-- Leo's gemini proxy
-- Connecting to git.thebackupbox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
repo: urcd action: commit revision: path_from: revision_from: 0974d667e40e3b6bbc50bab2e84dde9643cb1aa4: path_to: revision_to:
commit 0974d667e40e3b6bbc50bab2e84dde9643cb1aa4 Author: root <root@localhost.(none)> Date: Tue Mar 17 19:31:41 2015 +0000 [urc] (security) update: entropy improvement for liburc diff --git a/doc/URC.txt b/doc/URC.txt
--- a/doc/URC.txt +++ b/doc/URC.txt @@ -98,6 +98,15 @@ Advantages: authenticity of a client's messages, nor does the protocol require or allow remote systems to overide or alter the policies on a local URCd. + Entropy - LibURC ships with it's own secure randombytes implementation + that is powered by NaCl's crypto_stream function, providing strong and reliable + entropy, suitable in chroot environments. A nonce and a one time secret key are + derived using the strongest nonblocking available RNG and crypto_hash_sha512 to + generate an arbitrary amount of random data without depleting the system's + entropy pool. Should the onboard RNG ever fail, the LibURC randombytes function + will not. the implementation has a secure failover using variable information + from the system clock and other status information. + URCLINE: A URCLINE is similar to a line of IRC. These lines are wrapped and diff --git a/src/liburc.h b/src/liburc.h
--- a/src/liburc.h +++ b/src/liburc.h @@ -6,6 +6,7 @@ #include <sys/types.h> #include <sys/time.h> #include <strings.h> +#include <string.h> #include <unistd.h> #include <stdlib.h> #include <fcntl.h> @@ -27,8 +28,10 @@ #define IRC_MTU 512 int devurandomfd = -1; +int procstatusfd = -1; int urc_jail(char *path) { + if (procstatusfd == -1) procstatusfd = open("/proc/self/status",O_RDONLY); if (devurandomfd == -1) devurandomfd = open("/dev/arandom",O_RDONLY); if (devurandomfd == -1) devurandomfd = open("/dev/urandom",O_RDONLY); struct passwd *urcd = getpwnam("urcd"); @@ -42,18 +45,23 @@ int urc_jail(char *path) { return 0; } -/* security: strong entropy not guaranteed without devurandomfd open */ void randombytes(unsigned char *d, int dlen) { unsigned char *b = malloc(64 * sizeof(unsigned char)); - unsigned char a[64]; + static unsigned char buff[1024]; + static unsigned char a[64]; unsigned char c[64]; static struct timeval now; static int i; + if (procstatusfd == -1) procstatusfd = open("/proc/self/status",O_RDONLY); if (devurandomfd == -1) devurandomfd = open("/dev/arandom",O_RDONLY); if (devurandomfd == -1) devurandomfd = open("/dev/urandom",O_RDONLY); if ((devurandomfd == -1) || (read(devurandomfd,a,64) != 64)) { + if (procstatusfd != -1) { + lseek(procstatusfd,0,SEEK_SET); + if (read(procstatusfd,buff,1024) > 0) crypto_hash_sha512(a,buff,1024); + } for (i=0;i<64;++i) { - gettimeofday(&now,'\x00'); srand(now.tv_usec); a[i] = 255 & rand(); + gettimeofday(&now,'\x00'); srand(now.tv_usec); a[i]^= (rand() & 255); if (b) a[i] ^= b[i]; a[i] ^= c[i]; }
-----END OF PAGE-----
-- Response ended
-- Page fetched on Sun Jun 2 18:19:10 2024