Merge remote branch 'origin/mdb.master' into OPENLDAP_REL_ENG_2_4

[openldap] / libraries / liblutil / entropy.c

diff --git a/libraries/liblutil/entropy.c b/libraries/liblutil/entropy.c
index 13e9d9dd25c64f0ab9f829fae3a5458c2d56be84..ef21cb6e3c197bad136eeba2d59b2f6de4b7e378 100644 (file)
--- a/libraries/liblutil/entropy.c
+++ b/libraries/liblutil/entropy.c
@@ -1,17 +1,30 @@
+/* entropy.c -- routines for providing pseudo-random data */
 /* $OpenLDAP$ */
-/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1999-2012 The OpenLDAP Foundation.
+ * Portions Copyright 1999-2003 Kurt D. Zeilenga.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* This work was initially developed by Kurt D. Zeilenga for
+ * inclusion in OpenLDAP Software based, in part, on publically
+ * available works (as noted below).
  */
 
 #include "portable.h"
 
 #include <ac/string.h>
 #include <ac/time.h>
+#include <ac/unistd.h>
 
-#ifdef HAVE_WINCRYPT_H
-#include <wincrypt.h>
-#endif
 #ifdef HAVE_PROCESS_H
 #include <process.h>
 #endif
@@ -33,28 +46,34 @@
  * This routinue should be extended to support additional sources
  * of entropy.
  */
-int lutil_entropy( char *buf, ber_len_t nbytes )
+int lutil_entropy( unsigned char *buf, ber_len_t nbytes )
 {
        if( nbytes == 0 ) return 0;
 
 #ifdef URANDOM_DEVICE
+#define URANDOM_NREADS 4
        /* Linux and *BSD offer a urandom device */
        {
-               int rc, fd;
+               int rc, fd, n=0;
 
                fd = open( URANDOM_DEVICE, O_RDONLY );
 
                if( fd < 0 ) return -1;
 
-               rc = read( fd, buf, nbytes );
-               close(fd);
+               do {
+                       rc = read( fd, buf, nbytes );
+                       if( rc <= 0 ) break;
 
-               /* should return nbytes */
-               if( rc < nbytes ) return -1;
+                       buf+=rc;
+                       nbytes-=rc;
 
-               return 0;
+                       if( ++n >= URANDOM_NREADS ) break;
+               } while( nbytes > 0 );
+
+               close(fd);
+               return nbytes > 0 ? -1 : 0;
        }
-#elif PROV_RSA_FULL
+#elif defined(PROV_RSA_FULL)
        {
                /* Not used since _WIN32_WINNT not set... */
                HCRYPTPROV hProv = 0;
@@ -95,7 +114,7 @@ int lutil_entropy( char *buf, ber_len_t nbytes )
                struct rdata_s {
                        int counter;
 
-                       char *buf;
+                       unsigned char *buf;
                        struct rdata_s *stack;
 
                        pid_t   pid;
@@ -118,7 +137,7 @@ int lutil_entropy( char *buf, ber_len_t nbytes )
 
                for( n = 0; n < nbytes; n += 16 ) {
                        struct lutil_MD5Context ctx;
-                       char digest[16];
+                       unsigned char digest[16];
 
                        /* poor resolution */
 #ifdef HAVE_GETTIMEOFDAY
@@ -133,10 +152,10 @@ int lutil_entropy( char *buf, ber_len_t nbytes )
                        rdata.junk++;
 
                        lutil_MD5Init( &ctx );
-                       lutil_MD5Update( &ctx, (char *) &rdata, sizeof( rdata ) );
+                       lutil_MD5Update( &ctx, (unsigned char *) &rdata, sizeof( rdata ) );
 
                        /* allow caller to provided additional entropy */
-                       lutil_MD5Update( &ctx, (char *) &buf, nbytes );
+                       lutil_MD5Update( &ctx, buf, nbytes );
 
                        lutil_MD5Final( digest, &ctx );