diff options
-rw-r--r-- | acconfig.h | 2 | ||||
-rw-r--r-- | configure.in | 22 | ||||
-rw-r--r-- | include/apr.h.in | 1 | ||||
-rw-r--r-- | include/apr.hw | 1 | ||||
-rw-r--r-- | include/apr_general.h | 11 | ||||
-rw-r--r-- | misc/unix/Makefile.in | 2 | ||||
-rw-r--r-- | misc/unix/rand.c | 99 | ||||
-rw-r--r-- | misc/win32/rand.c | 76 |
8 files changed, 213 insertions, 1 deletions
diff --git a/acconfig.h b/acconfig.h index c6beed8e0..2556b5033 100644 --- a/acconfig.h +++ b/acconfig.h @@ -30,6 +30,8 @@ #undef HAVE_LOCK_EX #undef HAVE_F_SETLK #undef HAVE_PTHREAD_PROCESS_SHARED +#undef DEV_RANDOM +#undef HAVE_TRUERAND /* Cross process serialization techniques */ #undef USE_FLOCK_SERIALIZE diff --git a/configure.in b/configure.in index f23782ab8..159072313 100644 --- a/configure.in +++ b/configure.in @@ -109,6 +109,7 @@ AC_CHECK_LIB(nsl,gethostname) AC_CHECK_LIB(socket,socket) AC_CHECK_LIB(crypt,crypt) AC_CHECK_LIB(ufc,crypt) +AC_CHECK_LIB(truerand,main) dnl #----------------------------- Checks for Any required Functions dnl Checks for library functions. @@ -454,7 +455,28 @@ AC_SUBST(sharedmem) AC_SUBST(anonymous_shm) AC_SUBST(filebased_shm) AC_SUBST(keybased_shm) + +dnl #----------------------------- Checking for /dev/random +AC_MSG_CHECKING(for /dev/random) + +if test -r "/dev/random"; then + AC_DEFINE(DEV_RANDOM, [/dev/random]) + AC_MSG_RESULT(/dev/random) + rand="1" +elif test -f "/dev/urandom"; then + AC_DEFINE(DEV_RANDOM, [/dev/urandom]) + AC_MSG_RESULT(/dev/urandom) + rand="1" +else + AC_MSG_RESULT(not found); + if test "$ac_cv_lib_truerand_main" = "yes"; then + rand="1" + else + rand="0" + fi +fi +AC_SUBST(rand) dnl #----------------------------- Checking for Time Support echo $ac_n "${nl}Checking for Time Support..." AC_CACHE_CHECK([for tm_gmtoff in struct tm], ac_cv_struct_tm_gmtoff, diff --git a/include/apr.h.in b/include/apr.h.in index b6a7d8ce5..23753b3a7 100644 --- a/include/apr.h.in +++ b/include/apr.h.in @@ -61,6 +61,7 @@ #define APR_HAS_SENDFILE @sendfile@ #define APR_HAS_MMAP @mmap@ #define APR_HAS_FORK @fork@ +#define APR_HAS_RANDOM @rand@ /* Typedefs that APR needs. */ diff --git a/include/apr.hw b/include/apr.hw index c35ea8298..aa0d3a476 100644 --- a/include/apr.hw +++ b/include/apr.hw @@ -110,6 +110,7 @@ #define APR_HAS_THREADS 1 #define APR_HAS_SENDFILE 1 #define APR_HAS_MMAP 0 +#define APR_HAS_RANDOM 1 /* Typedefs that APR needs. */ diff --git a/include/apr_general.h b/include/apr_general.h index 96c791dfd..7c74d67d7 100644 --- a/include/apr_general.h +++ b/include/apr_general.h @@ -211,6 +211,17 @@ typedef int ap_signum_t; #define XtOffsetOf(s_type,field) XtOffset(s_type*,field) #endif +#if APR_HAS_RANDOM +/* ***APRDOC******************************************************** + * TODO: I'm not sure this is the best place to put this prototype... + * ap_status_t ap_generate_random_bytes(unsigned char * buf, int length) + * Generate a string of random bytes. + * arg 1) Random bytes go here + * arg 2) size of the buffer + */ +ap_status_t ap_generate_random_bytes(unsigned char * buf, int length); +#endif + typedef struct ap_pool_t { union block_hdr *first; union block_hdr *last; diff --git a/misc/unix/Makefile.in b/misc/unix/Makefile.in index 90308359c..49f69f125 100644 --- a/misc/unix/Makefile.in +++ b/misc/unix/Makefile.in @@ -15,7 +15,7 @@ INCLUDES=-I$(INCDIR1) -I$(INCDIR2) -I. #LIB=libmisc.a -OBJS=start.o getopt.o otherchild.o error.o +OBJS=start.o getopt.o otherchild.o error.o rand.o .c.o: $(CC) $(CFLAGS) -c $(INCLUDES) $< diff --git a/misc/unix/rand.c b/misc/unix/rand.c new file mode 100644 index 000000000..548b7c778 --- /dev/null +++ b/misc/unix/rand.c @@ -0,0 +1,99 @@ +/* ==================================================================== + * The Apache Software License, Version 1.1 + * + * Copyright (c) 2000 The Apache Software Foundation. All rights + * reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. The end-user documentation included with the redistribution, + * if any, must include the following acknowledgment: + * "This product includes software developed by the + * Apache Software Foundation (http://www.apache.org/)." + * Alternately, this acknowledgment may appear in the software itself, + * if and wherever such third-party acknowledgments normally appear. + * + * 4. The names "Apache" and "Apache Software Foundation" must + * not be used to endorse or promote products derived from this + * software without prior written permission. For written + * permission, please contact apache@apache.org. + * + * 5. Products derived from this software may not be called "Apache", + * nor may "Apache" appear in their name, without prior written + * permission of the Apache Software Foundation. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF + * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * <http://www.apache.org/>. + */ + +#include "misc.h" +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> + +#if APR_HAS_RANDOM + +#define XSTR(x) #x +#define STR(x) XSTR(x) + +ap_status_t ap_generate_random_bytes(unsigned char * buf, int length) +{ +#ifdef DEV_RANDOM + + int rnd; + size_t got, tot; + + if ((rnd = open(STR(DEV_RANDOM), O_RDONLY)) == -1) + return errno; + + for (tot=0; tot<length; tot += got) + if ((got = read(rnd, buf+tot, length-tot)) < 0) + return errno; + + close(rnd); + +#else /* use truerand */ + + extern int randbyte(void); /* from the truerand library */ + unsigned int idx; + + /* this will increase the startup time of the server, unfortunately... + * (generating 20 bytes takes about 8 seconds) + */ + for (idx=0; idx<length; idx++) + buf[idx] = (unsigned char) randbyte(); + +#endif /* DEV_RANDOM */ + + return APR_SUCCESS; +} + +#undef STR +#undef XSTR +#endif /* APR_HAS_RANDOM */ diff --git a/misc/win32/rand.c b/misc/win32/rand.c new file mode 100644 index 000000000..99598213d --- /dev/null +++ b/misc/win32/rand.c @@ -0,0 +1,76 @@ +/* ==================================================================== + * The Apache Software License, Version 1.1 + * + * Copyright (c) 2000 The Apache Software Foundation. All rights + * reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. The end-user documentation included with the redistribution, + * if any, must include the following acknowledgment: + * "This product includes software developed by the + * Apache Software Foundation (http://www.apache.org/)." + * Alternately, this acknowledgment may appear in the software itself, + * if and wherever such third-party acknowledgments normally appear. + * + * 4. The names "Apache" and "Apache Software Foundation" must + * not be used to endorse or promote products derived from this + * software without prior written permission. For written + * permission, please contact apache@apache.org. + * + * 5. Products derived from this software may not be called "Apache", + * nor may "Apache" appear in their name, without prior written + * permission of the Apache Software Foundation. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF + * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND + * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT + * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * <http://www.apache.org/>. + */ + +#include <wincrypt.h> + +ap_status_t ap_generate_random_bytes(unsigned char * buf, int length) +{ + HCRYPTPROV hProv; + + if (!CryptAcquireContext(&hProv,NULL,NULL,PROV_RSA_FULL,0)) { + /* ap_log_error(APLOG_MARK, APLOG_CRIT, 0, s, + "Digest: Error acquiring context. Errno = %d", + GetLastError()); + exit(EXIT_FAILURE);*/ + return 1; + } + if (!CryptGenRandom(hProv,length,buf)) { + /* ap_log_error(APLOG_MARK, APLOG_CRIT, 0, s, + "Digest: Error generating secret. Errno = %d", + GetLastError()); + exit(EXIT_FAILURE);*/ + return 1; + } + return APR_SUCCESS; +} |