summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog4
-rw-r--r--NEWS5
-rw-r--r--cipher/ChangeLog9
-rw-r--r--cipher/random.c65
-rw-r--r--cipher/random.h2
-rw-r--r--configure.ac4
-rw-r--r--libgcrypt.txt10
-rw-r--r--src/ChangeLog8
-rw-r--r--src/gcrypt.h12
-rw-r--r--src/global.c11
10 files changed, 94 insertions, 36 deletions
diff --git a/ChangeLog b/ChangeLog
index d93e91c5..1d03310a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2004-04-21 Werner Koch <wk@gnupg.org>
+
+ * configure.ac: Don't print a warning if GNU make was not found.
+
2004-05-07 Moritz Schulte <moritz@g10code.de>
* THANKS: Updated.
diff --git a/NEWS b/NEWS
index 18fb64b9..35f958a4 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,11 @@
Noteworthy changes in version 1.3.0 (unreleased)
------------------------------------------------
+ * Changed the way the RNG gets initialized. This allows to keep it
+ uninitialized as long as no random numbers are used. To override
+ this, the new macro gcry_fast_random_poll may be used. It is in
+ general a good idea to spreard this macro into the application code
+ to make sure that these polls happen often enough.
Noteworthy changes in version 1.2.0 (2004-04-15)
diff --git a/cipher/ChangeLog b/cipher/ChangeLog
index 060b4974..41ed5c2a 100644
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@@ -1,3 +1,12 @@
+2004-05-07 Werner Koch <wk@gnupg.org>
+
+ * random.c (initialize): Factored out some code to ..
+ (initialize_basics): .. new function.
+ (_gcry_random_initialize): Just call initialize_basics unless the
+ new arg FULL is set to TRUE.
+ (_gcry_fast_random_poll): Don't do anything unless the random
+ system has been really initialized.
+
2004-05-07 Moritz Schulte <moritz@g10code.de>
* ac.c (gcry_ac_open): Do not dereference NULL pointer. Reported
diff --git a/cipher/random.c b/cipher/random.c
index e0d04a47..9e2878bf 100644
--- a/cipher/random.c
+++ b/cipher/random.c
@@ -1,5 +1,6 @@
/* random.c - random number generator
- * Copyright (C) 1998, 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 2000, 2001, 2002, 2003,
+ * 2004 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
@@ -135,22 +136,33 @@ static void *progress_cb_data;
/* Note, we assume that this function is used before any concurrent
access happens. */
static void
-initialize(void)
+initialize_basics(void)
{
+ static int initialized;
int err;
- err = ath_mutex_init (&pool_lock);
- if (err)
- log_fatal ("failed to create the pool lock: %s\n", strerror (err) );
+ if (!initialized)
+ {
+ initialized = 1;
+ err = ath_mutex_init (&pool_lock);
+ if (err)
+ log_fatal ("failed to create the pool lock: %s\n", strerror (err) );
+
+ err = ath_mutex_init (&nonce_buffer_lock);
+ if (err)
+ log_fatal ("failed to create the nonce buffer lock: %s\n",
+ strerror (err) );
+ }
+}
- err = ath_mutex_init (&nonce_buffer_lock);
- if (err)
- log_fatal ("failed to create the nonce buffer lock: %s\n",
- strerror (err) );
-
+
+static void
+initialize(void)
+{
+ initialize_basics ();
/* The data buffer is allocated somewhat larger, so that we can use
- this extra space (which is allocated in secure memory) as a
- temporary hash buffer */
+ this extra space (which is allocated in secure memory) as a
+ temporary hash buffer */
rndpool = secure_alloc ? gcry_xcalloc_secure(1,POOLSIZE+BLOCKLEN)
: gcry_xcalloc(1,POOLSIZE+BLOCKLEN);
keypool = secure_alloc ? gcry_xcalloc_secure(1,POOLSIZE+BLOCKLEN)
@@ -180,14 +192,16 @@ _gcry_random_progress (const char *what, int printchar, int current, int total)
}
-/* Initialize this random subsystem. This function merely calls the
- initialize and does not do anything more. Doing this is not really
- required but when running in a threaded environment we might get a
- race condition otherwise. */
+/* Initialize this random subsystem. If FULL is false, this function
+ merely calls the initialize and does not do anything more. Doing
+ this is not really required but when running in a threaded
+ environment we might get a race condition otherwise. */
void
-_gcry_random_initialize ()
+_gcry_random_initialize (int full)
{
- if (!is_initialized)
+ if (!full)
+ initialize_basics ();
+ else if (!is_initialized)
initialize ();
}
@@ -974,20 +988,19 @@ do_fast_random_poll (void)
/* The fast random pool function as called at some places in
libgcrypt. This is merely a wrapper to make sure that this module
- is initalized and to look the pool. */
+ is initalized and to look the pool. Note, that this function is a
+ NOP unless a random function has been used or _gcry_initialize (1)
+ has been used. We use this hack so that the internal use of this
+ function in cipher_open and md_open won't start filling up the
+ radnom pool, even if no random will be required by the process. */
void
_gcry_fast_random_poll (void)
{
int err;
- /* We have to make sure that the intialization is done because this
- gatherer might be called before any other functions and it is not
- sufficient to initialize it within do_fast_random_pool because we
- want to use the mutex here. FIXME: Whe should initialize the
- mutex using a global constructor independent from the
- initialization of the pool. */
if (!is_initialized)
- initialize ();
+ return;
+
err = ath_mutex_lock (&pool_lock);
if (err)
log_fatal ("failed to acquire the pool lock: %s\n", strerror (err));
diff --git a/cipher/random.h b/cipher/random.h
index 5d0f8bfc..29076b98 100644
--- a/cipher/random.h
+++ b/cipher/random.h
@@ -22,7 +22,7 @@
#include "types.h"
-void _gcry_random_initialize (void);
+void _gcry_random_initialize (int full);
void _gcry_register_random_progress (void (*cb)(void *,const char*,int,int,int),
void *cb_data );
void _gcry_random_dump_stats(void);
diff --git a/configure.ac b/configure.ac
index 3fb3f829..42724c46 100644
--- a/configure.ac
+++ b/configure.ac
@@ -600,7 +600,9 @@ fi
AM_CONDITIONAL(CROSS_COMPILING, test x$cross_compiling = xyes)
-GNUPG_CHECK_GNUMAKE
+# We don't check for GNU make anymore - automake should not have the
+# old flaws anymore.
+#GNUPG_CHECK_GNUMAKE
AC_ARG_ENABLE(gcc-warnings,
AC_HELP_STRING([--enable-gcc-warnings],
diff --git a/libgcrypt.txt b/libgcrypt.txt
index 41c051d9..7c09b7e6 100644
--- a/libgcrypt.txt
+++ b/libgcrypt.txt
@@ -35,9 +35,9 @@ random numbers and a lot of supporting functions.
%%license-verified-on: 2001-04-23
-%%maintainer: Werner Koch <libgcrypt@g10code.com>
+%%maintainer: Moritz Schulte <libgcrypt 'at' g10code.com>
-%%updated: 2002-12-23
+%%updated: 2004-04-15
%%keywords: encryption, public key, digital signature, hash, libgcrypt
@@ -54,13 +54,13 @@ random numbers and a lot of supporting functions.
%%doc: Programmer reference in Texinfo, Postscript, HTML included
%%developers: Matthew Skala, Michael Roth, Niklas Hernaeus, Remi
-Guyomarch, Simon Josefsson, Werner Koch <wk@gnupg.org>.
+Guyomarch, Simon Josefsson, Werner Koch, Moritz Schulte.
%%contributors:
%%sponsors:
-%%source-tarball: ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/libgcrypt-1.1.11.tar.gz
+%%source-tarball: ftp://ftp.gnupg.org/gcrypt/libgcrypt/
%%source-info:
@@ -88,7 +88,7 @@ Guyomarch, Simon Josefsson, Werner Koch <wk@gnupg.org>.
%%source-prerequisites:
-%%version: 1.1.11 released 2002-12-21
+%%version: 1.2.0 released 2004-04-15
%%announce-list: <gnupg-announce@gnupg.org>
<gnupg-announce-request@gnupg.org>
diff --git a/src/ChangeLog b/src/ChangeLog
index c8b25966..fef6cb3a 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,11 @@
+2004-05-07 Werner Koch <wk@gnupg.org>
+
+ * gcrypt.h: Added GCRYCTL_FAST_POLL.
+ (gcry_fast_random_poll): New.
+ * global.c (gcry_control) <INITIALIZATION_FINISHED>: Do only basic
+ random subsystem init.
+ (gcry_control) <FAST_POLL>: New.
+
2004-04-22 Marcus Brinkmann <marcus@g10code.de>
* libgcrypt.m4: Quote first argument to AC_DEFUN.
diff --git a/src/gcrypt.h b/src/gcrypt.h
index 49ac53f9..07f0cc01 100644
--- a/src/gcrypt.h
+++ b/src/gcrypt.h
@@ -46,7 +46,7 @@ extern "C" {
autoconf (using the AM_PATH_GCRYPT macro) check that this header
matches the installed library. Note: Do not edit the next line as
configure may fix the string here. */
-#define GCRYPT_VERSION "1.2.0"
+#define GCRYPT_VERSION "1.3.0-cvs"
/* Internal: We can't use the convenience macros for the multi
precision integer functions when building this library. */
@@ -325,7 +325,8 @@ enum gcry_ctl_cmds
GCRYCTL_ENABLE_QUICK_RANDOM = 44,
GCRYCTL_SET_RANDOM_SEED_FILE = 45,
GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46,
- GCRYCTL_SET_THREAD_CBS = 47
+ GCRYCTL_SET_THREAD_CBS = 47,
+ GCRYCTL_FAST_POLL = 48
};
/* Perform various operations defined by CMD. */
@@ -1319,6 +1320,12 @@ void gcry_randomize (unsigned char *buffer, size_t length,
gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length,
int quality);
+/* If random numbers are used in an application, this macro should be
+ called from time to time so that new stuff gets added to the
+ internal pool of the RNG. */
+#define gcry_fast_random_poll() gcry_control (GCRYCTL_FAST_POLL, NULL)
+
+
/* Return NBYTES of allocated random using a random numbers of quality
LEVEL. */
void *gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
@@ -1342,6 +1349,7 @@ void gcry_create_nonce (unsigned char *buffer, size_t length);
+
/* Prime interface. */
/* Mode values passed to a gcry_prime_check_func_t. */
diff --git a/src/global.c b/src/global.c
index 9e7165b2..3dd2c098 100644
--- a/src/global.c
+++ b/src/global.c
@@ -263,7 +263,9 @@ gcry_control (enum gcry_ctl_cmds cmd, ...)
if (! init_finished)
{
global_init ();
- _gcry_random_initialize ();
+ /* Do only a basic ranom initialization, i.e. inti the
+ mutexes. */
+ _gcry_random_initialize (0);
init_finished = 1;
}
break;
@@ -272,6 +274,13 @@ gcry_control (enum gcry_ctl_cmds cmd, ...)
err = ath_install (va_arg (arg_ptr, void *), any_init_done);
break;
+ case GCRYCTL_FAST_POLL:
+ /* We need to do make sure that the random pool is really
+ initialized so that the poll fucntion is not a NOP. */
+ _gcry_random_initialize (1);
+ _gcry_fast_random_poll ();
+ break;
+
default:
err = GPG_ERR_INV_OP;
}