[openssh] use /dev/random or /dev/urandom for seeding prng improve periodical reseeding of random generator
Jan F. Chadima
jfch2222 at fedoraproject.org
Tue Mar 22 21:05:42 UTC 2011
commit 39c7b05d62535e6dfda024f361d427227bc16002
Author: Jan F <jfch at kerberos.example.com>
Date: Tue Mar 22 22:05:18 2011 +0100
use /dev/random or /dev/urandom for seeding prng
improve periodical reseeding of random generator
openssh-5.8p1-reseed.patch | 3 ++-
openssh.spec | 5 +++--
2 files changed, 5 insertions(+), 3 deletions(-)
---
diff --git a/openssh-5.8p1-reseed.patch b/openssh-5.8p1-reseed.patch
index 8827fce..bfaa3c7 100644
--- a/openssh-5.8p1-reseed.patch
+++ b/openssh-5.8p1-reseed.patch
@@ -28,7 +28,7 @@ diff -up openssh-5.8p1/sshd.c.reseed openssh-5.8p1/sshd.c
}
static void
-@@ -1277,6 +1285,12 @@ server_accept_loop(int *sock_in, int *so
+@@ -1277,6 +1285,13 @@ server_accept_loop(int *sock_in, int *so
* the child process the connection. The
* parent continues listening.
*/
@@ -36,6 +36,7 @@ diff -up openssh-5.8p1/sshd.c.reseed openssh-5.8p1/sshd.c
+ seed_rng();
+ logit("random reseeded");
+ need_reseed = 0;
++ signal(SIGALRM, key_regeneration_alarm);
+ alarm(options.key_regeneration_time);
+ }
platform_pre_fork();
diff --git a/openssh.spec b/openssh.spec
index 2f6cf62..9ab3479 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -71,7 +71,7 @@
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
%define openssh_ver 5.8p1
-%define openssh_rel 19
+%define openssh_rel 20
%define pam_ssh_agent_ver 0.9.2
%define pam_ssh_agent_rel 30
@@ -669,8 +669,9 @@ fi
%endif
%changelog
-* Tue Mar 22 2011 Jan F. Chadima <jchadima at redhat.com> - 5.8p1-19 + 0.9.2-30
+* Tue Mar 22 2011 Jan F. Chadima <jchadima at redhat.com> - 5.8p1-20 + 0.9.2-30
- use /dev/random or /dev/urandom for seeding prng
+- improve periodical reseeding of random generator
* Thu Mar 17 2011 Jan F. Chadima <jchadima at redhat.com> - 5.8p1-18 + 0.9.2-30
- add periodical reseeding of random generator
More information about the scm-commits
mailing list