diff options
| -rw-r--r-- | common/eurephiadb_session_common.c | 27 | ||||
| -rw-r--r-- | common/eurephiadb_session_common.h | 5 | ||||
| -rw-r--r-- | common/randstr.c | 51 | ||||
| -rw-r--r-- | common/randstr.h | 26 | ||||
| -rw-r--r-- | eurephiadm/CMakeLists.txt | 1 | ||||
| -rw-r--r-- | eurephiadm/client_session.c | 3 | ||||
| -rw-r--r-- | plugin/CMakeLists.txt | 1 | ||||
| -rw-r--r-- | plugin/eurephia.c | 3 | ||||
| -rw-r--r-- | plugin/eurephiadb_session.c | 5 |
9 files changed, 88 insertions, 34 deletions
diff --git a/common/eurephiadb_session_common.c b/common/eurephiadb_session_common.c index 9e51702..76cd1c0 100644 --- a/common/eurephiadb_session_common.c +++ b/common/eurephiadb_session_common.c @@ -1,6 +1,6 @@ /* eurephiadb_session_common.c -- Common function for handling sessions * - * GPLv2 - Copyright (C) 2008 David Sommerseth <dazo@users.sourceforge.net> + * GPLv2 - Copyright (C) 2008, 2009 David Sommerseth <dazo@users.sourceforge.net> * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -22,7 +22,6 @@ #include <stdlib.h> #include <string.h> #include <unistd.h> -#include <openssl/rand.h> #include <eurephia_nullsafe.h> #include <eurephia_context.h> @@ -95,30 +94,6 @@ int eDBset_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, const char } -// Generate some random data and return a string. -static int rand_init = 0; -int eDBsessionGetRandString(eurephiaCTX *ctx, char *rndstr, int len) { - int attempts = 0; - do { - if( !rand_init ) { - if( !RAND_load_file("/dev/urandom", 64) ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not load random data from /dev/urandom"); - return 0; - } - rand_init = 1; - } - - if( RAND_pseudo_bytes((unsigned char *) rndstr, len) ) { - return 1; - } - sleep(1); - rand_init = 0; - } while( attempts++ < 11 ); - eurephia_log(ctx, LOG_FATAL, 0, "RAND_pseudo_bytes() could not generate enough random data"); - return 0; -} - - // Free up the memory used by a session structure void eDBfree_session_func(eurephiaCTX *ctx, eurephiaSESSION *session) { if( session == NULL ) { diff --git a/common/eurephiadb_session_common.h b/common/eurephiadb_session_common.h index 34b8a9b..53f7c26 100644 --- a/common/eurephiadb_session_common.h +++ b/common/eurephiadb_session_common.h @@ -1,6 +1,6 @@ /* eurephiadb_session_common.h -- Common function for handling sessions * - * GPLv2 - Copyright (C) 2008 David Sommerseth <dazo@users.sourceforge.net> + * GPLv2 - Copyright (C) 2008, 2009 David Sommerseth <dazo@users.sourceforge.net> * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -26,10 +26,7 @@ int eDBset_session_value(eurephiaCTX *ctx, eurephiaSESSION *session, const char *key, const char *val); #define eDBget_session_value(s, k) eGet_value(s->sessvals, k); -int eDBsessionGetRandString(eurephiaCTX *ctx, char *rndstr, int len); - #define eDBfree_session(c, s) { eDBfree_session_func(c, s); s = NULL; } void eDBfree_session_func(eurephiaCTX *ctx, eurephiaSESSION *sk); - #endif /* !EUREPHIADB_SESSION_COMMON_H_ */ diff --git a/common/randstr.c b/common/randstr.c new file mode 100644 index 0000000..d27ec9f --- /dev/null +++ b/common/randstr.c @@ -0,0 +1,51 @@ +/* randstr.c -- Functions for getting random data + * + * GPLv2 - Copyright (C) 2009 David Sommerseth <dazo@users.sourceforge.net> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; version 2 + * of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * + */ + +#include <stdio.h> +#include <unistd.h> +#include <openssl/rand.h> + +#include <eurephia_nullsafe.h> +#include <eurephia_context.h> +#include <eurephia_log.h> + +static int rand_init = 0; + +// Generate some random data and return a string. +int eurephia_randstring(eurephiaCTX *ctx, char *rndstr, size_t len) { + int attempts = 0; + do { + if( !rand_init ) { + if( !RAND_load_file("/dev/urandom", 64) ) { + eurephia_log(ctx, LOG_FATAL, 0, "Could not load random data from /dev/urandom"); + return 0; + } + rand_init = 1; + } + + if( RAND_pseudo_bytes((unsigned char *) rndstr, len) ) { + return 1; + } + sleep(1); + rand_init = 0; + } while( attempts++ < 11 ); + eurephia_log(ctx, LOG_FATAL, 0, "RAND_pseudo_bytes() could not generate enough random data"); + return 0; +} diff --git a/common/randstr.h b/common/randstr.h new file mode 100644 index 0000000..c4739a6 --- /dev/null +++ b/common/randstr.h @@ -0,0 +1,26 @@ +/* randstr.h -- Functions for getting random data + * + * GPLv2 - Copyright (C) 2009 David Sommerseth <dazo@users.sourceforge.net> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; version 2 + * of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * + */ + +#ifndef RANDSTR_H_ +#define RANDSTR_H_ + +int eurephia_randstring(eurephiaCTX *ctx, char *rndstr, size_t len); + +#endif /* !RANDSTR_H_ */ diff --git a/eurephiadm/CMakeLists.txt b/eurephiadm/CMakeLists.txt index 6e23585..1fa32a8 100644 --- a/eurephiadm/CMakeLists.txt +++ b/eurephiadm/CMakeLists.txt @@ -21,6 +21,7 @@ SET(efw_ipt_SRC ../common/eurephia_xml.c ../common/passwd.c ../common/sha512.c + ../common/randstr.c ../common/certinfo.c ../database/eurephiadb.c ) diff --git a/eurephiadm/client_session.c b/eurephiadm/client_session.c index fa3689d..e4d7dd3 100644 --- a/eurephiadm/client_session.c +++ b/eurephiadm/client_session.c @@ -31,6 +31,7 @@ #include <eurephiadb_session_common.h> #include <eurephiadb_driver.h> #include <eurephia_log.h> +#include <randstr.h> #include <sha512.h> #include "client_config.h" @@ -130,7 +131,7 @@ eurephiaSESSION *create_session(eurephiaCTX *ctx, const char *sesskey) { int i = 0; memset(randdata, 0, 514); - if( !eDBsessionGetRandString(ctx, randdata, 512) ) { + if( !eurephia_randstring(ctx, randdata, 512) ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not generate enough random data for session"); free_nullsafe(randdata); diff --git a/plugin/CMakeLists.txt b/plugin/CMakeLists.txt index bf0202d..82fbb6e 100644 --- a/plugin/CMakeLists.txt +++ b/plugin/CMakeLists.txt @@ -14,6 +14,7 @@ SET(eurephia_auth_SRC ../common/eurephiadb_session_common.c ../common/passwd.c ../common/sha512.c + ../common/randstr.c ) SET(subdirs "") IF(FW_IPTABLES) diff --git a/plugin/eurephia.c b/plugin/eurephia.c index b04af5e..cf0fce9 100644 --- a/plugin/eurephia.c +++ b/plugin/eurephia.c @@ -34,6 +34,7 @@ #include <eurephiadb_session_common.h> #include <eurephiadb_session.h> #include <certinfo.h> +#include <randstr.h> #include <passwd.h> #define MAX_ARGUMENTS 64 @@ -197,7 +198,7 @@ eurephiaCTX *eurephiaInit(const char **argv) // Get data for server_salt - which will be used for the password cache ctx->server_salt = (char *) malloc(SIZE_PWDCACHE_SALT+2); memset(ctx->server_salt, 0, SIZE_PWDCACHE_SALT+2); - if( !eDBsessionGetRandString(ctx, ctx->server_salt, SIZE_PWDCACHE_SALT) ) { + if( !eurephia_randstring(ctx, ctx->server_salt, SIZE_PWDCACHE_SALT) ) { eurephia_log(ctx, LOG_PANIC, 0 , "Could not get enough random data for password cache."); free_nullsafe(ctx->server_salt); diff --git a/plugin/eurephiadb_session.c b/plugin/eurephiadb_session.c index 58e93db..3b59f77 100644 --- a/plugin/eurephiadb_session.c +++ b/plugin/eurephiadb_session.c @@ -1,6 +1,6 @@ /* eurephiadb_session.c -- Functions for handling sessions from eurephia-auth * - * GPLv2 - Copyright (C) 2008 David Sommerseth <dazo@users.sourceforge.net> + * GPLv2 - Copyright (C) 2008, 2009 David Sommerseth <dazo@users.sourceforge.net> * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -30,6 +30,7 @@ #include "eurephia_log.h" #include "eurephiadb_session.h" #include <eurephiadb_session_common.h> +#include <randstr.h> #include "sha512.h" @@ -150,7 +151,7 @@ eurephiaSESSION *eDBopen_session_seed(eurephiaCTX *ctx, const char *digest, memset(rndstr, 0, (totlen * 2)); rndlen = ((totlen * 2) - strlen_nullsafe(seed) - 2); - if( !eDBsessionGetRandString(ctx, rndstr, rndlen) ) { + if( !eurephia_randstring(ctx, rndstr, rndlen) ) { eurephia_log(ctx, LOG_PANIC, 0, "Could not generate enough random data for session key"); free_nullsafe(new_session->sessionkey); |