Solaris /dev/random
E. Larry Lidz
ellidz at eridu.uchicago.edu
Fri Aug 6 11:11:42 CEST 1999
Has anyone gotten GPG to work with the /dev/random that's installed
under Solaris with SUNWski? (Part of Easy Access 3.0)
I've done the following patch which seems to get GPG to find and accept
the /dev/random, but I've got doubts about whether it's sufficient
cryptographically to make it safe to run GPG under Solaris as I don't
really know too much about the cryptographic elements of the code.
One issue is that there's only a /dev/random, no /dev/urandom, so I've
pointed them both to /dev/random.
The code seems to work and sign/encrypt/decrypt things, I'm just unsure
of the safety of using it.
diff -r -c gnupg-0.9.9/cipher/rndlinux.c gnupg-0.9.9_solarisrnd/cipher/rndlinux.c
*** gnupg-0.9.9/cipher/rndlinux.c Tue Jun 1 09:08:46 1999
--- gnupg-0.9.9_solarisrnd/cipher/rndlinux.c Wed Aug 4 17:35:09 1999
***************
*** 83,90 ****
g10_log_fatal("can't open %s: %s\n", name, strerror(errno) );
if( fstat( fd, &sb ) )
g10_log_fatal("stat() off %s failed: %s\n", name, strerror(errno) );
! if( !S_ISCHR(sb.st_mode) )
! g10_log_fatal("invalid random device!\n" );
return fd;
}
--- 83,90 ----
g10_log_fatal("can't open %s: %s\n", name, strerror(errno) );
if( fstat( fd, &sb ) )
g10_log_fatal("stat() off %s failed: %s\n", name, strerror(errno) );
! /* if( !S_ISCHR(sb.st_mode) )
! g10_log_fatal("invalid random device!\n" ); */
return fd;
}
diff -r -c gnupg-0.9.9/configure gnupg-0.9.9_solarisrnd/configure
*** gnupg-0.9.9/configure Fri Jul 23 04:57:31 1999
--- gnupg-0.9.9_solarisrnd/configure Wed Aug 4 17:02:29 1999
***************
*** 2531,2536 ****
--- 2531,2541 ----
NAME_OF_DEV_URANDOM="/dev/urandom"
DYNLINK_MOD_CFLAGS="-shared -rdynamic -fpic -Wl,-Bshareable -Wl,-x"
;;
+ *-solaris*)
+ NAME_OF_DEV_RANDOM="/dev/random"
+ NAME_OF_DEV_URANDOM="/dev/random"
+ DYNLINK_MOD_CFLAGS="-shared $CFLAGS_PIC"
+ ;;
*)
NAME_OF_DEV_RANDOM="/dev/random"
NAME_OF_DEV_URANDOM="/dev/urandom"
***************
*** 6343,6349 ****
if eval "test \"`echo '$''{'ac_cv_have_dev_random'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
! if test -c "$NAME_OF_DEV_RANDOM" && test -c "$NAME_OF_DEV_URANDOM" ; then
ac_cv_have_dev_random=yes; else ac_cv_have_dev_random=no; fi
fi
--- 6348,6354 ----
if eval "test \"`echo '$''{'ac_cv_have_dev_random'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
! if test -r "$NAME_OF_DEV_RANDOM" && test -r "$NAME_OF_DEV_URANDOM" ; then
ac_cv_have_dev_random=yes; else ac_cv_have_dev_random=no; fi
fi
diff -r -c gnupg-0.9.9/configure.in gnupg-0.9.9_solarisrnd/configure.in
*** gnupg-0.9.9/configure.in Fri Jul 23 07:02:48 1999
--- gnupg-0.9.9_solarisrnd/configure.in Wed Aug 4 16:47:24 1999
***************
*** 252,257 ****
--- 252,262 ----
NAME_OF_DEV_URANDOM="/dev/urandom"
DYNLINK_MOD_CFLAGS="-shared -rdynamic -fpic -Wl,-Bshareable -Wl,-x"
;;
+ *-solaris*)
+ NAME_OF_DEV_RANDOM="/dev/random"
+ NAME_OF_DEV_URANDOM="/dev/random"
+ DYNLINK_MOD_CFLAGS="-shared $CFLAGS_PIC"
+ ;;
*)
NAME_OF_DEV_RANDOM="/dev/random"
NAME_OF_DEV_URANDOM="/dev/urandom"
***************
*** 428,434 ****
dnl
if test "$try_dev_random" = yes ; then
AC_CACHE_CHECK(for random device, ac_cv_have_dev_random,
! [if test -c "$NAME_OF_DEV_RANDOM" && test -c "$NAME_OF_DEV_URANDOM" ; then
ac_cv_have_dev_random=yes; else ac_cv_have_dev_random=no; fi])
if test "$ac_cv_have_dev_random" = yes; then
AC_DEFINE(HAVE_DEV_RANDOM)
--- 433,439 ----
dnl
if test "$try_dev_random" = yes ; then
AC_CACHE_CHECK(for random device, ac_cv_have_dev_random,
! [if test -f "$NAME_OF_DEV_RANDOM" && test -f "$NAME_OF_DEV_URANDOM" ; then
ac_cv_have_dev_random=yes; else ac_cv_have_dev_random=no; fi])
if test "$ac_cv_have_dev_random" = yes; then
AC_DEFINE(HAVE_DEV_RANDOM)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 236 bytes
Desc: not available
Url : /pipermail/attachments/19990806/d88c880d/attachment.bin
More information about the Gnupg-devel
mailing list