gemini://git.thebackupbox.net/urcd/commit/0974d667e40e3b6bbc50bab2e84dde9643cb1aa4

-- Leo's gemini proxy

-- Connecting to git.thebackupbox.net:1965...

-- Connected

-- Sending request

-- Meta line: 20 text/gemini

repo: urcd
action: commit
revision:
path_from:
revision_from: 0974d667e40e3b6bbc50bab2e84dde9643cb1aa4:
path_to:
revision_to:

git.thebackupbox.net

urcd

git://git.thebackupbox.net/urcd

commit 0974d667e40e3b6bbc50bab2e84dde9643cb1aa4
Author: root <root@localhost.(none)>
Date:   Tue Mar 17 19:31:41 2015 +0000

    [urc] (security) update: entropy improvement for liburc

diff --git a/doc/URC.txt b/doc/URC.txt

index 31a389c21a7dd115a8ccc80381588886fe7e9766..

index ..f0a4eeb1dbe03a4601da4457cea093ec525425f2 100644

--- a/doc/URC.txt
+++ b/doc/URC.txt
@@ -98,6 +98,15 @@ Advantages:
  authenticity of a client's messages, nor does the protocol require or
  allow remote systems to overide or alter the policies on a local URCd.

+ Entropy - LibURC ships with it's own secure randombytes implementation
+ that is powered by NaCl's crypto_stream function, providing strong and reliable
+ entropy, suitable in chroot environments. A nonce and a one time secret key are
+ derived using the strongest nonblocking available RNG and crypto_hash_sha512 to
+ generate an arbitrary amount of random data without depleting the system's
+ entropy pool. Should the onboard RNG ever fail, the LibURC randombytes function
+ will not. the implementation has a secure failover using variable information
+ from the system clock and other status information.
+

 URCLINE:
 A URCLINE is similar to a line of IRC. These lines are wrapped and
diff --git a/src/liburc.h b/src/liburc.h

index faf3c7f2e8f99fd440499e025c3005d466c35647..

index ..9ffec4d8c3ee7976249bcc31a2bad73b76d484e8 100644

--- a/src/liburc.h
+++ b/src/liburc.h
@@ -6,6 +6,7 @@
 #include <sys/types.h>
 #include <sys/time.h>
 #include <strings.h>
+#include <string.h>
 #include <unistd.h>
 #include <stdlib.h>
 #include <fcntl.h>
@@ -27,8 +28,10 @@
 #define IRC_MTU 512

 int devurandomfd = -1;
+int procstatusfd = -1;

 int urc_jail(char *path) {
+ if (procstatusfd == -1) procstatusfd = open("/proc/self/status",O_RDONLY);
  if (devurandomfd == -1) devurandomfd = open("/dev/arandom",O_RDONLY);
  if (devurandomfd == -1) devurandomfd = open("/dev/urandom",O_RDONLY);
  struct passwd *urcd = getpwnam("urcd");
@@ -42,18 +45,23 @@ int urc_jail(char *path) {
  return 0;
 }

-/* security: strong entropy not guaranteed without devurandomfd open */
 void randombytes(unsigned char *d, int dlen) {
  unsigned char *b = malloc(64 * sizeof(unsigned char));
- unsigned char a[64];
+ static unsigned char buff[1024];
+ static unsigned char a[64];
  unsigned char c[64];
  static struct timeval now;
  static int i;
+ if  (procstatusfd == -1) procstatusfd = open("/proc/self/status",O_RDONLY);
  if  (devurandomfd == -1) devurandomfd = open("/dev/arandom",O_RDONLY);
  if  (devurandomfd == -1) devurandomfd = open("/dev/urandom",O_RDONLY);
  if ((devurandomfd == -1) || (read(devurandomfd,a,64) != 64)) {
+  if (procstatusfd != -1) {
+   lseek(procstatusfd,0,SEEK_SET);
+   if (read(procstatusfd,buff,1024) > 0) crypto_hash_sha512(a,buff,1024);
+  }
   for (i=0;i<64;++i) {
-   gettimeofday(&now,'\x00'); srand(now.tv_usec); a[i] = 255 & rand();
+   gettimeofday(&now,'\x00'); srand(now.tv_usec); a[i]^= (rand() & 255);
    if (b) a[i] ^= b[i];
    a[i] ^= c[i];
   }

-----END OF PAGE-----

-- Response ended

-- Page fetched on Sun Jun 2 18:19:10 2024