httpd-test-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Doug MacEachern <do...@covalent.net>
Subject Re: cvs commit: httpd-test/flood STATUS
Date Sat, 17 Nov 2001 00:47:10 GMT
On 16 Nov 2001 aaron@apache.org wrote:

>   +    * SEGVs when /tmp/.rnd doesn't exist are bad. Make it configurable
>   +      and at least bomb with a good error message.

you can just seed from memory instead, something like the patch below
(untested).  i had borrowed the code from mod_ssl for another project a
while back to solve the same problem.  probably would be better if
apr_generate_random_bytes() could be used here.

Index: flood/flood_net_ssl.c
===================================================================
RCS file: /home/cvs/httpd-test/flood/flood_net_ssl.c,v
retrieving revision 1.10
diff -u -r1.10 flood_net_ssl.c
--- flood/flood_net_ssl.c	2001/10/10 21:42:07	1.10
+++ flood/flood_net_ssl.c	2001/11/17 00:26:01
@@ -142,6 +142,40 @@
 }
 #endif
 
+/* borrowed from mod_ssl */
+static int ssl_rand_choosenum(int l, int h)
+{
+    int i;
+    char buf[50];
+
+    srand((unsigned int)time(NULL));
+    apr_snprintf(buf, sizeof(buf), "%.0f",
+		 (((double)(rand()%RAND_MAX)/RAND_MAX)*(h-l)));
+    i = atoi(buf)+1;
+    if (i < l) i = l;
+    if (i > h) i = h;
+    return i;
+}
+
+static void load_rand(void)
+{
+    unsigned char stackdata[256];
+    time_t tt;
+    pid_t pid;
+    int l, n;
+
+    tt = time(NULL);
+    l = sizeof(time_t);
+    RAND_seed((unsigned char *)&tt, l);
+
+    pid = (pid_t)getpid();
+    l = sizeof(pid_t);
+    RAND_seed((unsigned char *)&pid, l);
+
+    n = ssl_rand_choosenum(0, sizeof(stackdata)-128-1);
+    RAND_seed(stackdata+n, 128);
+}
+
 apr_status_t ssl_init_socket(apr_pool_t *pool)
 {
 #if APR_HAS_THREADS
@@ -154,7 +188,7 @@
     OpenSSL_add_ssl_algorithms();
     SSL_load_error_strings();
     ERR_load_crypto_strings();
-    RAND_load_file(RANDFILE, -1);
+    load_rand();
 
 #if APR_HAS_THREADS
     numlocks = CRYPTO_num_locks();


Mime
View raw message