From 83e87b76edf4c5c5819a0d08ba1ba0897bec10c7 Mon Sep 17 00:00:00 2001 From: Benny Prijono Date: Thu, 24 Jan 2008 15:27:30 +0000 Subject: More ticket #61: SRTP will try to use /dev/urandom as RNG if fcntl.h and unistd.h is present. If it fails, it will fallback to using rand() git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@1738 74dad513-b988-da41-8d7b-12977e46ad98 --- third_party/build/srtp/srtp_config.h | 11 +++++++++-- third_party/srtp/crypto/rng/rand_source.c | 26 ++++++++++++++++++++++---- 2 files changed, 31 insertions(+), 6 deletions(-) (limited to 'third_party') diff --git a/third_party/build/srtp/srtp_config.h b/third_party/build/srtp/srtp_config.h index 2442b072..6d1cfcfc 100644 --- a/third_party/build/srtp/srtp_config.h +++ b/third_party/build/srtp/srtp_config.h @@ -26,7 +26,7 @@ (defined(PJ_M_X86_64) && PJ_M_X86_64!=0) || \ (defined(PJ_M_IA64) && PJ_M_IA64!=0) # define CPU_CISC 1 -# define HAVE_X86 1 /* use X86 inlined assembly code */ +/* # define HAVE_X86 1 use X86 inlined assembly code */ #else # define CPU_RISC 1 #endif @@ -113,7 +113,7 @@ typedef pj_int64_t int64_t; #endif -#define SIZEOF_UNSIGNED_LONG (sizeof(unsigned long)) +#define SIZEOF_UNSIGNED_LONG 8 #define SIZEOF_UNSIGNED_LONG_LONG 8 @@ -155,6 +155,13 @@ /* Path to random device */ /* #define DEV_URANDOM "/dev/urandom" */ +/* Only with PJSIP: + * Try to open PJ_DEV_URANDOM if present + */ +#if defined(PJ_HAS_FCNTL_H) && defined(PJ_HAS_UNISTD_H) +# define PJ_DEV_URANDOM "/dev/urandom" +#endif + /* We have overridden libsrtp error mechanism, so these are not used. */ /* #undef ERR_REPORTING_FILE */ /* #undef ERR_REPORTING_STDOUT */ diff --git a/third_party/srtp/crypto/rng/rand_source.c b/third_party/srtp/crypto/rng/rand_source.c index 79ec398d..d00d9806 100644 --- a/third_party/srtp/crypto/rng/rand_source.c +++ b/third_party/srtp/crypto/rng/rand_source.c @@ -44,7 +44,7 @@ #include "srtp_config.h" -#ifdef DEV_URANDOM +#if defined(DEV_URANDOM) || defined(PJ_DEV_URANDOM) # include /* for open() */ # include /* for close() */ #elif (_MSC_VER >= 1400) @@ -87,6 +87,13 @@ rand_source_init(void) { dev_random_fdes = open(DEV_URANDOM, O_RDONLY); if (dev_random_fdes < 0) return err_status_init_fail; +#elif defined(PJ_DEV_URANDOM) + /* open random source for reading */ + dev_random_fdes = open(PJ_DEV_URANDOM, O_RDONLY); + if (dev_random_fdes < 0) { + err_report(3,"Ugh: /dev/urandom not present, using rand() instead"); + return err_status_ok; /* it's ok, it'll fallback to using rand() */ + } #elif (_MSC_VER >= 1400) dev_random_fdes = RAND_SOURCE_READY; #else @@ -123,9 +130,16 @@ rand_source_get_octet_string(void *dest, uint32_t len) { len--; } #else + uint8_t *dst = (uint8_t *)dest; + + /* First try with /dev/urandom, if it's opened */ + if (dev_random_fdes >= 0) { + if (read(dev_random_fdes, dest, len) == len) + return err_status_ok; /* success */ + } + /* Generic C-library (rand()) version */ /* This is a random source of last resort */ - uint8_t *dst = (uint8_t *)dest; while (len) { int val = rand(); @@ -141,13 +155,17 @@ rand_source_get_octet_string(void *dest, uint32_t len) { err_status_t rand_source_deinit(void) { +#ifndef PJ_DEV_URANDOM if (dev_random_fdes < 0) return err_status_dealloc_fail; /* well, we haven't really failed, * * but there is something wrong */ -#ifdef DEV_URANDOM - close(dev_random_fdes); #endif + + if (dev_random_fdes >= 0) + close(dev_random_fdes); + dev_random_fdes = RAND_SOURCE_NOT_READY; return err_status_ok; } + -- cgit v1.2.3