diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -7016,13 +7016,4 @@ @bye -GCRYCTL_SET_RANDOM_DAEMON_SOCKET -GCRYCTL_USE_RANDOM_DAEMON -The random daemon is still a bit experimental, thus we do not document -them. Note that they should be used during initialization and that -these functions are not really thread safe. - - - - @c LocalWords: int HD diff --git a/random/Makefile.am b/random/Makefile.am --- a/random/Makefile.am +++ b/random/Makefile.am @@ -39,11 +39,6 @@ rndjent.c \ rndhw.c -if USE_RANDOM_DAEMON -librandom_la_SOURCES += random-daemon.c -endif USE_RANDOM_DAEMON - - EXTRA_librandom_la_SOURCES = \ rndgetentropy.c \ rndlinux.c \ diff --git a/random/rand-internal.h b/random/rand-internal.h --- a/random/rand-internal.h +++ b/random/rand-internal.h @@ -51,8 +51,6 @@ void _gcry_rngcsprng_dump_stats (void); void _gcry_rngcsprng_secure_alloc (void); void _gcry_rngcsprng_enable_quick_gen (void); -void _gcry_rngcsprng_set_daemon_socket (const char *socketname); -int _gcry_rngcsprng_use_daemon (int onoff); int _gcry_rngcsprng_is_faked (void); gcry_error_t _gcry_rngcsprng_add_bytes (const void *buf, size_t buflen, int quality); diff --git a/random/random-csprng.c b/random/random-csprng.c --- a/random/random-csprng.c +++ b/random/random-csprng.c @@ -204,26 +204,6 @@ -/* --- Stuff pertaining to the random daemon support. --- */ -#ifdef USE_RANDOM_DAEMON - -/* If ALLOW_DAEMON is true, the module will try to use the random - daemon first. If the daemon has failed, this variable is set to - back to false and the code continues as normal. Note, we don't - test this flag in a locked state because a wrong value does not - harm and the trhead will find out itself that the daemon does not - work and set it (again) to false. */ -static int allow_daemon; - -/* During initialization, the user may set a non-default socket name - for accessing the random daemon. If this value is NULL, the - default name will be used. */ -static char *daemon_socket_name; - -#endif /*USE_RANDOM_DAEMON*/ - - - /* --- Prototypes --- */ static void read_pool (byte *buffer, size_t length, int level ); static void add_randomness (const void *buffer, size_t length, @@ -409,45 +389,6 @@ } -void -_gcry_rngcsprng_set_daemon_socket (const char *socketname) -{ -#ifdef USE_RANDOM_DAEMON - if (daemon_socket_name) - BUG (); - - daemon_socket_name = gcry_xstrdup (socketname); -#else /*!USE_RANDOM_DAEMON*/ - (void)socketname; -#endif /*!USE_RANDOM_DAEMON*/ -} - -/* With ONOFF set to 1, enable the use of the daemon. With ONOFF set - to 0, disable the use of the daemon. With ONOF set to -1, return - whether the daemon has been enabled. */ -int -_gcry_rngcsprng_use_daemon (int onoff) -{ -#ifdef USE_RANDOM_DAEMON - int last; - - /* This is not really thread safe. However it is expected that this - function is being called during initialization and at that point - we are for other reasons not really thread safe. We do not want - to lock it because we might eventually decide that this function - may even be called prior to gcry_check_version. */ - last = allow_daemon; - if (onoff != -1) - allow_daemon = onoff; - - return last; -#else /*!USE_RANDOM_DAEMON*/ - (void)onoff; - return 0; -#endif /*!USE_RANDOM_DAEMON*/ -} - - /* This function returns true if no real RNG is available or the quality of the RNG has been degraded for test purposes. */ int @@ -523,13 +464,6 @@ /* Make sure the level is okay. */ level &= 3; -#ifdef USE_RANDOM_DAEMON - if (allow_daemon - && !_gcry_daemon_randomize (daemon_socket_name, buffer, length, level)) - return; /* The daemon succeeded. */ - allow_daemon = 0; /* Daemon failed - switch off. */ -#endif /*USE_RANDOM_DAEMON*/ - /* Acquire the pool lock. */ lock_pool (); diff --git a/random/random-daemon.c b/random/random-daemon.c deleted file mode 100644 --- a/random/random-daemon.c +++ /dev/null @@ -1,336 +0,0 @@ -/* random-daemon.c - Access to the external random daemon - * Copyright (C) 2006 Free Software Foundation, Inc. - * - * This file is part of Libgcrypt. - * - * Libgcrypt is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * Libgcrypt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -/* - The functions here are used by random.c to divert calls to an - external random number daemon. The actual daemon we use is - gcryptrnd. Such a daemon is useful to keep a persistent pool in - memory over invocations of a single application and to allow - prioritizing access to the actual entropy sources. The drawback is - that we need to use IPC (i.e. unix domain socket) to convey - sensitive data. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "g10lib.h" -#include "random.h" - - - -/* This is default socket name we use in case the provided socket name - is NULL. */ -#define RANDOM_DAEMON_SOCKET "/var/run/libgcrypt/S.gcryptrnd" - -/* The lock serializing access to the daemon. */ -GPGRT_LOCK_DEFINE (daemon_lock); - -/* The socket connected to the daemon. */ -static int daemon_socket = -1; - -/* Creates a socket connected to the daemon. On success, store the - socket fd in *SOCK. Returns error code. */ -static gcry_error_t -connect_to_socket (const char *socketname, int *sock) -{ - struct sockaddr_un *srvr_addr; - socklen_t addrlen; - gcry_error_t err; - int fd; - int rc; - - srvr_addr = NULL; - - /* Create a socket. */ - fd = socket (AF_UNIX, SOCK_STREAM, 0); - if (fd == -1) - { - log_error ("can't create socket: %s\n", strerror (errno)); - err = gcry_error_from_errno (errno); - goto out; - } - - /* Set up address. */ - srvr_addr = gcry_malloc (sizeof *srvr_addr); - if (! srvr_addr) - { - log_error ("malloc failed: %s\n", strerror (errno)); - err = gcry_error_from_errno (errno); - goto out; - } - memset (srvr_addr, 0, sizeof *srvr_addr); - srvr_addr->sun_family = AF_UNIX; - if (strlen (socketname) + 1 >= sizeof (srvr_addr->sun_path)) - { - log_error ("socket name `%s' too long\n", socketname); - err = gcry_error (GPG_ERR_ENAMETOOLONG); - goto out; - } - strcpy (srvr_addr->sun_path, socketname); - addrlen = (offsetof (struct sockaddr_un, sun_path) - + strlen (srvr_addr->sun_path) + 1); - - /* Connect socket. */ - rc = connect (fd, (struct sockaddr *) srvr_addr, addrlen); - if (rc == -1) - { - log_error ("error connecting socket `%s': %s\n", - srvr_addr->sun_path, strerror (errno)); - err = gcry_error_from_errno (errno); - goto out; - } - - err = 0; - - out: - - gcry_free (srvr_addr); - if (err) - { - close (fd); - fd = -1; - } - *sock = fd; - - return err; -} - - -/* Initialize basics of this module. This should be viewed as a - constructor to prepare locking. */ -void -_gcry_daemon_initialize_basics (void) -{ - /* Not anymore required. */ -} - - - -/* Send LENGTH bytes of BUFFER to file descriptor FD. Returns 0 on - success or another value on write error. */ -static int -writen (int fd, const void *buffer, size_t length) -{ - ssize_t n; - - while (length) - { - do - n = ath_write (fd, buffer, length); - while (n < 0 && errno == EINTR); - if (n < 0) - { - log_error ("write error: %s\n", strerror (errno)); - return -1; /* write error */ - } - length -= n; - buffer = (const char*)buffer + n; - } - return 0; /* Okay */ -} - -static int -readn (int fd, void *buf, size_t buflen, size_t *ret_nread) -{ - size_t nleft = buflen; - int nread; - char *p; - - p = buf; - while (nleft > 0) - { - nread = ath_read (fd, buf, nleft); - if (nread < 0) - { - if (nread == EINTR) - nread = 0; - else - return -1; - } - else if (!nread) - break; /* EOF */ - nleft -= nread; - buf = (char*)buf + nread; - } - if (ret_nread) - *ret_nread = buflen - nleft; - return 0; -} - -/* This functions requests REQ_NBYTES from the daemon. If NONCE is - true, the data should be suited for a nonce. If NONCE is FALSE, - data of random level LEVEL will be generated. The retrieved random - data will be stored in BUFFER. Returns error code. */ -static gcry_error_t -call_daemon (const char *socketname, - void *buffer, size_t req_nbytes, int nonce, - enum gcry_random_level level) -{ - static int initialized; - unsigned char buf[255]; - gcry_error_t err = 0; - size_t nbytes; - size_t nread; - int rc; - - if (!req_nbytes) - return 0; - - gpgrt_lock_lock (&daemon_lock); - - /* Open the socket if that has not been done. */ - if (!initialized) - { - initialized = 1; - err = connect_to_socket (socketname ? socketname : RANDOM_DAEMON_SOCKET, - &daemon_socket); - if (err) - { - daemon_socket = -1; - log_info ("not using random daemon\n"); - gpgrt_lock_unlock (&daemon_lock); - return err; - } - } - - /* Check that we have a valid socket descriptor. */ - if ( daemon_socket == -1 ) - { - gpgrt_lock_unlock (&daemon_lock); - return gcry_error (GPG_ERR_INTERNAL); - } - - - /* Do the real work. */ - - do - { - /* Process in chunks. */ - nbytes = req_nbytes > sizeof (buf) ? sizeof (buf) : req_nbytes; - req_nbytes -= nbytes; - - /* Construct request. */ - buf[0] = 3; - if (nonce) - buf[1] = 10; - else if (level == GCRY_VERY_STRONG_RANDOM) - buf[1] = 12; - else if (level == GCRY_STRONG_RANDOM) - buf[1] = 11; - buf[2] = nbytes; - - /* Send request. */ - rc = writen (daemon_socket, buf, 3); - if (rc == -1) - { - err = gcry_error_from_errno (errno); - break; - } - - /* Retrieve response. */ - - rc = readn (daemon_socket, buf, 2, &nread); - if (rc == -1) - { - err = gcry_error_from_errno (errno); - log_error ("read error: %s\n", _gcry_strerror (err)); - break; - } - if (nread && buf[0]) - { - log_error ("random daemon returned error code %d\n", buf[0]); - err = gcry_error (GPG_ERR_INTERNAL); /* ? */ - break; - } - if (nread != 2) - { - log_error ("response too small\n"); - err = gcry_error (GPG_ERR_PROTOCOL_VIOLATION); /* ? */ - break; - } - - /* if (1)*/ /* Do this in verbose mode? */ - /* log_info ("received response with %d bytes of data\n", buf[1]);*/ - - if (buf[1] < nbytes) - { - log_error ("error: server returned less bytes than requested\n"); - err = gcry_error (GPG_ERR_PROTOCOL_VIOLATION); /* ? */ - break; - } - else if (buf[1] > nbytes) - { - log_error ("warning: server returned more bytes than requested\n"); - err = gcry_error (GPG_ERR_PROTOCOL_VIOLATION); /* ? */ - break; - } - - assert (nbytes <= sizeof (buf)); - - rc = readn (daemon_socket, buf, nbytes, &nread); - if (rc == -1) - { - err = gcry_error_from_errno (errno); - log_error ("read error: %s\n", _gcry_strerror (err)); - break; - } - - if (nread != nbytes) - { - log_error ("too little random data read\n"); - err = gcry_error (GPG_ERR_INTERNAL); - break; - } - - /* Successfuly read another chunk of data. */ - memcpy (buffer, buf, nbytes); - buffer = ((char *) buffer) + nbytes; - } - while (req_nbytes); - - gpgrt_lock_unlock (&daemon_lock); - - return err; -} - -/* Internal function to fill BUFFER with LENGTH bytes of random. We - support GCRY_STRONG_RANDOM and GCRY_VERY_STRONG_RANDOM here. - Return 0 on success. */ -int -_gcry_daemon_randomize (const char *socketname, - void *buffer, size_t length, - enum gcry_random_level level) -{ - gcry_error_t err; - - err = call_daemon (socketname, buffer, length, 0, level); - - return err ? -1 : 0; -} - -/* END */ diff --git a/random/random.h b/random/random.h --- a/random/random.h +++ b/random/random.h @@ -35,8 +35,6 @@ void _gcry_secure_random_alloc(void); void _gcry_enable_quick_random_gen (void); int _gcry_random_is_faked(void); -void _gcry_set_random_daemon_socket (const char *socketname); -int _gcry_use_random_daemon (int onoff); void _gcry_set_random_seed_file (const char *name); void _gcry_update_random_seed_file (void); diff --git a/random/random.c b/random/random.c --- a/random/random.c +++ b/random/random.c @@ -307,28 +307,6 @@ } -void -_gcry_set_random_daemon_socket (const char *socketname) -{ - if (fips_mode ()) - ; /* Not used. */ - else - _gcry_rngcsprng_set_daemon_socket (socketname); -} - -/* With ONOFF set to 1, enable the use of the daemon. With ONOFF set - to 0, disable the use of the daemon. With ONOF set to -1, return - whether the daemon has been enabled. */ -int -_gcry_use_random_daemon (int onoff) -{ - if (fips_mode ()) - return 0; /* Never enabled in fips mode. */ - else - return _gcry_rngcsprng_use_daemon (onoff); -} - - /* This function returns true if no real RNG is available or the quality of the RNG has been degraded for test purposes. */ int diff --git a/src/global.c b/src/global.c --- a/src/global.c +++ b/src/global.c @@ -664,16 +664,11 @@ break; case GCRYCTL_SET_RANDOM_DAEMON_SOCKET: - _gcry_set_preferred_rng_type (0); - _gcry_set_random_daemon_socket (va_arg (arg_ptr, const char *)); + rc = GPG_ERR_NOT_SUPPORTED; break; case GCRYCTL_USE_RANDOM_DAEMON: - /* We need to do make sure that the random pool is really - initialized so that the poll function is not a NOP. */ - _gcry_set_preferred_rng_type (0); - _gcry_random_initialize (1); - _gcry_use_random_daemon (!! va_arg (arg_ptr, int)); + rc = GPG_ERR_NOT_SUPPORTED; break; case GCRYCTL_CLOSE_RANDOM_DEVICE: diff --git a/tests/benchmark.c b/tests/benchmark.c --- a/tests/benchmark.c +++ b/tests/benchmark.c @@ -1759,7 +1759,6 @@ { int last_argc = -1; int no_blinding = 0; - int use_random_daemon = 0; int use_secmem = 0; int pk_count = 100; @@ -1805,11 +1804,6 @@ debug++; argc--; argv++; } - else if (!strcmp (*argv, "--use-random-daemon")) - { - use_random_daemon = 1; - argc--; argv++; - } else if (!strcmp (*argv, "--use-secmem")) { use_secmem = 1; @@ -1941,9 +1935,6 @@ else if (!use_secmem) xgcry_control ((GCRYCTL_DISABLE_SECMEM, 0)); - if (use_random_daemon) - xgcry_control ((GCRYCTL_USE_RANDOM_DAEMON, 1)); - if (with_progress) gcry_set_progress_handler (progress_cb, NULL);