read back from libcrypto RAND when privdropping

makes certain libcrypto implementations cache a /dev/urandom fd
in preparation of sandboxing. Based on patch by Greg Hartman.

diff --git a/sshd.c b/sshd.c
index d86808912f2ac393c17c49720f9ecd70107c5b16..b19cc34c7b5ece0c1e1f3936a13bf225b272bc42 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -624,6 +624,8 @@ privsep_preauth_child(void)
        arc4random_buf(rnd, sizeof(rnd));
 #ifdef WITH_OPENSSL
        RAND_seed(rnd, sizeof(rnd));
+       if ((RAND_bytes((u_char *)rnd, 1)) != 1)
+               fatal("%s: RAND_bytes failed", __func__);
 #endif
        explicit_bzero(rnd, sizeof(rnd));
 
@@ -767,6 +769,8 @@ privsep_postauth(Authctxt *authctxt)
        arc4random_buf(rnd, sizeof(rnd));
 #ifdef WITH_OPENSSL
        RAND_seed(rnd, sizeof(rnd));
+       if ((RAND_bytes((u_char *)rnd, 1)) != 1)
+               fatal("%s: RAND_bytes failed", __func__);
 #endif
        explicit_bzero(rnd, sizeof(rnd));
 
@@ -1436,6 +1440,8 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
                        arc4random_buf(rnd, sizeof(rnd));
 #ifdef WITH_OPENSSL
                        RAND_seed(rnd, sizeof(rnd));
+                       if ((RAND_bytes((u_char *)rnd, 1)) != 1)
+                               fatal("%s: RAND_bytes failed", __func__);
 #endif
                        explicit_bzero(rnd, sizeof(rnd));
                }