lib/nettle/egd.c

   1 /* rndegd.c  -  interface to the EGD
   2  *      Copyright (C) 1999-2012 Free Software Foundation, Inc.
   3  *
   4  * This file is part of Libgcrypt.
   5  *
   6  * Libgcrypt is free software; you can redistribute it and/or modify
   7  * it under the terms of the GNU Lesser General Public License as
   8  * published by the Free Software Foundation; either version 3 of
   9  * the License, or (at your option) any later version.
  10  *
  11  * Libgcrypt is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  * GNU Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program.  If not, see <http://www.gnu.org/licenses/>
  18  *
  19  */
  20
  21 #include <config.h>
  22
  23 #ifndef _WIN32
  24
  25 #include <stdio.h>
  26 #include <stdlib.h>
  27 #include <errno.h>
  28 #include <sys/time.h>
  29 #include <sys/stat.h>
  30 #include <string.h>
  31 #include <unistd.h>
  32 #include <sys/types.h>
  33 #include <sys/socket.h>
  34 #include <sys/un.h>
  35 #include "egd.h"
  36 #include <gnutls_int.h>
  37 #include <gnutls_str.h>
  38 #include <gnutls_errors.h>
  39
  40 #ifdef AF_UNIX
  41 # define LOCAL_SOCKET_TYPE AF_UNIX
  42 #else
  43 # define LOCAL_SOCKET_TYPE AF_LOCAL
  44 #endif
  45
  46 #ifndef offsetof
  47 #define offsetof(type, member) ((size_t) &((type *)0)->member)
  48 #endif
  49
  50 static int egd_socket = -1;
  51
  52 static int
  53 do_write (int fd, void *buf, size_t nbytes)
  54 {
  55   size_t nleft = nbytes;
  56   int nwritten;
  57
  58   while (nleft > 0)
  59     {
  60       nwritten = write (fd, buf, nleft);
  61       if (nwritten < 0)
  62         {
  63           if (errno == EINTR)
  64             continue;
  65           return -1;
  66         }
  67       nleft -= nwritten;
  68       buf = (char *) buf + nwritten;
  69     }
  70   return 0;
  71 }
  72
  73 static int
  74 do_read (int fd, void *buf, size_t nbytes)
  75 {
  76   int n;
  77   size_t nread = 0;
  78
  79   do
  80     {
  81       do
  82         {
  83           n = read (fd, (char *) buf + nread, nbytes);
  84         }
  85       while (n == -1 && errno == EINTR);
  86       if (n == -1)
  87         {
  88           if (nread > 0)
  89             return nread;
  90           else return -1;
  91         }
  92       if (n == 0)
  93         return -1;
  94       nread += n;
  95       nbytes -= n;
  96     }
  97   while (nread < nbytes);
  98   return nread;
  99 }
 100
 101 static const char *egd_names[] = {
 102   "/var/run/egd-pool",
 103   "/dev/egd-pool",
 104   "/etc/egd-pool",
 105   "/etc/entropy",
 106   "/var/run/entropy",
 107   "/dev/entropy",
 108   NULL
 109 };
 110
 111 static const char *
 112 find_egd_name (void)
 113 {
 114   int i = 0;
 115   struct stat st;
 116
 117   do
 118     {
 119       if (stat (egd_names[i], &st) != 0)
 120         continue;
 121
 122       if (st.st_mode & S_IFSOCK)
 123         {                       /* found */
 124           return egd_names[i];
 125         }
 126
 127     }
 128   while (egd_names[++i] != NULL);
 129
 130   return NULL;
 131 }
 132
 133 /* Connect to the EGD and return the file descriptor.  Return -1 on
 134    error.  With NOFAIL set to true, silently fail and return the
 135    error, otherwise print an error message and die. */
 136 int
 137 _rndegd_connect_socket (void)
 138 {
 139   int fd;
 140   const char *name;
 141   struct sockaddr_un addr;
 142   int addr_len;
 143
 144   if (egd_socket != -1)
 145     {
 146       close (egd_socket);
 147       egd_socket = -1;
 148     }
 149
 150   name = find_egd_name ();
 151
 152   if (strlen (name) + 1 >= sizeof addr.sun_path)
 153     {
 154       _gnutls_debug_log ("EGD socketname is too long\n");
 155       return -1;
 156     }
 157
 158   memset (&addr, 0, sizeof addr);
 159   addr.sun_family = LOCAL_SOCKET_TYPE;
 160   _gnutls_str_cpy (addr.sun_path, sizeof(addr.sun_path), name);
 161   addr_len = (offsetof (struct sockaddr_un, sun_path)
 162               + strlen (addr.sun_path));
 163
 164   fd = socket (LOCAL_SOCKET_TYPE, SOCK_STREAM, 0);
 165   if (fd == -1)
 166     {
 167       _gnutls_debug_log ("can't create unix domain socket: %s\n",
 168                          strerror (errno));
 169       return -1;
 170     }
 171   else if (connect (fd, (struct sockaddr *) &addr, addr_len) == -1)
 172     {
 173       _gnutls_debug_log ("can't connect to EGD socket `%s': %s\n",
 174                          name, strerror (errno));
 175       close (fd);
 176       fd = -1;
 177     }
 178
 179   if (fd != -1)
 180     egd_socket = fd;
 181   return fd;
 182 }
 183
 184 /****************
 185  * Note: We always use the highest level.
 186  * To boost the performance we may want to add some
 187  * additional code for level 1
 188  *
 189  * Using a level of 0 should never block and better add nothing
 190  * to the pool.  So this is just a dummy for EGD.
 191  */
 192 int
 193 _rndegd_read (int *fd, void *_output, size_t _length)
 194 {
 195   ssize_t n;
 196   uint8_t buffer[256 + 2];
 197   int nbytes;
 198   int do_restart = 0;
 199   unsigned char *output = _output;
 200   ssize_t length = (ssize_t)_length;
 201
 202   if (!length)
 203     return 0;
 204
 205 restart:
 206   if (*fd == -1 || do_restart)
 207     *fd = _rndegd_connect_socket ();
 208
 209   do_restart = 0;
 210
 211   nbytes = length < 255 ? length : 255;
 212   /* First time we do it with a non blocking request */
 213   buffer[0] = 1;                /* non blocking */
 214   buffer[1] = nbytes;
 215
 216   if (do_write (*fd, buffer, 2) == -1)
 217     _gnutls_debug_log ("can't write to the EGD: %s\n", strerror (errno));
 218
 219   n = do_read (*fd, buffer, 1);
 220   if (n == -1)
 221     {
 222       _gnutls_debug_log ("read error on EGD: %s\n", strerror (errno));
 223       do_restart = 1;
 224       goto restart;
 225     }
 226
 227   n = buffer[0];
 228   if (n)
 229     {
 230       n = do_read (*fd, buffer, n);
 231       if (n == -1)
 232         {
 233           _gnutls_debug_log ("read error on EGD: %s\n", strerror (errno));
 234           do_restart = 1;
 235           goto restart;
 236         }
 237
 238       if (n > length)
 239         {
 240           _gnutls_debug_log ("read error on EGD: returned more bytes!\n");
 241           n = length;
 242         }
 243
 244       memcpy (output, buffer, n);
 245       output += n;
 246       length -= n;
 247     }
 248
 249   while (length)
 250     {
 251       nbytes = length < 255 ? length : 255;
 252
 253       buffer[0] = 2;            /* blocking */
 254       buffer[1] = nbytes;
 255       if (do_write (*fd, buffer, 2) == -1)
 256         _gnutls_debug_log ("can't write to the EGD: %s\n", strerror (errno));
 257       n = do_read (*fd, buffer, nbytes);
 258       if (n == -1)
 259         {
 260           _gnutls_debug_log ("read error on EGD: %s\n", strerror (errno));
 261           do_restart = 1;
 262           goto restart;
 263         }
 264
 265       if (n > length)
 266         {
 267           _gnutls_debug_log ("read error on EGD: returned more bytes!\n");
 268           n = length;
 269         }
 270
 271       memcpy (output, buffer, n);
 272       output += n;
 273       length -= n;
 274     }
 275
 276   return _length;               /* success */
 277 }
 278
 279 #endif