)
305 needed = ISC_MAX(needed, THRESHOLD_BITS - ent->initialized);
308 * Poll each file source to see if we can read anything useful from
309 * it. XXXMLG When where are multiple sources, we should keep a
310 * record of which one we last used so we can start from it (or the
311 * next one) to avoid letting some sources build up entropy while
312 * others are always drained.
317 if (ent->nextsource == NULL) {
318 ent->nextsource = ISC_LIST_HEAD(ent->sources);
319 if (ent->nextsource == NULL)
322 source = ent->nextsource;
324 for (nsource = 0; nsource < ent->nsources; nsource++) {
332 switch ( source->type ) {
333 case ENTROPY_SOURCETYPE_FILE:
334 got = get_from_filesource(source, remaining);
337 case ENTROPY_SOURCETYPE_USOCKET:
338 got = get_from_usocketsource(source, remaining);
344 remaining -= ISC_MIN(remaining, got);
346 source = ISC_LIST_NEXT(source, link);
348 source = ISC_LIST_HEAD(ent->sources);
350 ent->nextsource = source;
352 if (blocking && remaining != 0) {
355 fds = wait_for_sources(ent);
361 * Here, if there are bits remaining to be had and we can block,
362 * check to see if we have a callback source. If so, call them.
364 source = ISC_LIST_HEAD(ent->sources);
365 while ((remaining != 0) && (source != NULL)) {
370 if (source->type == ENTROPY_SOURCETYPE_CALLBACK)
371 got = get_from_callback(source, remaining, blocking);
374 remaining -= ISC_MIN(remaining, got);
379 source = ISC_LIST_NEXT(source, link);
383 * Mark as initialized if we've added enough data.
385 if (ent->initialized < THRESHOLD_BITS)
386 ent->initialized += added;
390 wait_for_sources(isc_entropy_t *ent) {
391 isc_entropysource_t *source;
401 source = ISC_LIST_HEAD(ent->sources);
402 while (source != NULL) {
403 if (source->type == ENTROPY_SOURCETYPE_FILE) {
404 fd = source->sources.file.handle;
406 maxfd = ISC_MAX(maxfd, fd);
410 if (source->type == ENTROPY_SOURCETYPE_USOCKET) {
411 fd = source->sources.usocket.handle;
413 switch (source->sources.usocket.status) {
414 case isc_usocketsource_disconnected:
416 case isc_usocketsource_connecting:
417 case isc_usocketsource_connected:
418 case isc_usocketsource_ndesired:
419 maxfd = ISC_MAX(maxfd, fd);
422 case isc_usocketsource_wrote:
423 case isc_usocketsource_reading:
424 maxfd = ISC_MAX(maxfd, fd);
430 source = ISC_LIST_NEXT(source, link);
436 cc = select(maxfd + 1, &reads, &writes, NULL, NULL);
444 destroyfilesource(isc_entropyfilesource_t *source) {
445 (void)close(source->handle);
449 destroyusocketsource(isc_entropyusocketsource_t *source) {
450 close(source->handle);
454 * Make a fd non-blocking
457 make_nonblock(int fd) {
460 char strbuf[ISC_STRERRORSIZE];
461 #ifdef USE_FIONBIO_IOCTL
464 ret = ioctl(fd, FIONBIO, (char *)&on);
466 flags = fcntl(fd, F_GETFL, 0);
467 flags |= PORT_NONBLOCK;
468 ret = fcntl(fd, F_SETFL, flags);
472 isc__strerror(errno, strbuf, sizeof(strbuf));
473 UNEXPECTED_ERROR(__FILE__, __LINE__,
474 #ifdef USE_FIONBIO_IOCTL
475 "ioctl(%d, FIONBIO, &on): %s", fd,
477 "fcntl(%d, F_SETFL, %d): %s", fd, flags,
481 return (ISC_R_UNEXPECTED);
484 return (ISC_R_SUCCESS);
488 isc_entropy_createfilesource(isc_entropy_t *ent, const char *fname) {
491 isc_boolean_t is_usocket = ISC_FALSE;
492 isc_boolean_t is_connected = ISC_FALSE;
494 isc_entropysource_t *source;
496 REQUIRE(VALID_ENTROPY(ent));
497 REQUIRE(fname != NULL);
501 if (stat(fname, &_stat) < 0) {
502 ret = isc__errno2result(errno);
506 * Solaris 2.5.1 does not have support for sockets (S_IFSOCK),
507 * but it does return type S_IFIFO (the OS believes that
508 * the socket is a fifo). This may be an issue if we tell
509 * the program to look at an actual FIFO as its source of
512 #if defined(S_ISSOCK)
513 if (S_ISSOCK(_stat.st_mode))
514 is_usocket = ISC_TRUE;
516 #if defined(S_ISFIFO) && defined(sun)
517 if (S_ISFIFO(_stat.st_mode))
518 is_usocket = ISC_TRUE;
521 fd = socket(PF_UNIX, SOCK_STREAM, 0);
523 fd = open(fname, O_RDONLY | PORT_NONBLOCK, 0);
526 ret = isc__errno2result(errno);
530 ret = make_nonblock(fd);
531 if (ret != ISC_R_SUCCESS)
535 struct sockaddr_un sname;
537 memset(&sname, 0, sizeof(sname));
538 sname.sun_family = AF_UNIX;
539 strncpy(sname.sun_path, fname, sizeof(sname.sun_path));
540 sname.sun_path[sizeof(sname.sun_path)-1] = '0';
541 #ifdef ISC_PLATFORM_HAVESALEN
542 #if !defined(SUN_LEN)
543 #define SUN_LEN(su) \
544 (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))
546 sname.sun_len = SUN_LEN(&sname);
549 if (connect(fd, (struct sockaddr *) &sname,
550 sizeof(struct sockaddr_un)) < 0) {
551 if (errno != EINPROGRESS) {
552 ret = isc__errno2result(errno);
556 is_connected = ISC_TRUE;
559 source = isc_mem_get(ent->mctx, sizeof(isc_entropysource_t));
560 if (source == NULL) {
561 ret = ISC_R_NOMEMORY;
566 * From here down, no failures can occur.
568 source->magic = SOURCE_MAGIC;
571 source->bad = ISC_FALSE;
572 memset(source->name, 0, sizeof(source->name));
573 ISC_LINK_INIT(source, link);
575 source->sources.usocket.handle = fd;
577 source->sources.usocket.status =
578 isc_usocketsource_connected;
580 source->sources.usocket.status =
581 isc_usocketsource_connecting;
582 source->sources.usocket.sz_to_recv = 0;
583 source->type = ENTROPY_SOURCETYPE_USOCKET;
585 source->sources.file.handle = fd;
586 source->type = ENTROPY_SOURCETYPE_FILE;
590 * Hook it into the entropy system.
592 ISC_LIST_APPEND(ent->sources, source, link);
596 return (ISC_R_SUCCESS);
polachok's projects / dragonfly.git / blob