1*4882a593SmuzhiyunFrom 330e8c8352eb0ed3c178ac6e0102403c0a835492 Mon Sep 17 00:00:00 2001 2*4882a593SmuzhiyunFrom: Jason Miller <jason@milr.com> 3*4882a593SmuzhiyunDate: Thu, 5 Jul 2018 20:53:51 -0700 4*4882a593SmuzhiyunSubject: [PATCH] Support urandom inside chroot 5*4882a593Smuzhiyun 6*4882a593SmuzhiyunThis adds a new default entropy function that uses a /dev/urandom stream 7*4882a593Smuzhiyunopened before the chroot. If initializing that fails, it fallsback on 8*4882a593SmuzhiyunHAVEGE only if HAVEGE is supported by the mbedTLS. 9*4882a593Smuzhiyun 10*4882a593SmuzhiyunThis should remove the hard requirement on HAVEGE 11*4882a593Smuzhiyun 12*4882a593Smuzhiyunresolves #326 13*4882a593Smuzhiyunresolves #327 14*4882a593Smuzhiyun 15*4882a593Smuzhiyun[Upstream status: https://github.com/mongrel2/mongrel2/pull/328] 16*4882a593SmuzhiyunSigned-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> 17*4882a593Smuzhiyun--- 18*4882a593Smuzhiyun src/mongrel2.c | 7 ------- 19*4882a593Smuzhiyun src/server.c | 36 +++++++++++++++++++++++------------- 20*4882a593Smuzhiyun 2 files changed, 23 insertions(+), 20 deletions(-) 21*4882a593Smuzhiyun 22*4882a593Smuzhiyundiff --git a/src/mongrel2.c b/src/mongrel2.c 23*4882a593Smuzhiyunindex da632d95..48ece8a5 100644 24*4882a593Smuzhiyun--- a/src/mongrel2.c 25*4882a593Smuzhiyun+++ b/src/mongrel2.c 26*4882a593Smuzhiyun@@ -404,13 +404,6 @@ void taskmain(int argc, char **argv) 27*4882a593Smuzhiyun rc = attempt_chroot_drop(srv); 28*4882a593Smuzhiyun check(rc == 0, "Major failure in chroot/droppriv, aborting."); 29*4882a593Smuzhiyun 30*4882a593Smuzhiyun- // set up rng after chroot 31*4882a593Smuzhiyun- // TODO: once mbedtls is updated, we can move this back into Server_create 32*4882a593Smuzhiyun- if(srv->use_ssl) { 33*4882a593Smuzhiyun- rc = Server_init_rng(srv); 34*4882a593Smuzhiyun- check(rc == 0, "Failed to initialize rng for server %s", bdata(srv->uuid)); 35*4882a593Smuzhiyun- } 36*4882a593Smuzhiyun- 37*4882a593Smuzhiyun final_setup(); 38*4882a593Smuzhiyun 39*4882a593Smuzhiyun taskcreate(tickertask, NULL, TICKER_TASK_STACK); 40*4882a593Smuzhiyundiff --git a/src/server.c b/src/server.c 41*4882a593Smuzhiyunindex 45761db4..e44e199b 100644 42*4882a593Smuzhiyun--- a/src/server.c 43*4882a593Smuzhiyun+++ b/src/server.c 44*4882a593Smuzhiyun@@ -149,35 +149,45 @@ static int Server_load_ciphers(Server *srv, bstring ssl_ciphers_val) 45*4882a593Smuzhiyun return -1; 46*4882a593Smuzhiyun } 47*4882a593Smuzhiyun 48*4882a593Smuzhiyun+static int urandom_entropy_func(void *data, unsigned char *output, size_t len) 49*4882a593Smuzhiyun+{ 50*4882a593Smuzhiyun+ FILE* urandom = (FILE *)data; 51*4882a593Smuzhiyun+ size_t rc = fread(output, 1, len, urandom); 52*4882a593Smuzhiyun+ 53*4882a593Smuzhiyun+ if (rc != len) return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED; 54*4882a593Smuzhiyun+ 55*4882a593Smuzhiyun+ return 0; 56*4882a593Smuzhiyun+} 57*4882a593Smuzhiyun+ 58*4882a593Smuzhiyun int Server_init_rng(Server *srv) 59*4882a593Smuzhiyun { 60*4882a593Smuzhiyun int rc; 61*4882a593Smuzhiyun- unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE]; 62*4882a593Smuzhiyun void *ctx = NULL; 63*4882a593Smuzhiyun 64*4882a593Smuzhiyun- mbedtls_entropy_init( &srv->entropy ); 65*4882a593Smuzhiyun+ FILE *urandom = fopen("/dev/urandom","r"); 66*4882a593Smuzhiyun 67*4882a593Smuzhiyun- // test the entropy source 68*4882a593Smuzhiyun- rc = mbedtls_entropy_func(&srv->entropy, buf, MBEDTLS_ENTROPY_BLOCK_SIZE); 69*4882a593Smuzhiyun- 70*4882a593Smuzhiyun- if(rc == 0) { 71*4882a593Smuzhiyun+ if(urandom != NULL) { 72*4882a593Smuzhiyun ctx = calloc(sizeof(mbedtls_ctr_drbg_context), 1); 73*4882a593Smuzhiyun 74*4882a593Smuzhiyun mbedtls_ctr_drbg_init((mbedtls_ctr_drbg_context *)ctx); 75*4882a593Smuzhiyun rc = mbedtls_ctr_drbg_seed((mbedtls_ctr_drbg_context *)ctx, 76*4882a593Smuzhiyun- mbedtls_entropy_func, &srv->entropy, NULL, 0); 77*4882a593Smuzhiyun+ urandom_entropy_func, urandom, NULL, 0); 78*4882a593Smuzhiyun check(rc == 0, "Init rng failed: ctr_drbg_init returned %d\n", rc); 79*4882a593Smuzhiyun 80*4882a593Smuzhiyun srv->rng_func = mbedtls_ctr_drbg_random; 81*4882a593Smuzhiyun srv->rng_ctx = ctx; 82*4882a593Smuzhiyun } else { 83*4882a593Smuzhiyun- log_warn("entropy source unavailable. falling back to havege rng"); 84*4882a593Smuzhiyun 85*4882a593Smuzhiyun+#if defined(MBEDTLS_HAVEGE_C) 86*4882a593Smuzhiyun+ log_warn("entropy source unavailable. falling back to havege rng"); 87*4882a593Smuzhiyun ctx = calloc(sizeof(mbedtls_havege_state), 1); 88*4882a593Smuzhiyun mbedtls_havege_init((mbedtls_havege_state *)ctx); 89*4882a593Smuzhiyun- 90*4882a593Smuzhiyun srv->rng_func = mbedtls_havege_random; 91*4882a593Smuzhiyun srv->rng_ctx = ctx; 92*4882a593Smuzhiyun+#else 93*4882a593Smuzhiyun+ log_err("Unable to initialize urandom entropy source, and mbedTLS compiled without HAVEGE"); 94*4882a593Smuzhiyun+ goto error; 95*4882a593Smuzhiyun+#endif 96*4882a593Smuzhiyun } 97*4882a593Smuzhiyun 98*4882a593Smuzhiyun return 0; 99*4882a593Smuzhiyun@@ -278,10 +288,10 @@ Server *Server_create(bstring uuid, bstring default_host, 100*4882a593Smuzhiyun 101*4882a593Smuzhiyun // TODO: once mbedtls supports opening urandom early and keeping it open, 102*4882a593Smuzhiyun // put the rng initialization back here (before chroot) 103*4882a593Smuzhiyun- //if(use_ssl) { 104*4882a593Smuzhiyun- // rc = Server_init_rng(srv); 105*4882a593Smuzhiyun- // check(rc == 0, "Failed to initialize rng for server %s", bdata(uuid)); 106*4882a593Smuzhiyun- //} 107*4882a593Smuzhiyun+ if(use_ssl) { 108*4882a593Smuzhiyun+ rc = Server_init_rng(srv); 109*4882a593Smuzhiyun+ check(rc == 0, "Failed to initialize rng for server %s", bdata(uuid)); 110*4882a593Smuzhiyun+ } 111*4882a593Smuzhiyun 112*4882a593Smuzhiyun if(blength(chroot) > 0) { 113*4882a593Smuzhiyun srv->chroot = bstrcpy(chroot); check_mem(srv->chroot); 114