From: Darren Tucker Date: Wed, 11 Feb 2026 22:36:42 +0000 (-0500) Subject: Factor out RNG reseeding in to a single function. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1a4eb511abaf3522b84fa5697524b81b4865279b;p=thirdparty%2Fopenssh-portable.git Factor out RNG reseeding in to a single function. sshd and sshd-session both reseed the RNG after a fork. Move the existing reseed_prngs() function into entropy.c and use for both. Clean up entropy.h too. ok djm@ --- diff --git a/entropy.c b/entropy.c index 65ef92237..8bb3accbd 100644 --- a/entropy.c +++ b/entropy.c @@ -108,3 +108,24 @@ seed_rng(void) } #endif /* WITH_OPENSSL */ + +void +reseed_prngs(void) +{ + u_int32_t rnd[256]; + +#ifdef WITH_OPENSSL + RAND_poll(); +#endif + arc4random_stir(); /* noop on recent arc4random() implementations */ + arc4random_buf(rnd, sizeof(rnd)); /* let arc4random notice PID change */ + +#ifdef WITH_OPENSSL + RAND_seed(rnd, sizeof(rnd)); + /* give libcrypto a chance to notice the PID change */ + if ((RAND_bytes((u_char *)rnd, 1)) != 1) + fatal_f("RAND_bytes failed"); +#endif + + explicit_bzero(rnd, sizeof(rnd)); +} diff --git a/entropy.h b/entropy.h index 870164d30..45d56a339 100644 --- a/entropy.h +++ b/entropy.h @@ -22,13 +22,12 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef _RANDOMS_H -#define _RANDOMS_H +#ifndef _ENTROPY_H +#define _ENTROPY_H struct sshbuf; void seed_rng(void); -void rexec_send_rng_seed(struct sshbuf *); -void rexec_recv_rng_seed(struct sshbuf *); +void reseed_prngs(void); -#endif /* _RANDOMS_H */ +#endif /* _ENTROPY_H */ diff --git a/sshd-session.c b/sshd-session.c index d8dfc7432..29de97fa6 100644 --- a/sshd-session.c +++ b/sshd-session.c @@ -262,27 +262,6 @@ demote_sensitive_data(void) } } -static void -reseed_prngs(void) -{ - u_int32_t rnd[256]; - -#ifdef WITH_OPENSSL - RAND_poll(); -#endif - arc4random_stir(); /* noop on recent arc4random() implementations */ - arc4random_buf(rnd, sizeof(rnd)); /* let arc4random notice PID change */ - -#ifdef WITH_OPENSSL - RAND_seed(rnd, sizeof(rnd)); - /* give libcrypto a chance to notice the PID change */ - if ((RAND_bytes((u_char *)rnd, 1)) != 1) - fatal_f("RAND_bytes failed"); -#endif - - explicit_bzero(rnd, sizeof(rnd)); -} - struct sshbuf * pack_hostkeys(void) { diff --git a/sshd.c b/sshd.c index 0bea88927..74d25fc73 100644 --- a/sshd.c +++ b/sshd.c @@ -922,7 +922,6 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, struct early_child *child; struct sshbuf *buf; socklen_t fromlen; - u_char rnd[256]; sigset_t nsigset, osigset; /* pipes connected to unauthenticated child sshd processes */ @@ -1219,14 +1218,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s, * Ensure that our random state differs * from that of the child */ - arc4random_stir(); - arc4random_buf(rnd, sizeof(rnd)); -#ifdef WITH_OPENSSL - RAND_seed(rnd, sizeof(rnd)); - if ((RAND_bytes((u_char *)rnd, 1)) != 1) - fatal_f("RAND_bytes failed"); -#endif - explicit_bzero(rnd, sizeof(rnd)); + reseed_prngs(); } } }