dovecot-2.2: lib: rand - force reseeding with known seed from en...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.2/rev/fe0c69112049
changeset: 17534:fe0c69112049
user:      Phil Carmody <phil at dovecot.fi>
date:      Fri Jun 27 16:20:25 2014 +0300
description:
lib: rand - force reseeding with known seed from environment
Use DOVECOT_SRAND=12345 as an environmental variable to force seeding
to that number.

The logic behind the logging is that the subsequent calls will almost
certainly be from random_fill_weak() which expects to have been seeded
from a CSPRNG - not a constant! Having this environmental variable set
in a production system that expects CSPRNG seeding should be flagging
diagnostics.

Signed-off-by: Phil Carmody <phil at dovecot.fi>

diffstat:

 src/lib/rand.c |  11 ++++++++++-
 1 files changed, 10 insertions(+), 1 deletions(-)

diffs (27 lines):

diff -r 9fd5c57fa49b -r fe0c69112049 src/lib/rand.c
--- a/src/lib/rand.c	Fri Jun 27 16:17:50 2014 +0300
+++ b/src/lib/rand.c	Fri Jun 27 16:20:25 2014 +0300
@@ -7,6 +7,7 @@
 
 static int seeded = 0;
 static unsigned int seed;
+static char const *env_seed;
 
 int rand_get_seed_count(void)
 {
@@ -19,6 +20,14 @@
 }
 void rand_set_seed(unsigned int s)
 {
+	if (seeded == 0) {
+		env_seed = getenv("DOVECOT_SRAND");
+		if (env_seed != NULL)
+			seed = strtoul(env_seed, NULL, 0);
+	}
 	seeded++;
-	srand(seed = s);
+	if (env_seed == NULL)
+		seed = s;
+
+	srand(seed);
 }