From bdca662249c3d17b53b4223955a9c9f474927f89 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Tue, 26 Oct 1999 22:57:39 +0000 Subject: [PATCH] Add lutil_entropy(). Currently only supports /dev/urandom or Linux equivs. Should be extended to support other quality sources of entropy. Should be extended to support a reasonable fallback. --- configure | 270 +++++++++++++++++---------------- configure.in | 24 ++- include/lutil.h | 6 + include/portable.h.in | 3 + libraries/liblutil/Makefile.in | 4 +- libraries/liblutil/entropy.c | 34 +++++ 6 files changed, 210 insertions(+), 131 deletions(-) create mode 100644 libraries/liblutil/entropy.c diff --git a/configure b/configure index 24b8613c89..a5038a6f05 100755 --- a/configure +++ b/configure @@ -12243,18 +12243,34 @@ EOF fi fi +if test $cross_compiling != yes ; then + dev=no + if test -r /dev/urandom ; then + dev="/dev/urandom"; + elif test -r /idev/urandom ; then + dev="/idev/urandom"; + fi + + if test $dev != no ; then + cat >> confdefs.h <&6 -echo "configure:12252: checking fetch(3) library" >&5 +echo "configure:12268: checking fetch(3) library" >&5 if eval "test \"\${ol_cv_lib_fetch+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < @@ -12264,7 +12280,7 @@ int main() { struct url *u = fetchParseURL("file:///"); ; return 0; } EOF -if { (eval echo configure:12268: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12284: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_lib_fetch=yes else @@ -12302,17 +12318,17 @@ if test $ol_with_readline != no ; then do ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:12306: checking for $ac_hdr" >&5 +echo "configure:12322: checking for $ac_hdr" >&5 if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:12316: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:12332: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -12343,7 +12359,7 @@ done save_LIBS="$LIBS" LIBS="$TERMCAP_LIBS $LIBS" echo $ac_n "checking for readline in -lreadline""... $ac_c" 1>&6 -echo "configure:12347: checking for readline in -lreadline" >&5 +echo "configure:12363: checking for readline in -lreadline" >&5 ac_lib_var=`echo readline'_'readline | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -12351,7 +12367,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lreadline $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12382: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -12404,12 +12420,12 @@ fi if test $ol_enable_crypt != no ; then echo $ac_n "checking for crypt""... $ac_c" 1>&6 -echo "configure:12408: checking for crypt" >&5 +echo "configure:12424: checking for crypt" >&5 if eval "test \"\${ac_cv_func_crypt+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12453: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_crypt=yes" else @@ -12452,7 +12468,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6 -echo "configure:12456: checking for crypt in -lcrypt" >&5 +echo "configure:12472: checking for crypt in -lcrypt" >&5 ac_lib_var=`echo crypt'_'crypt | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -12460,7 +12476,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lcrypt $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12491: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -12514,12 +12530,12 @@ fi if test $ol_enable_proctitle != no ; then echo $ac_n "checking for setproctitle""... $ac_c" 1>&6 -echo "configure:12518: checking for setproctitle" >&5 +echo "configure:12534: checking for setproctitle" >&5 if eval "test \"\${ac_cv_func_setproctitle+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12563: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_setproctitle=yes" else @@ -12562,7 +12578,7 @@ else echo "$ac_t""no" 1>&6 echo $ac_n "checking for setproctitle in -lutil""... $ac_c" 1>&6 -echo "configure:12566: checking for setproctitle in -lutil" >&5 +echo "configure:12582: checking for setproctitle in -lutil" >&5 ac_lib_var=`echo util'_'setproctitle | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -12570,7 +12586,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lutil $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:12601: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -12616,12 +12632,12 @@ EOF fi echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6 -echo "configure:12620: checking for uid_t in sys/types.h" >&5 +echo "configure:12636: checking for uid_t in sys/types.h" >&5 if eval "test \"\${ac_cv_type_uid_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < EOF @@ -12650,7 +12666,7 @@ EOF fi echo $ac_n "checking type of array argument to getgroups""... $ac_c" 1>&6 -echo "configure:12654: checking type of array argument to getgroups" >&5 +echo "configure:12670: checking type of array argument to getgroups" >&5 if eval "test \"\${ac_cv_type_getgroups+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -12658,7 +12674,7 @@ else ac_cv_type_getgroups=cross else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:12703: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_type_getgroups=gid_t else @@ -12697,7 +12713,7 @@ fi if test $ac_cv_type_getgroups = cross; then cat > conftest.$ac_ext < EOF @@ -12720,12 +12736,12 @@ cat >> confdefs.h <&6 -echo "configure:12724: checking for ANSI C header files" >&5 +echo "configure:12740: checking for ANSI C header files" >&5 if eval "test \"\${ac_cv_header_stdc+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -12733,7 +12749,7 @@ else #include EOF ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:12737: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +{ (eval echo configure:12753: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` if test -z "$ac_err"; then rm -rf conftest* @@ -12750,7 +12766,7 @@ rm -f conftest* if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat > conftest.$ac_ext < EOF @@ -12768,7 +12784,7 @@ fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat > conftest.$ac_ext < EOF @@ -12789,7 +12805,7 @@ if test "$cross_compiling" = yes; then : else cat > conftest.$ac_ext < #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') @@ -12800,7 +12816,7 @@ if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); exit (0); } EOF -if { (eval echo configure:12804: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:12820: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then : else @@ -12824,12 +12840,12 @@ EOF fi echo $ac_n "checking for mode_t""... $ac_c" 1>&6 -echo "configure:12828: checking for mode_t" >&5 +echo "configure:12844: checking for mode_t" >&5 if eval "test \"\${ac_cv_type_mode_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -12859,12 +12875,12 @@ EOF fi echo $ac_n "checking for off_t""... $ac_c" 1>&6 -echo "configure:12863: checking for off_t" >&5 +echo "configure:12879: checking for off_t" >&5 if eval "test \"\${ac_cv_type_off_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -12894,12 +12910,12 @@ EOF fi echo $ac_n "checking for pid_t""... $ac_c" 1>&6 -echo "configure:12898: checking for pid_t" >&5 +echo "configure:12914: checking for pid_t" >&5 if eval "test \"\${ac_cv_type_pid_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -12929,19 +12945,19 @@ EOF fi echo $ac_n "checking for ptrdiff_t""... $ac_c" 1>&6 -echo "configure:12933: checking for ptrdiff_t" >&5 +echo "configure:12949: checking for ptrdiff_t" >&5 if eval "test \"\${am_cv_type_ptrdiff_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { ptrdiff_t p ; return 0; } EOF -if { (eval echo configure:12945: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:12961: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* am_cv_type_ptrdiff_t=yes else @@ -12962,12 +12978,12 @@ EOF fi echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6 -echo "configure:12966: checking return type of signal handlers" >&5 +echo "configure:12982: checking return type of signal handlers" >&5 if eval "test \"\${ac_cv_type_signal+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -12984,7 +13000,7 @@ int main() { int i; ; return 0; } EOF -if { (eval echo configure:12988: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13004: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_type_signal=void else @@ -13003,19 +13019,19 @@ EOF echo $ac_n "checking for sig_atomic_t""... $ac_c" 1>&6 -echo "configure:13007: checking for sig_atomic_t" >&5 +echo "configure:13023: checking for sig_atomic_t" >&5 if eval "test \"\${ol_cv_type_sig_atomic_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { sig_atomic_t atomic; ; return 0; } EOF -if { (eval echo configure:13019: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13035: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_type_sig_atomic_t=yes else @@ -13036,12 +13052,12 @@ EOF fi echo $ac_n "checking for size_t""... $ac_c" 1>&6 -echo "configure:13040: checking for size_t" >&5 +echo "configure:13056: checking for size_t" >&5 if eval "test \"\${ac_cv_type_size_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #if STDC_HEADERS @@ -13071,12 +13087,12 @@ EOF fi echo $ac_n "checking for socklen_t""... $ac_c" 1>&6 -echo "configure:13075: checking for socklen_t" >&5 +echo "configure:13091: checking for socklen_t" >&5 if eval "test \"\${ol_cv_type_socklen_t+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13110: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_type_socklen_t=yes else @@ -13111,12 +13127,12 @@ EOF fi echo $ac_n "checking for member st_blksize in aggregate type struct stat""... $ac_c" 1>&6 -echo "configure:13115: checking for member st_blksize in aggregate type struct stat" >&5 +echo "configure:13131: checking for member st_blksize in aggregate type struct stat" >&5 if eval "test \"\${ac_cv_c_struct_member_st_blksize+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -13124,7 +13140,7 @@ int main() { struct stat foo; foo.st_blksize; ; return 0; } EOF -if { (eval echo configure:13128: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13144: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_struct_member_st_blksize=yes else @@ -13146,12 +13162,12 @@ EOF fi echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6 -echo "configure:13150: checking whether time.h and sys/time.h may both be included" >&5 +echo "configure:13166: checking whether time.h and sys/time.h may both be included" >&5 if eval "test \"\${ac_cv_header_time+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -13160,7 +13176,7 @@ int main() { struct tm *tp; ; return 0; } EOF -if { (eval echo configure:13164: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13180: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_header_time=yes else @@ -13181,12 +13197,12 @@ EOF fi echo $ac_n "checking whether struct tm is in sys/time.h or time.h""... $ac_c" 1>&6 -echo "configure:13185: checking whether struct tm is in sys/time.h or time.h" >&5 +echo "configure:13201: checking whether struct tm is in sys/time.h or time.h" >&5 if eval "test \"\${ac_cv_struct_tm+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < #include @@ -13194,7 +13210,7 @@ int main() { struct tm *tp; tp->tm_sec; ; return 0; } EOF -if { (eval echo configure:13198: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13214: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_struct_tm=time.h else @@ -13216,13 +13232,13 @@ fi # test for pw_gecos in struct passwd echo $ac_n "checking struct passwd for pw_gecos""... $ac_c" 1>&6 -echo "configure:13220: checking struct passwd for pw_gecos" >&5 +echo "configure:13236: checking struct passwd for pw_gecos" >&5 if eval "test \"\${ol_cv_struct_passwd_pw_gecos+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { @@ -13232,7 +13248,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:13236: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13252: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_struct_passwd_pw_gecos=yes else @@ -13254,13 +13270,13 @@ fi # test for pw_passwd in struct passwd echo $ac_n "checking struct passwd for pw_passwd""... $ac_c" 1>&6 -echo "configure:13258: checking struct passwd for pw_passwd" >&5 +echo "configure:13274: checking struct passwd for pw_passwd" >&5 if eval "test \"\${ol_cv_struct_passwd_pw_passwd+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { @@ -13270,7 +13286,7 @@ int main() { ; return 0; } EOF -if { (eval echo configure:13274: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13290: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_struct_passwd_pw_passwd=yes else @@ -13292,7 +13308,7 @@ fi echo $ac_n "checking if toupper() requires islower()""... $ac_c" 1>&6 -echo "configure:13296: checking if toupper() requires islower()" >&5 +echo "configure:13312: checking if toupper() requires islower()" >&5 if eval "test \"\${ol_cv_c_upper_lower+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -13301,7 +13317,7 @@ else ol_cv_c_upper_lower=safe else cat > conftest.$ac_ext < @@ -13313,7 +13329,7 @@ main() exit(1); } EOF -if { (eval echo configure:13317: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:13333: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ol_cv_c_upper_lower=no else @@ -13336,12 +13352,12 @@ EOF fi echo $ac_n "checking for working const""... $ac_c" 1>&6 -echo "configure:13340: checking for working const" >&5 +echo "configure:13356: checking for working const" >&5 if eval "test \"\${ac_cv_c_const+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13410: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_const=yes else @@ -13411,12 +13427,12 @@ EOF fi echo $ac_n "checking if compiler understands volatile""... $ac_c" 1>&6 -echo "configure:13415: checking if compiler understands volatile" >&5 +echo "configure:13431: checking if compiler understands volatile" >&5 if eval "test \"\${ol_cv_c_volatile+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13445: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_c_volatile=yes else @@ -13469,14 +13485,14 @@ EOF else echo $ac_n "checking whether byte ordering is bigendian""... $ac_c" 1>&6 -echo "configure:13473: checking whether byte ordering is bigendian" >&5 +echo "configure:13489: checking whether byte ordering is bigendian" >&5 if eval "test \"\${ac_cv_c_bigendian+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else ac_cv_c_bigendian=unknown # See if sys/param.h defines the BYTE_ORDER macro. cat > conftest.$ac_ext < #include @@ -13487,11 +13503,11 @@ int main() { #endif ; return 0; } EOF -if { (eval echo configure:13491: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13507: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* # It does; now see whether it defined to BIG_ENDIAN or not. cat > conftest.$ac_ext < #include @@ -13502,7 +13518,7 @@ int main() { #endif ; return 0; } EOF -if { (eval echo configure:13506: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:13522: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ac_cv_c_bigendian=yes else @@ -13522,7 +13538,7 @@ if test "$cross_compiling" = yes; then { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:13555: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_c_bigendian=no else @@ -13559,7 +13575,7 @@ EOF fi echo $ac_n "checking size of short""... $ac_c" 1>&6 -echo "configure:13563: checking size of short" >&5 +echo "configure:13579: checking size of short" >&5 if eval "test \"\${ac_cv_sizeof_short+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -13567,7 +13583,7 @@ else { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } else cat > conftest.$ac_ext < main() @@ -13578,7 +13594,7 @@ main() exit(0); } EOF -if { (eval echo configure:13582: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:13598: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_sizeof_short=`cat conftestval` else @@ -13598,7 +13614,7 @@ EOF echo $ac_n "checking size of int""... $ac_c" 1>&6 -echo "configure:13602: checking size of int" >&5 +echo "configure:13618: checking size of int" >&5 if eval "test \"\${ac_cv_sizeof_int+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -13606,7 +13622,7 @@ else { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } else cat > conftest.$ac_ext < main() @@ -13617,7 +13633,7 @@ main() exit(0); } EOF -if { (eval echo configure:13621: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:13637: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_sizeof_int=`cat conftestval` else @@ -13637,7 +13653,7 @@ EOF echo $ac_n "checking size of long""... $ac_c" 1>&6 -echo "configure:13641: checking size of long" >&5 +echo "configure:13657: checking size of long" >&5 if eval "test \"\${ac_cv_sizeof_long+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -13645,7 +13661,7 @@ else { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } else cat > conftest.$ac_ext < main() @@ -13656,7 +13672,7 @@ main() exit(0); } EOF -if { (eval echo configure:13660: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:13676: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_sizeof_long=`cat conftestval` else @@ -13713,7 +13729,7 @@ EOF echo $ac_n "checking for 8-bit clean memcmp""... $ac_c" 1>&6 -echo "configure:13717: checking for 8-bit clean memcmp" >&5 +echo "configure:13733: checking for 8-bit clean memcmp" >&5 if eval "test \"\${ac_cv_func_memcmp_clean+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else @@ -13721,7 +13737,7 @@ else ac_cv_func_memcmp_clean=no else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +if { (eval echo configure:13751: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null then ac_cv_func_memcmp_clean=yes else @@ -13749,12 +13765,12 @@ echo "$ac_t""$ac_cv_func_memcmp_clean" 1>&6 test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS memcmp.${ac_objext}" echo $ac_n "checking for strftime""... $ac_c" 1>&6 -echo "configure:13753: checking for strftime" >&5 +echo "configure:13769: checking for strftime" >&5 if eval "test \"\${ac_cv_func_strftime+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13798: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_strftime=yes" else @@ -13800,7 +13816,7 @@ else echo "$ac_t""no" 1>&6 # strftime is in -lintl on SCO UNIX. echo $ac_n "checking for strftime in -lintl""... $ac_c" 1>&6 -echo "configure:13804: checking for strftime in -lintl" >&5 +echo "configure:13820: checking for strftime in -lintl" >&5 ac_lib_var=`echo intl'_'strftime | sed 'y%./+-:%__p__%'` if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 @@ -13808,7 +13824,7 @@ else ac_save_LIBS="$LIBS" LIBS="-lintl $LIBS" cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13839: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_lib_$ac_lib_var=yes" else @@ -13847,12 +13863,12 @@ fi echo $ac_n "checking for inet_aton()""... $ac_c" 1>&6 -echo "configure:13851: checking for inet_aton()" >&5 +echo "configure:13867: checking for inet_aton()" >&5 if eval "test \"\${ol_cv_func_inet_aton+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13894: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_func_inet_aton=yes else @@ -13896,12 +13912,12 @@ EOF echo $ac_n "checking for vprintf""... $ac_c" 1>&6 -echo "configure:13900: checking for vprintf" >&5 +echo "configure:13916: checking for vprintf" >&5 if eval "test \"\${ac_cv_func_vprintf+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13945: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_vprintf=yes" else @@ -13949,12 +13965,12 @@ fi if test "$ac_cv_func_vprintf" != yes; then echo $ac_n "checking for _doprnt""... $ac_c" 1>&6 -echo "configure:13953: checking for _doprnt" >&5 +echo "configure:13969: checking for _doprnt" >&5 if eval "test \"\${ac_cv_func__doprnt+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:13998: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func__doprnt=yes" else @@ -14007,12 +14023,12 @@ if test $ac_cv_func_vprintf = yes ; then for ac_func in vsnprintf vsprintf do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:14011: checking for $ac_func" >&5 +echo "configure:14027: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14056: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -14113,12 +14129,12 @@ for ac_func in \ do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:14117: checking for $ac_func" >&5 +echo "configure:14133: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14162: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -14170,12 +14186,12 @@ done for ac_func in getopt tempnam do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:14174: checking for $ac_func" >&5 +echo "configure:14190: checking for $ac_func" >&5 if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14219: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* eval "ac_cv_func_$ac_func=yes" else @@ -14228,13 +14244,13 @@ done # Check Configuration echo $ac_n "checking declaration of sys_errlist""... $ac_c" 1>&6 -echo "configure:14232: checking declaration of sys_errlist" >&5 +echo "configure:14248: checking declaration of sys_errlist" >&5 if eval "test \"\${ol_cv_dcl_sys_errlist+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < @@ -14244,7 +14260,7 @@ int main() { char *c = (char *) *sys_errlist ; return 0; } EOF -if { (eval echo configure:14248: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +if { (eval echo configure:14264: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then rm -rf conftest* ol_cv_dcl_sys_errlist=yes ol_cv_have_sys_errlist=yes @@ -14267,20 +14283,20 @@ EOF echo $ac_n "checking existence of sys_errlist""... $ac_c" 1>&6 -echo "configure:14271: checking existence of sys_errlist" >&5 +echo "configure:14287: checking existence of sys_errlist" >&5 if eval "test \"\${ol_cv_have_sys_errlist+set}\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext < int main() { char *c = (char *) *sys_errlist ; return 0; } EOF -if { (eval echo configure:14284: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +if { (eval echo configure:14300: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then rm -rf conftest* ol_cv_have_sys_errlist=yes else diff --git a/configure.in b/configure.in index 2266de5588..460799115b 100644 --- a/configure.in +++ b/configure.in @@ -1729,8 +1729,7 @@ fi dnl ---------------------------------------------------------------- dnl -dnl Check for fetch URL support -dnl should be extended to support other fetch URL APIs +dnl Check for Cyrus SASL dnl ol_link_sasl=no if test $ol_with_cyrus_sasl != no ; then @@ -1752,6 +1751,27 @@ if test $ol_with_cyrus_sasl != no ; then fi fi +dnl ---------------------------------------------------------------- +dnl Check for entropy sources +if test $cross_compiling != yes ; then + dev=no + if test -r /dev/urandom ; then + dev="/dev/urandom"; + elif test -r /idev/urandom ; then + dev="/idev/urandom"; + elif test -r /dev/srandom ; then + dev="/dev/srandom"; + elif test -r /dev/random ; then + dev="/dev/random"; + elif test -r /idev/random ; then + dev="/idev/random"; + fi + + if test $dev != no ; then + AC_DEFINE_UNQUOTED(URANDOM_DEVICE,"$dev",[set to urandom device]) + fi +fi + dnl ---------------------------------------------------------------- dnl dnl Check for fetch URL support diff --git a/include/lutil.h b/include/lutil.h index c58911a62c..152c1316fd 100644 --- a/include/lutil.h +++ b/include/lutil.h @@ -49,6 +49,12 @@ lutil_detach LDAP_P(( int debug, int do_close)); +/* entropy.c */ +LDAP_F( int ) +lutil_entorpy LDAP_P(( + char *buf, + int nbytes )); + /* passwd.c */ LDAP_F( int ) lutil_passwd LDAP_P(( diff --git a/include/portable.h.in b/include/portable.h.in index c06a6ab69d..17ca011dd6 100644 --- a/include/portable.h.in +++ b/include/portable.h.in @@ -729,6 +729,9 @@ /* define if you have Cyrus SASL */ #undef HAVE_CYRUS_SASL +/* set to urandom device */ +#undef URANDOM_DEVICE + /* define if you actually have FreeBSD fetch(3) */ #undef HAVE_FETCH diff --git a/libraries/liblutil/Makefile.in b/libraries/liblutil/Makefile.in index 31e3aa9d8d..46fce8ea4f 100644 --- a/libraries/liblutil/Makefile.in +++ b/libraries/liblutil/Makefile.in @@ -4,9 +4,9 @@ ## LIBRARY = liblutil.a -SRCS = base64.c debug.c detach.c \ +SRCS = base64.c debug.c detach.c entropy.c \ md5.c passwd.c sha1.c getpass.c lockf.c utils.c sockpair.c -OBJS = base64.o debug.o detach.o \ +OBJS = base64.o debug.o detach.o entropy.o \ md5.o passwd.o sha1.o getpass.o lockf.o utils.o sockpair.o \ @LIBOBJS@ diff --git a/libraries/liblutil/entropy.c b/libraries/liblutil/entropy.c new file mode 100644 index 0000000000..38f624618c --- /dev/null +++ b/libraries/liblutil/entropy.c @@ -0,0 +1,34 @@ +/* $OpenLDAP$ */ +/* + * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + +/* + * lutil_entropy() provides nbyptes of entropy in buf. + * Quality offerred is suitable for one-time uses, such as "once" keys. + */ +int lutil_entropy( char *buf, int nbytes ) +{ + if( nbytes < 0 ) return -1; + if( nbytes == 0 ) return 0; + +#ifdef URANDOM_DEVICE + /* Linux and *BSD offer a urandom device */ + { + int rc, fd; + + fd = open( URANDOM_DEVICE, O_RDONLY ); + + if( fd < 0 ) return -1; + + rc = read( fd, buf, nbytes ); + close(fd); + + if( rc < nbytes ) return -1; + + return 0; + } +#endif + return -1; +} -- 2.39.5