2
0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00

1564. [func] Attempt to provide a fallback entropy source to be

used if named is running chrooted and named is unable
                        to open entropy source within the chroot area.
                        [RT #10133]
This commit is contained in:
Mark Andrews 2004-01-27 02:13:22 +00:00
parent b3d3e57841
commit f8dfdef682
4 changed files with 53 additions and 3 deletions

View File

@ -1,3 +1,8 @@
1564. [func] Attempt to provide a fallback entropy source to be
used if named is running chrooted and named is unable
to open entropy source within the chroot area.
[RT #10133]
1563. [bug] Gracefully fail when unable to obtain neither an IPv4
nor an IPv6 dispatch. [RT #10230]

View File

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: globals.h,v 1.62 2003/07/25 02:22:23 marka Exp $ */
/* $Id: globals.h,v 1.63 2004/01/27 02:13:22 marka Exp $ */
#ifndef NAMED_GLOBALS_H
#define NAMED_GLOBALS_H 1
@ -45,6 +45,8 @@ EXTERN unsigned int ns_g_cpus INIT(0);
EXTERN isc_taskmgr_t * ns_g_taskmgr INIT(NULL);
EXTERN dns_dispatchmgr_t * ns_g_dispatchmgr INIT(NULL);
EXTERN isc_entropy_t * ns_g_entropy INIT(NULL);
EXTERN isc_entropy_t * ns_g_fallbackentropy INIT(NULL);
/*
* XXXRTH We're going to want multiple timer managers eventually. One
* for really short timers, another for client timers, and one

View File

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: main.c,v 1.133 2004/01/07 06:17:04 marka Exp $ */
/* $Id: main.c,v 1.134 2004/01/27 02:13:22 marka Exp $ */
#include <config.h>
@ -511,6 +511,9 @@ destroy_managers(void) {
ns_lwresd_shutdown();
isc_entropy_detach(&ns_g_entropy);
if (ns_g_fallbackentropy != NULL)
isc_entropy_detach(&ns_g_fallbackentropy);
/*
* isc_taskmgr_destroy() will block until all tasks have exited,
*/
@ -544,6 +547,29 @@ setup(void) {
ns_os_opendevnull();
#ifdef PATH_RANDOMDEV
/*
* Initialize system's random device as fallback entropy source
* if running chroot'ed.
*/
if (ns_g_chrootdir != NULL) {
result = isc_entropy_create(ns_g_mctx, &ns_g_fallbackentropy);
if (result != ISC_R_SUCCESS)
ns_main_earlyfatal("isc_entropy_create() failed: %s",
isc_result_totext(result));
result = isc_entropy_createfilesource(ns_g_fallbackentropy,
PATH_RANDOMDEV);
if (result != ISC_R_SUCCESS) {
ns_main_earlywarning("could not open pre-chroot "
"entropy source %s: %s",
PATH_RANDOMDEV,
isc_result_totext(result));
isc_entropy_detach(&ns_g_fallbackentropy);
}
}
#endif
ns_os_chroot(ns_g_chrootdir);
/*

View File

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: server.c,v 1.410 2004/01/27 01:19:41 marka Exp $ */
/* $Id: server.c,v 1.411 2004/01/27 02:13:22 marka Exp $ */
#include <config.h>
@ -2358,6 +2358,23 @@ load_configuration(const char *filename, ns_server_t *server,
"%s: %s",
randomdev,
isc_result_totext(result));
#ifdef PATH_RANDOMDEV
if (ns_g_fallbackentropy != NULL) {
if (result != ISC_R_SUCCESS) {
isc_log_write(ns_g_lctx,
NS_LOGCATEGORY_GENERAL,
NS_LOGMODULE_SERVER,
ISC_LOG_INFO,
"using pre-chroot entropy source "
"%s",
PATH_RANDOMDEV);
isc_entropy_detach(&ns_g_entropy);
isc_entropy_attach(ns_g_fallbackentropy,
&ns_g_entropy);
}
isc_entropy_detach(&ns_g_fallbackentropy);
}
#endif
}
}