summaryrefslogtreecommitdiff
path: root/debian/patches
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches')
-rw-r--r--debian/patches/random0001-xxx-standalone-random-translator.patch3254
-rw-r--r--debian/patches/series1
2 files changed, 0 insertions, 3255 deletions
diff --git a/debian/patches/random0001-xxx-standalone-random-translator.patch b/debian/patches/random0001-xxx-standalone-random-translator.patch
deleted file mode 100644
index e3417277..00000000
--- a/debian/patches/random0001-xxx-standalone-random-translator.patch
+++ /dev/null
@@ -1,3254 +0,0 @@
-From c12e4a9db255f2d7eaf86abae4f8dea0d4bb76ab Mon Sep 17 00:00:00 2001
-From: Justus Winter <4winter@informatik.uni-hamburg.de>
-Date: Thu, 12 Nov 2015 22:16:49 +0100
-Subject: [PATCH hurd] xxx standalone random translator
-
----
- Makefile | 1 -
- random/Makefile | 30 --
- random/TODO | 11 -
- random/gnupg-bithelp.h | 41 ---
- random/gnupg-glue.h | 40 ---
- random/gnupg-random.c | 810 -------------------------------------------------
- random/gnupg-random.h | 47 ---
- random/gnupg-rmd.h | 38 ---
- random/gnupg-rmd160.c | 656 ---------------------------------------
- random/random.c | 650 ---------------------------------------
- random/random.h | 32 --
- sutils/MAKEDEV.sh | 6 +-
- trans/Makefile | 7 +-
- trans/random.c | 722 +++++++++++++++++++++++++++++++++++++++++++
- 14 files changed, 731 insertions(+), 2360 deletions(-)
- delete mode 100644 random/Makefile
- delete mode 100644 random/TODO
- delete mode 100644 random/gnupg-bithelp.h
- delete mode 100644 random/gnupg-glue.h
- delete mode 100644 random/gnupg-random.c
- delete mode 100644 random/gnupg-random.h
- delete mode 100644 random/gnupg-rmd.h
- delete mode 100644 random/gnupg-rmd160.c
- delete mode 100644 random/random.c
- delete mode 100644 random/random.h
- create mode 100644 trans/random.c
-
-diff --git a/Makefile b/Makefile
-index 3178740..6544cd2 100644
---- a/Makefile
-+++ b/Makefile
-@@ -38,7 +38,6 @@ prog-subdirs = auth proc exec term \
- hostmux usermux ftpfs trans \
- console-client utils sutils \
- benchmarks fstests \
-- random \
- procfs \
- startup \
- init \
-diff --git a/random/Makefile b/random/Makefile
-deleted file mode 100644
-index 0949b63..0000000
---- a/random/Makefile
-+++ /dev/null
-@@ -1,30 +0,0 @@
--#
--# Copyright (C) 1994,95,96,97,99,2000,2001 Free Software Foundation, Inc.
--#
--# This program is free software; you can redistribute it and/or
--# modify it under the terms of the GNU General Public License as
--# published by the Free Software Foundation; either version 2, or (at
--# your option) any later version.
--#
--# This program is distributed in the hope that it will be useful, but
--# WITHOUT ANY WARRANTY; without even the implied warranty of
--# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
--# General Public License for more details.
--#
--# You should have received a copy of the GNU General Public License
--# along with this program; if not, write to the Free Software
--# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
--
--dir := random
--makemode := server
--
--CFLAGS += -D__HURD__
--
--target = random
--SRCS = random.c gnupg-random.c gnupg-rmd160.c
--OBJS = $(SRCS:.c=.o) startup_notifyServer.o
--LCLHDRS = gnupg-random.h gnupg-rmd.h gnupg-bithelp.h random.h
--HURDLIBS = trivfs ports fshelp ihash shouldbeinlibc
--OTHERLIBS = -lpthread
--
--include ../Makeconf
-diff --git a/random/TODO b/random/TODO
-deleted file mode 100644
-index 9cc57ab..0000000
---- a/random/TODO
-+++ /dev/null
-@@ -1,11 +0,0 @@
--* read_poll uses random_poll until the pool is filled. This is ian
-- issue at first initialization, as this requries POOLSIZE good random (level 1 from
-- gather_random) even in level 0 and 1.
-- For now, the code is only applied to level 2. Eventually, readable_pool
-- should be fixed to return 0 if initialization is not done yet and not enough bytes
-- are available. Otherwise it enters an infinite loop.
--
--* Permissions?
--
--* Off by one error in gather_random/io_write? I can only get GATHERBUFSIZE - 1
-- bytes from it.
-diff --git a/random/gnupg-bithelp.h b/random/gnupg-bithelp.h
-deleted file mode 100644
-index 188db16..0000000
---- a/random/gnupg-bithelp.h
-+++ /dev/null
-@@ -1,41 +0,0 @@
--/* bithelp.h - Some bit manipulation helpers
-- * Copyright (C) 1999 Free Software Foundation, Inc.
-- *
-- * This file is part of GnuPG.
-- *
-- * GnuPG is free software; you can redistribute it and/or modify
-- * it under the terms of the GNU General Public License as published by
-- * the Free Software Foundation; either version 2 of the License, or
-- * (at your option) any later version.
-- *
-- * GnuPG is distributed in the hope that it will be useful,
-- * but WITHOUT ANY WARRANTY; without even the implied warranty of
-- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- * GNU General Public License for more details.
-- *
-- * You should have received a copy of the GNU General Public License
-- * along with this program; if not, write to the Free Software
-- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
-- */
--#ifndef G10_BITHELP_H
--#define G10_BITHELP_H
--
--
--/****************
-- * Rotate a 32 bit integer by n bytes
-- */
--#if defined(__GNUC__) && defined(__i386__)
--static inline u32
--rol( u32 x, int n)
--{
-- __asm__("roll %%cl,%0"
-- :"=r" (x)
-- :"0" (x),"c" (n));
-- return x;
--}
--#else
-- #define rol(x,n) ( ((x) << (n)) | ((x) >> (32-(n))) )
--#endif
--
--
--#endif /*G10_BITHELP_H*/
-diff --git a/random/gnupg-glue.h b/random/gnupg-glue.h
-deleted file mode 100644
-index cbf0a10..0000000
---- a/random/gnupg-glue.h
-+++ /dev/null
-@@ -1,40 +0,0 @@
--#ifndef __GNUPG_GLUE_H__
--#define __GNUPG_GLUE_H__
--
--#include <sys/types.h>
--#include <random.h>
--
--#define SIZEOF_UNSIGNED_LONG 4
--typedef unsigned int u32;
--typedef unsigned char byte;
--
--/* GnuPG's config.h */
--#define HAVE_GETTIMEOFDAY 1
--#define HAVE_GETRUSAGE 1
--#define HAVE_RAND 1
--
--/* GnuPG's memory.h */
--#define m_alloc malloc
--#define m_alloc_secure malloc
--#define m_alloc_clear(x) calloc(x, 1)
--#define m_alloc_secure_clear(x) calloc(x, 1)
--#define m_free free
--#define m_strdup strdup
--
--/* GnuPG's dynaload.h */
--#define dynload_getfnc_fast_random_poll() (0)
--#define dynload_getfnc_gather_random() &gather_random
--int
--gather_random( void (*add)(const void*, size_t, int), int requester,
-- size_t length, int level );
--
--/* GnuPG's miscellaneous stuff. */
--#define BUG() assert(0)
--#define _(x) x
--#define make_timestamp() time(0)
--#define tty_printf printf
--#define log_info(format, args...) printf(format , ## args)
--#define log_fatal(format, args...) { printf(format , ## args) ; exit(2); }
--#define DIM(v) (sizeof(v)/sizeof((v)[0]))
--
--#endif /* __GNUPG_GLUE_H__ */
-diff --git a/random/gnupg-random.c b/random/gnupg-random.c
-deleted file mode 100644
-index 54ee3c5..0000000
---- a/random/gnupg-random.c
-+++ /dev/null
-@@ -1,810 +0,0 @@
--/* random.c - random number generator
-- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
-- *
-- * This file is part of GnuPG.
-- *
-- * GnuPG is free software; you can redistribute it and/or modify
-- * it under the terms of the GNU General Public License as published by
-- * the Free Software Foundation; either version 2 of the License, or
-- * (at your option) any later version.
-- *
-- * GnuPG is distributed in the hope that it will be useful,
-- * but WITHOUT ANY WARRANTY; without even the implied warranty of
-- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- * GNU General Public License for more details.
-- *
-- * You should have received a copy of the GNU General Public License
-- * along with this program; if not, write to the Free Software
-- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
-- */
--
--
--/****************
-- * This random number generator is modelled after the one described
-- * in Peter Gutmann's Paper: "Software Generation of Practically
-- * Strong Random Numbers".
-- */
--
--#ifndef __HURD__
--#include <config.h>
--#else
--#include "gnupg-glue.h"
--#endif
--#include <stdio.h>
--#include <stdlib.h>
--#include <assert.h>
--#include <errno.h>
--#include <string.h>
--#include <time.h>
--#include <sys/time.h>
--#include <sys/types.h>
--#include <sys/stat.h>
--#include <unistd.h>
--#include <fcntl.h>
--#ifdef HAVE_GETHRTIME
-- #include <sys/times.h>
--#endif
--#ifdef HAVE_GETTIMEOFDAY
-- #include <sys/times.h>
--#endif
--#ifdef HAVE_GETRUSAGE
-- #include <sys/resource.h>
--#endif
--#ifdef __MINGW32__
-- #include <process.h>
--#endif
--#ifndef __HURD__
--#include "util.h"
--#endif
--#ifndef __HURD__
--#include "rmd.h"
--#include "ttyio.h"
--#include "i18n.h"
--#include "random.h"
--#include "rand-internal.h"
--#include "dynload.h"
--#else
--#include "gnupg-rmd.h"
--#include "gnupg-random.h"
--#endif
--
--#ifndef RAND_MAX /* for SunOS */
-- #define RAND_MAX 32767
--#endif
--
--
--#if SIZEOF_UNSIGNED_LONG == 8
-- #define ADD_VALUE 0xa5a5a5a5a5a5a5a5
--#elif SIZEOF_UNSIGNED_LONG == 4
-- #define ADD_VALUE 0xa5a5a5a5
--#else
-- #error weird size for an unsigned long
--#endif
--
--#define BLOCKLEN 64 /* hash this amount of bytes */
--#define DIGESTLEN 20 /* into a digest of this length (rmd160) */
--/* poolblocks is the number of digests which make up the pool
-- * and poolsize must be a multiple of the digest length
-- * to make the AND operations faster, the size should also be
-- * a multiple of ulong
-- */
--#define POOLBLOCKS 30
--#define POOLSIZE (POOLBLOCKS*DIGESTLEN)
--#if (POOLSIZE % SIZEOF_UNSIGNED_LONG)
-- #error Please make sure that poolsize is a multiple of ulong
--#endif
--#define POOLWORDS (POOLSIZE / SIZEOF_UNSIGNED_LONG)
--
--
--static int is_initialized;
--#define MASK_LEVEL(a) do {if( a > 2 ) a = 2; else if( a < 0 ) a = 0; } while(0)
--static char *rndpool; /* allocated size is POOLSIZE+BLOCKLEN */
--static char *keypool; /* allocated size is POOLSIZE+BLOCKLEN */
--static size_t pool_readpos;
--static size_t pool_writepos;
--static int pool_filled;
--static int pool_balance;
--static int just_mixed;
--static int did_initial_extra_seeding;
--static char *seed_file_name;
--static int allow_seed_file_update;
--
--static int secure_alloc;
--static int quick_test;
--static int faked_rng;
--
--
--#ifndef __HURD__
--static void read_pool( byte *buffer, size_t length, int level );
--#else
--int read_pool( byte *buffer, size_t length, int level );
--#endif
--static void add_randomness( const void *buffer, size_t length, int source );
--static void random_poll(void);
--#ifndef __HURD__
--static void read_random_source( int requester, size_t length, int level);
--#else
--static int read_random_source( int requester, size_t length, int level);
--#endif
--static int gather_faked( void (*add)(const void*, size_t, int), int requester,
-- size_t length, int level );
--
--static struct {
-- ulong mixrnd;
-- ulong mixkey;
-- ulong slowpolls;
-- ulong fastpolls;
-- ulong getbytes1;
-- ulong ngetbytes1;
-- ulong getbytes2;
-- ulong ngetbytes2;
-- ulong addbytes;
-- ulong naddbytes;
--} rndstats;
--
--static void
--initialize(void)
--{
-- /* The data buffer is allocated somewhat larger, so that
-- * we can use this extra space (which is allocated in secure memory)
-- * as a temporary hash buffer */
-- rndpool = secure_alloc ? m_alloc_secure_clear(POOLSIZE+BLOCKLEN)
-- : m_alloc_clear(POOLSIZE+BLOCKLEN);
-- keypool = secure_alloc ? m_alloc_secure_clear(POOLSIZE+BLOCKLEN)
-- : m_alloc_clear(POOLSIZE+BLOCKLEN);
-- is_initialized = 1;
--#ifndef __HURD__
-- cipher_modules_constructor();
--#endif
--}
--
--static void
--burn_stack (int bytes)
--{
-- char buf[128];
--
-- memset (buf, 0, sizeof buf);
-- bytes -= sizeof buf;
-- if (bytes > 0)
-- burn_stack (bytes);
--}
--
--void
--random_dump_stats()
--{
-- fprintf(stderr,
-- "random usage: poolsize=%d mixed=%lu polls=%lu/%lu added=%lu/%lu\n"
-- " outmix=%lu getlvl1=%lu/%lu getlvl2=%lu/%lu\n",
-- POOLSIZE, rndstats.mixrnd, rndstats.slowpolls, rndstats.fastpolls,
-- rndstats.naddbytes, rndstats.addbytes,
-- rndstats.mixkey, rndstats.ngetbytes1, rndstats.getbytes1,
-- rndstats.ngetbytes2, rndstats.getbytes2 );
--}
--
--void
--secure_random_alloc()
--{
-- secure_alloc = 1;
--}
--
--
--int
--quick_random_gen( int onoff )
--{
-- int last;
--
-- read_random_source(0,0,0); /* init */
-- last = quick_test;
-- if( onoff != -1 )
-- quick_test = onoff;
-- return faked_rng? 1 : last;
--}
--
--
--/****************
-- * Fill the buffer with LENGTH bytes of cryptographically strong
-- * random bytes. level 0 is not very strong, 1 is strong enough
-- * for most usage, 2 is good for key generation stuff but may be very slow.
-- */
--void
--randomize_buffer( byte *buffer, size_t length, int level )
--{
-- char *p = get_random_bits( length*8, level, 1 );
-- memcpy( buffer, p, length );
-- m_free(p);
--}
--
--
--int
--random_is_faked()
--{
-- if( !is_initialized )
-- initialize();
-- return faked_rng || quick_test;
--}
--
--/****************
-- * Return a pointer to a randomized buffer of level 0 and LENGTH bits
-- * caller must free the buffer.
-- * Note: The returned value is rounded up to bytes.
-- */
--byte *
--get_random_bits( size_t nbits, int level, int secure )
--{
-- byte *buf, *p;
-- size_t nbytes = (nbits+7)/8;
--
-- if( quick_test && level > 1 )
-- level = 1;
-- MASK_LEVEL(level);
-- if( level == 1 ) {
-- rndstats.getbytes1 += nbytes;
-- rndstats.ngetbytes1++;
-- }
-- else if( level >= 2 ) {
-- rndstats.getbytes2 += nbytes;
-- rndstats.ngetbytes2++;
-- }
--
-- buf = secure && secure_alloc ? m_alloc_secure( nbytes ) : m_alloc( nbytes );
-- for( p = buf; nbytes > 0; ) {
-- size_t n = nbytes > POOLSIZE? POOLSIZE : nbytes;
--#ifdef __HURD__
-- n =
--#endif
-- read_pool( p, n, level );
-- nbytes -= n;
-- p += n;
--
-- }
-- return buf;
--}
--
--
--/****************
-- * Mix the pool
-- */
--static void
--mix_pool(byte *pool)
--{
-- char *hashbuf = pool + POOLSIZE;
-- char *p, *pend;
-- int i, n;
-- RMD160_CONTEXT md;
--
-- rmd160_init( &md );
-- #if DIGESTLEN != 20
-- #error must have a digest length of 20 for ripe-md-160
-- #endif
-- /* loop over the pool */
-- pend = pool + POOLSIZE;
-- memcpy(hashbuf, pend - DIGESTLEN, DIGESTLEN );
-- memcpy(hashbuf+DIGESTLEN, pool, BLOCKLEN-DIGESTLEN);
-- rmd160_mixblock( &md, hashbuf);
-- memcpy(pool, hashbuf, 20 );
--
-- p = pool;
-- for( n=1; n < POOLBLOCKS; n++ ) {
-- memcpy(hashbuf, p, DIGESTLEN );
--
-- p += DIGESTLEN;
-- if( p+DIGESTLEN+BLOCKLEN < pend )
-- memcpy(hashbuf+DIGESTLEN, p+DIGESTLEN, BLOCKLEN-DIGESTLEN);
-- else {
-- char *pp = p+DIGESTLEN;
-- for(i=DIGESTLEN; i < BLOCKLEN; i++ ) {
-- if( pp >= pend )
-- pp = pool;
-- hashbuf[i] = *pp++;
-- }
-- }
--
-- rmd160_mixblock( &md, hashbuf);
-- memcpy(p, hashbuf, 20 );
-- }
-- burn_stack (200); /* for the rmd160_mixblock() */
--}
--
--
--void
--set_random_seed_file( const char *name )
--{
-- if( seed_file_name )
-- BUG();
-- seed_file_name = m_strdup( name );
--}
--
--/****************
-- * Read in a seed form the random_seed file
-- * and return true if this was successful
-- */
--static int
--read_seed_file()
--{
-- int fd;
-- struct stat sb;
-- unsigned char buffer[POOLSIZE];
-- int n;
--
-- if( !seed_file_name )
-- return 0;
--
-- #ifdef HAVE_DOSISH_SYSTEM
-- fd = open( seed_file_name, O_RDONLY | O_BINARY );
-- #else
-- fd = open( seed_file_name, O_RDONLY );
-- #endif
-- if( fd == -1 && errno == ENOENT) {
-- allow_seed_file_update = 1;
-- return 0;
-- }
--
-- if( fd == -1 ) {
-- log_info(_("can't open `%s': %s\n"), seed_file_name, strerror(errno) );
-- return 0;
-- }
-- if( fstat( fd, &sb ) ) {
-- log_info(_("can't stat `%s': %s\n"), seed_file_name, strerror(errno) );
-- close(fd);
-- return 0;
-- }
-- if( !S_ISREG(sb.st_mode) ) {
-- log_info(_("`%s' is not a regular file - ignored\n"), seed_file_name );
-- close(fd);
-- return 0;
-- }
-- if( !sb.st_size ) {
-- log_info(_("note: random_seed file is empty\n") );
-- close(fd);
-- allow_seed_file_update = 1;
-- return 0;
-- }
-- if( sb.st_size != POOLSIZE ) {
-- log_info(_("warning: invalid size of random_seed file - not used\n") );
-- close(fd);
-- return 0;
-- }
-- do {
-- n = read( fd, buffer, POOLSIZE );
-- } while( n == -1 && errno == EINTR );
-- if( n != POOLSIZE ) {
-- log_fatal(_("can't read `%s': %s\n"), seed_file_name,strerror(errno) );
-- close(fd);
-- return 0;
-- }
--
-- close(fd);
--
-- add_randomness( buffer, POOLSIZE, 0 );
-- /* add some minor entropy to the pool now (this will also force a mixing) */
-- { pid_t x = getpid();
-- add_randomness( &x, sizeof(x), 0 );
-- }
-- { time_t x = time(NULL);
-- add_randomness( &x, sizeof(x), 0 );
-- }
-- { clock_t x = clock();
-- add_randomness( &x, sizeof(x), 0 );
-- }
-- /* And read a few bytes from our entropy source. By using
-- * a level of 0 this will not block and might not return anything
-- * with some entropy drivers, however the rndlinux driver will use
-- * /dev/urandom and return some stuff - Do not read to much as we
-- * want to be friendly to the scare system entropy resource. */
-- read_random_source( 0, 16, 0 );
--
-- allow_seed_file_update = 1;
-- return 1;
--}
--
--void
--update_random_seed_file()
--{
-- ulong *sp, *dp;
-- int fd, i;
--
-- if( !seed_file_name || !is_initialized || !pool_filled )
-- return;
-- if( !allow_seed_file_update ) {
-- log_info(_("note: random_seed file not updated\n"));
-- return;
-- }
--
--
-- /* copy the entropy pool to a scratch pool and mix both of them */
-- for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
-- i < POOLWORDS; i++, dp++, sp++ ) {
-- *dp = *sp + ADD_VALUE;
-- }
-- mix_pool(rndpool); rndstats.mixrnd++;
-- mix_pool(keypool); rndstats.mixkey++;
--
-- #ifdef HAVE_DOSISH_SYSTEM
-- fd = open( seed_file_name, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY,
-- S_IRUSR|S_IWUSR );
-- #else
-- fd = open( seed_file_name, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR );
-- #endif
-- if( fd == -1 ) {
-- log_info(_("can't create `%s': %s\n"), seed_file_name, strerror(errno) );
-- return;
-- }
-- do {
-- i = write( fd, keypool, POOLSIZE );
-- } while( i == -1 && errno == EINTR );
-- if( i != POOLSIZE ) {
-- log_info(_("can't write `%s': %s\n"), seed_file_name, strerror(errno) );
-- }
-- if( close(fd) )
-- log_info(_("can't close `%s': %s\n"), seed_file_name, strerror(errno) );
--}
--
--#ifdef __HURD__
--int readable_pool( size_t length, int level )
--{
-- size_t needed = 0;
-- size_t my_balance = pool_balance;
-- size_t available = (gatherwpos - gatherrpos + GATHERBUFSIZE) % GATHERBUFSIZE;
--
-- if (length > POOLSIZE)
-- length = POOLSIZE;
--
-- if (level < 2)
-- return length;
--
-- if( !pool_filled ) {
-- if( read_seed_file() )
-- pool_filled = 1;
-- }
--
-- if (!did_initial_extra_seeding)
-- {
-- /* Take account for initial extra seeding. */
-- needed = length;
-- if (needed < POOLSIZE/2)
-- needed = POOLSIZE/2;
-- my_balance = needed;
--
-- if (!pool_filled && pool_writepos + needed < POOLSIZE)
-- {
-- /* If the pool is not filled yet, we couldn't read the seed
-- file. Too bad. We will now have to take account for so many
-- random_poll()s as fit into the remaining pool. */
--
-- needed += (POOLSIZE - pool_writepos + needed + POOLSIZE/5 - 1) / (POOLSIZE/5);
-- }
-- }
-- else
-- {
-- if (!pool_filled)
-- needed += (POOLSIZE - pool_writepos + needed + POOLSIZE/5 - 1) / (POOLSIZE/5);
-- }
--
-- /* NEEDED contains the bytes needed for initialization, MY_BALANCE the resulting
-- available bytes. */
-- if (available < needed)
-- return 0;
-- return available + my_balance - needed;
--}
--#endif
--
--#ifndef __HURD__
--static void
--#else
--int
--#endif
--read_pool( byte *buffer, size_t length, int level )
--{
-- int i;
-- ulong *sp, *dp;
--
-- if( length > POOLSIZE ) {
--#ifndef __HURD__
-- log_fatal(_("too many random bits requested; the limit is %d\n"),
-- POOLSIZE*8-1 );
--#else
-- length = POOLSIZE;
--#endif
-- }
--
-- if( !pool_filled ) {
-- if( read_seed_file() )
-- pool_filled = 1;
-- }
--
-- /* For level 2 quality (key generation) we alwas make
-- * sure that the pool has been seeded enough initially */
-- if( level == 2 && !did_initial_extra_seeding ) {
-- size_t needed;
--
-- pool_balance = 0;
-- needed = length - pool_balance;
-- if( needed < POOLSIZE/2 )
-- needed = POOLSIZE/2;
-- else if( needed > POOLSIZE )
-- BUG();
--#ifdef __HURD__
-- needed =
--#endif
-- read_random_source( 3, needed, 2 );
--#ifdef __HURD__
-- if (! needed)
-- return 0;
-- /* XXX This will succeed with needed < POOLSIZE/2 even. But
-- erroring out will waste the random we already got. */
--#endif
-- pool_balance += needed;
-- did_initial_extra_seeding=1;
-- }
--
-- /* for level 2 make sure that there is enough random in the pool */
-- if( level == 2 && pool_balance < length ) {
-- size_t needed;
--
-- if( pool_balance < 0 )
-- pool_balance = 0;
-- needed = length - pool_balance;
-- if( needed > POOLSIZE )
-- BUG();
--#ifdef __HURD__
-- needed =
--#endif
-- read_random_source( 3, needed, 2 );
-- pool_balance += needed;
-- }
--
--#ifdef __HURD__
-- /* XXX This makes level 0 and 1 worse than needed at first start up. */
-- if (level == 2)
--#endif
-- /* make sure the pool is filled */
-- while( !pool_filled )
-- random_poll();
--
-- /* do always a fast random poll */
-- fast_random_poll();
--
-- if( !level ) { /* no need for cryptographic strong random */
-- /* create a new pool */
-- for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
-- i < POOLWORDS; i++, dp++, sp++ )
-- *dp = *sp + ADD_VALUE;
-- /* must mix both pools */
-- mix_pool(rndpool); rndstats.mixrnd++;
-- mix_pool(keypool); rndstats.mixkey++;
-- memcpy( buffer, keypool, length );
-- return length;
-- }
-- else {
--#ifdef __HURD__
-- int amount;
--#endif
-- /* mix the pool (if add_randomness() didn't it) */
-- if( !just_mixed ) {
-- mix_pool(rndpool);
-- rndstats.mixrnd++;
-- }
-- /* create a new pool */
-- for(i=0,dp=(ulong*)keypool, sp=(ulong*)rndpool;
-- i < POOLWORDS; i++, dp++, sp++ )
-- *dp = *sp + ADD_VALUE;
-- /* and mix both pools */
-- mix_pool(rndpool); rndstats.mixrnd++;
-- mix_pool(keypool); rndstats.mixkey++;
-- /* read the required data
-- * we use a readpointer to read from a different position each
-- * time */
--#ifdef __HURD__
-- if (level == 2 && length > pool_balance)
-- length = pool_balance;
-- amount = length;
--#endif
-- while( length-- ) {
-- *buffer++ = keypool[pool_readpos++];
-- if( pool_readpos >= POOLSIZE )
-- pool_readpos = 0;
-- pool_balance--;
-- }
-- if( pool_balance < 0 )
-- pool_balance = 0;
-- /* and clear the keypool */
-- memset( keypool, 0, POOLSIZE );
--#ifdef __HURD__
-- return amount;
--#endif
-- }
--}
--
--
--/****************
-- * Add LENGTH bytes of randomness from buffer to the pool.
-- * source may be used to specify the randomness source.
-- * Source is:
-- * 0 - used ony for initialization
-- * 1 - fast random poll function
-- * 2 - normal poll function
-- * 3 - used when level 2 random quality has been requested
-- * to do an extra pool seed.
-- */
--static void
--add_randomness( const void *buffer, size_t length, int source )
--{
-- const byte *p = buffer;
--
-- if( !is_initialized )
-- initialize();
-- rndstats.addbytes += length;
-- rndstats.naddbytes++;
-- while( length-- ) {
-- rndpool[pool_writepos++] = *p++;
-- if( pool_writepos >= POOLSIZE ) {
-- if( source > 1 )
-- pool_filled = 1;
-- pool_writepos = 0;
-- mix_pool(rndpool); rndstats.mixrnd++;
-- just_mixed = !length;
-- }
-- }
--}
--
--
--
--static void
--random_poll()
--{
-- rndstats.slowpolls++;
-- read_random_source( 2, POOLSIZE/5, 1 );
--}
--
--
--void
--fast_random_poll()
--{
-- static void (*fnc)( void (*)(const void*, size_t, int), int) = NULL;
-- static int initialized = 0;
--
-- rndstats.fastpolls++;
-- if( !initialized ) {
-- if( !is_initialized )
-- initialize();
-- initialized = 1;
-- fnc = dynload_getfnc_fast_random_poll();
-- }
-- if( fnc ) {
-- (*fnc)( add_randomness, 1 );
-- return;
-- }
--
-- /* fall back to the generic function */
-- #if HAVE_GETHRTIME
-- { hrtime_t tv;
-- tv = gethrtime();
-- add_randomness( &tv, sizeof(tv), 1 );
-- }
-- #elif HAVE_GETTIMEOFDAY
-- { struct timeval tv;
-- if( gettimeofday( &tv, NULL ) )
-- BUG();
-- add_randomness( &tv.tv_sec, sizeof(tv.tv_sec), 1 );
-- add_randomness( &tv.tv_usec, sizeof(tv.tv_usec), 1 );
-- }
-- #elif HAVE_CLOCK_GETTIME
-- { struct timespec tv;
-- if( clock_gettime( CLOCK_REALTIME, &tv ) == -1 )
-- BUG();
-- add_randomness( &tv.tv_sec, sizeof(tv.tv_sec), 1 );
-- add_randomness( &tv.tv_nsec, sizeof(tv.tv_nsec), 1 );
-- }
-- #else /* use times */
-- #ifndef HAVE_DOSISH_SYSTEM
-- { struct tms buf;
-- times( &buf );
-- add_randomness( &buf, sizeof buf, 1 );
-- }
-- #endif
-- #endif
-- #ifdef HAVE_GETRUSAGE
-- #ifndef RUSAGE_SELF
-- #ifdef __GCC__
-- #warning There is no RUSAGE_SELF on this system
-- #endif
-- #else
-- { struct rusage buf;
-- /* QNX/Neutrino does return ENOSYS - so we just ignore it and
-- * add whatever is in buf. In a chroot environment it might not
-- * work at all (i.e. because /proc/ is not accessible), so we better
-- * ognore all error codes and hope for the best
-- */
-- getrusage( RUSAGE_SELF, &buf );
--
-- add_randomness( &buf, sizeof buf, 1 );
-- memset( &buf, 0, sizeof buf );
-- }
-- #endif
-- #endif
-- /* time and clock are available on all systems - so
-- * we better do it just in case one of the above functions
-- * didn't work */
-- { time_t x = time(NULL);
-- add_randomness( &x, sizeof(x), 1 );
-- }
-- { clock_t x = clock();
-- add_randomness( &x, sizeof(x), 1 );
-- }
--}
--
--
--#ifndef __HURD__
--static void
--#else
--static int
--#endif
--read_random_source( int requester, size_t length, int level )
--{
-- static int (*fnc)(void (*)(const void*, size_t, int), int,
-- size_t, int) = NULL;
--#ifdef __HURD__
-- int got;
--#endif
-- if( !fnc ) {
-- if( !is_initialized )
-- initialize();
-- fnc = dynload_getfnc_gather_random();
-- if( !fnc ) {
-- faked_rng = 1;
-- fnc = gather_faked;
-- }
-- if( !requester && !length && !level )
--#ifndef __HURD__
-- return; /* init only */
--#else
-- return 0;
--#endif
-- }
--#ifndef __HURD__
-- if( (*fnc)( add_randomness, requester, length, level ) < 0 )
-- log_fatal("No way to gather entropy for the RNG\n");
--#else
-- got = (*fnc)( add_randomness, requester, length, level );
-- if (got < 0)
-- log_fatal("No way to gather entropy for the RNG\n");
-- return got;
--#endif
--}
--
--
--static int
--gather_faked( void (*add)(const void*, size_t, int), int requester,
-- size_t length, int level )
--{
-- static int initialized=0;
-- size_t n;
-- char *buffer, *p;
--
-- if( !initialized ) {
-- log_info(_("WARNING: using insecure random number generator!!\n"));
-- tty_printf(_("The random number generator is only a kludge to let\n"
-- "it run - it is in no way a strong RNG!\n\n"
-- "DON'T USE ANY DATA GENERATED BY THIS PROGRAM!!\n\n"));
-- initialized=1;
-- #ifdef HAVE_RAND
-- srand(make_timestamp()*getpid());
-- #else
-- srandom(make_timestamp()*getpid());
-- #endif
-- }
-- printf("WAITING FOR %i bytes.\n", length);
-- p = buffer = m_alloc( length );
-- n = length;
-- #ifdef HAVE_RAND
-- while( n-- )
-- *p++ = ((unsigned)(1 + (int) (256.0*rand()/(RAND_MAX+1.0)))-1);
-- #else
-- while( n-- )
-- *p++ = ((unsigned)(1 + (int) (256.0*random()/(RAND_MAX+1.0)))-1);
-- #endif
-- add_randomness( buffer, length, requester );
-- m_free(buffer);
-- return 0; /* okay */
--}
--
-diff --git a/random/gnupg-random.h b/random/gnupg-random.h
-deleted file mode 100644
-index ee18feb..0000000
---- a/random/gnupg-random.h
-+++ /dev/null
-@@ -1,47 +0,0 @@
--/* random.h - random functions
-- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
-- *
-- * This file is part of GnuPG.
-- *
-- * GnuPG is free software; you can redistribute it and/or modify
-- * it under the terms of the GNU General Public License as published by
-- * the Free Software Foundation; either version 2 of the License, or
-- * (at your option) any later version.
-- *
-- * GnuPG is distributed in the hope that it will be useful,
-- * but WITHOUT ANY WARRANTY; without even the implied warranty of
-- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- * GNU General Public License for more details.
-- *
-- * You should have received a copy of the GNU General Public License
-- * along with this program; if not, write to the Free Software
-- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
-- */
--#ifndef G10_RANDOM_H
--#define G10_RANDOM_H
--
--#ifndef __HURD__
--#include "types.h"
--#else
--#include "gnupg-glue.h"
--int read_pool (byte *, size_t, int);
--int readable_pool (size_t, int);
--#endif
--
--/*-- random.c --*/
--void random_dump_stats(void);
--void secure_random_alloc(void);
--void set_random_seed_file(const char *);
--void update_random_seed_file(void);
--int quick_random_gen( int onoff );
--int random_is_faked(void);
--void randomize_buffer( byte *buffer, size_t length, int level );
--byte *get_random_bits( size_t nbits, int level, int secure );
--void fast_random_poll( void );
--
--/*-- rndw32.c --*/
--#ifdef USE_STATIC_RNDW32
--void rndw32_set_dll_name( const char *name );
--#endif
--
--#endif /*G10_RANDOM_H*/
-diff --git a/random/gnupg-rmd.h b/random/gnupg-rmd.h
-deleted file mode 100644
-index 2446fc7..0000000
---- a/random/gnupg-rmd.h
-+++ /dev/null
-@@ -1,38 +0,0 @@
--/* rmd.h - RIPE-MD hash functions
-- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
-- *
-- * This file is part of GnuPG.
-- *
-- * GnuPG is free software; you can redistribute it and/or modify
-- * it under the terms of the GNU General Public License as published by
-- * the Free Software Foundation; either version 2 of the License, or
-- * (at your option) any later version.
-- *
-- * GnuPG is distributed in the hope that it will be useful,
-- * but WITHOUT ANY WARRANTY; without even the implied warranty of
-- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- * GNU General Public License for more details.
-- *
-- * You should have received a copy of the GNU General Public License
-- * along with this program; if not, write to the Free Software
-- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
-- */
--#ifndef G10_RMD_H
--#define G10_RMD_H
--
--#ifdef __HURD__
--#include "gnupg-glue.h"
--#endif
--
--/* we need this here because random.c must have direct access */
--typedef struct {
-- u32 h0,h1,h2,h3,h4;
-- u32 nblocks;
-- byte buf[64];
-- int count;
--} RMD160_CONTEXT;
--
--void rmd160_init( RMD160_CONTEXT *hd );
--void rmd160_mixblock( RMD160_CONTEXT *hd, char *buffer );
--
--#endif /*G10_RMD_H*/
-diff --git a/random/gnupg-rmd160.c b/random/gnupg-rmd160.c
-deleted file mode 100644
-index 6610768..0000000
---- a/random/gnupg-rmd160.c
-+++ /dev/null
-@@ -1,656 +0,0 @@
--/* rmd160.c - RIPE-MD160
-- * Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
-- *
-- * This file is part of GnuPG.
-- *
-- * GnuPG is free software; you can redistribute it and/or modify
-- * it under the terms of the GNU General Public License as published by
-- * the Free Software Foundation; either version 2 of the License, or
-- * (at your option) any later version.
-- *
-- * GnuPG is distributed in the hope that it will be useful,
-- * but WITHOUT ANY WARRANTY; without even the implied warranty of
-- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- * GNU General Public License for more details.
-- *
-- * You should have received a copy of the GNU General Public License
-- * along with this program; if not, write to the Free Software
-- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
-- */
--
--#ifndef __HURD__
--#include <config.h>
--#endif
--#include <stdio.h>
--#include <stdlib.h>
--#include <string.h>
--#include <assert.h>
--#ifndef __HURD__
--#include "util.h"
--#include "memory.h"
--#include "rmd.h"
--#include "cipher.h" /* only used for the rmd160_hash_buffer() prototype */
--#include "dynload.h"
--
--#include "bithelp.h"
--#else
--#include "gnupg-rmd.h"
--#include "gnupg-bithelp.h"
--#endif
--
--
--/*********************************
-- * RIPEMD-160 is not patented, see (as of 25.10.97)
-- * http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
-- * Note that the code uses Little Endian byteorder, which is good for
-- * 386 etc, but we must add some conversion when used on a big endian box.
-- *
-- *
-- * Pseudo-code for RIPEMD-160
-- *
-- * RIPEMD-160 is an iterative hash function that operates on 32-bit words.
-- * The round function takes as input a 5-word chaining variable and a 16-word
-- * message block and maps this to a new chaining variable. All operations are
-- * defined on 32-bit words. Padding is identical to that of MD4.
-- *
-- *
-- * RIPEMD-160: definitions
-- *
-- *
-- * nonlinear functions at bit level: exor, mux, -, mux, -
-- *
-- * f(j, x, y, z) = x XOR y XOR z (0 <= j <= 15)
-- * f(j, x, y, z) = (x AND y) OR (NOT(x) AND z) (16 <= j <= 31)
-- * f(j, x, y, z) = (x OR NOT(y)) XOR z (32 <= j <= 47)
-- * f(j, x, y, z) = (x AND z) OR (y AND NOT(z)) (48 <= j <= 63)
-- * f(j, x, y, z) = x XOR (y OR NOT(z)) (64 <= j <= 79)
-- *
-- *
-- * added constants (hexadecimal)
-- *
-- * K(j) = 0x00000000 (0 <= j <= 15)
-- * K(j) = 0x5A827999 (16 <= j <= 31) int(2**30 x sqrt(2))
-- * K(j) = 0x6ED9EBA1 (32 <= j <= 47) int(2**30 x sqrt(3))
-- * K(j) = 0x8F1BBCDC (48 <= j <= 63) int(2**30 x sqrt(5))
-- * K(j) = 0xA953FD4E (64 <= j <= 79) int(2**30 x sqrt(7))
-- * K'(j) = 0x50A28BE6 (0 <= j <= 15) int(2**30 x cbrt(2))
-- * K'(j) = 0x5C4DD124 (16 <= j <= 31) int(2**30 x cbrt(3))
-- * K'(j) = 0x6D703EF3 (32 <= j <= 47) int(2**30 x cbrt(5))
-- * K'(j) = 0x7A6D76E9 (48 <= j <= 63) int(2**30 x cbrt(7))
-- * K'(j) = 0x00000000 (64 <= j <= 79)
-- *
-- *
-- * selection of message word
-- *
-- * r(j) = j (0 <= j <= 15)
-- * r(16..31) = 7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8
-- * r(32..47) = 3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12
-- * r(48..63) = 1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2
-- * r(64..79) = 4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
-- * r0(0..15) = 5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12
-- * r0(16..31)= 6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2
-- * r0(32..47)= 15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13
-- * r0(48..63)= 8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14
-- * r0(64..79)= 12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
-- *
-- *
-- * amount for rotate left (rol)
-- *
-- * s(0..15) = 11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8
-- * s(16..31) = 7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12
-- * s(32..47) = 11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5
-- * s(48..63) = 11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12
-- * s(64..79) = 9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
-- * s'(0..15) = 8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6
-- * s'(16..31)= 9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11
-- * s'(32..47)= 9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5
-- * s'(48..63)= 15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8
-- * s'(64..79)= 8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
-- *
-- *
-- * initial value (hexadecimal)
-- *
-- * h0 = 0x67452301; h1 = 0xEFCDAB89; h2 = 0x98BADCFE; h3 = 0x10325476;
-- * h4 = 0xC3D2E1F0;
-- *
-- *
-- * RIPEMD-160: pseudo-code
-- *
-- * It is assumed that the message after padding consists of t 16-word blocks
-- * that will be denoted with X[i][j], with 0 <= i <= t-1 and 0 <= j <= 15.
-- * The symbol [+] denotes addition modulo 2**32 and rol_s denotes cyclic left
-- * shift (rotate) over s positions.
-- *
-- *
-- * for i := 0 to t-1 {
-- * A := h0; B := h1; C := h2; D = h3; E = h4;
-- * A' := h0; B' := h1; C' := h2; D' = h3; E' = h4;
-- * for j := 0 to 79 {
-- * T := rol_s(j)(A [+] f(j, B, C, D) [+] X[i][r(j)] [+] K(j)) [+] E;
-- * A := E; E := D; D := rol_10(C); C := B; B := T;
-- * T := rol_s'(j)(A' [+] f(79-j, B', C', D') [+] X[i][r'(j)]
-- [+] K'(j)) [+] E';
-- * A' := E'; E' := D'; D' := rol_10(C'); C' := B'; B' := T;
-- * }
-- * T := h1 [+] C [+] D'; h1 := h2 [+] D [+] E'; h2 := h3 [+] E [+] A';
-- * h3 := h4 [+] A [+] B'; h4 := h0 [+] B [+] C'; h0 := T;
-- * }
-- */
--
--/* Some examples:
-- * "" 9c1185a5c5e9fc54612808977ee8f548b2258d31
-- * "a" 0bdc9d2d256b3ee9daae347be6f4dc835a467ffe
-- * "abc" 8eb208f7e05d987a9b044a8e98c6b087f15a0bfc
-- * "message digest" 5d0689ef49d2fae572b881b123a85ffa21595f36
-- * "a...z" f71c27109c692c1b56bbdceb5b9d2865b3708dbc
-- * "abcdbcde...nopq" 12a053384a9c0c88e405a06c27dcf49ada62eb2b
-- * "A...Za...z0...9" b0e20b6e3116640286ed3a87a5713079b21f5189
-- * 8 times "1234567890" 9b752e45573d4b39f4dbd3323cab82bf63326bfb
-- * 1 million times "a" 52783243c1697bdbe16d37f97f68f08325dc1528
-- */
--
--static void
--burn_stack (int bytes)
--{
-- char buf[150];
--
-- memset (buf, 0, sizeof buf);
-- bytes -= sizeof buf;
-- if (bytes > 0)
-- burn_stack (bytes);
--}
--
--
--
--void
--rmd160_init( RMD160_CONTEXT *hd )
--{
-- hd->h0 = 0x67452301;
-- hd->h1 = 0xEFCDAB89;
-- hd->h2 = 0x98BADCFE;
-- hd->h3 = 0x10325476;
-- hd->h4 = 0xC3D2E1F0;
-- hd->nblocks = 0;
-- hd->count = 0;
--}
--
--
--
--/****************
-- * Transform the message X which consists of 16 32-bit-words
-- */
--static void
--transform( RMD160_CONTEXT *hd, byte *data )
--{
-- u32 a,b,c,d,e,aa,bb,cc,dd,ee,t;
-- #ifdef BIG_ENDIAN_HOST
-- u32 x[16];
-- { int i;
-- byte *p2, *p1;
-- for(i=0, p1=data, p2=(byte*)x; i < 16; i++, p2 += 4 ) {
-- p2[3] = *p1++;
-- p2[2] = *p1++;
-- p2[1] = *p1++;
-- p2[0] = *p1++;
-- }
-- }
-- #else
-- #if 0
-- u32 *x =(u32*)data;
-- #else
-- /* this version is better because it is always aligned;
-- * The performance penalty on a 586-100 is about 6% which
-- * is acceptable - because the data is more local it might
-- * also be possible that this is faster on some machines.
-- * This function (when compiled with -02 on gcc 2.7.2)
-- * executes on a 586-100 (39.73 bogomips) at about 1900kb/sec;
-- * [measured with a 4MB data and "gpgm --print-md rmd160"] */
-- u32 x[16];
-- memcpy( x, data, 64 );
-- #endif
-- #endif
--
--
--#define K0 0x00000000
--#define K1 0x5A827999
--#define K2 0x6ED9EBA1
--#define K3 0x8F1BBCDC
--#define K4 0xA953FD4E
--#define KK0 0x50A28BE6
--#define KK1 0x5C4DD124
--#define KK2 0x6D703EF3
--#define KK3 0x7A6D76E9
--#define KK4 0x00000000
--#define F0(x,y,z) ( (x) ^ (y) ^ (z) )
--#define F1(x,y,z) ( ((x) & (y)) | (~(x) & (z)) )
--#define F2(x,y,z) ( ((x) | ~(y)) ^ (z) )
--#define F3(x,y,z) ( ((x) & (z)) | ((y) & ~(z)) )
--#define F4(x,y,z) ( (x) ^ ((y) | ~(z)) )
--#define R(a,b,c,d,e,f,k,r,s) do { t = a + f(b,c,d) + k + x[r]; \
-- a = rol(t,s) + e; \
-- c = rol(c,10); \
-- } while(0)
--
-- /* left lane */
-- a = hd->h0;
-- b = hd->h1;
-- c = hd->h2;
-- d = hd->h3;
-- e = hd->h4;
-- R( a, b, c, d, e, F0, K0, 0, 11 );
-- R( e, a, b, c, d, F0, K0, 1, 14 );
-- R( d, e, a, b, c, F0, K0, 2, 15 );
-- R( c, d, e, a, b, F0, K0, 3, 12 );
-- R( b, c, d, e, a, F0, K0, 4, 5 );
-- R( a, b, c, d, e, F0, K0, 5, 8 );
-- R( e, a, b, c, d, F0, K0, 6, 7 );
-- R( d, e, a, b, c, F0, K0, 7, 9 );
-- R( c, d, e, a, b, F0, K0, 8, 11 );
-- R( b, c, d, e, a, F0, K0, 9, 13 );
-- R( a, b, c, d, e, F0, K0, 10, 14 );
-- R( e, a, b, c, d, F0, K0, 11, 15 );
-- R( d, e, a, b, c, F0, K0, 12, 6 );
-- R( c, d, e, a, b, F0, K0, 13, 7 );
-- R( b, c, d, e, a, F0, K0, 14, 9 );
-- R( a, b, c, d, e, F0, K0, 15, 8 );
-- R( e, a, b, c, d, F1, K1, 7, 7 );
-- R( d, e, a, b, c, F1, K1, 4, 6 );
-- R( c, d, e, a, b, F1, K1, 13, 8 );
-- R( b, c, d, e, a, F1, K1, 1, 13 );
-- R( a, b, c, d, e, F1, K1, 10, 11 );
-- R( e, a, b, c, d, F1, K1, 6, 9 );
-- R( d, e, a, b, c, F1, K1, 15, 7 );
-- R( c, d, e, a, b, F1, K1, 3, 15 );
-- R( b, c, d, e, a, F1, K1, 12, 7 );
-- R( a, b, c, d, e, F1, K1, 0, 12 );
-- R( e, a, b, c, d, F1, K1, 9, 15 );
-- R( d, e, a, b, c, F1, K1, 5, 9 );
-- R( c, d, e, a, b, F1, K1, 2, 11 );
-- R( b, c, d, e, a, F1, K1, 14, 7 );
-- R( a, b, c, d, e, F1, K1, 11, 13 );
-- R( e, a, b, c, d, F1, K1, 8, 12 );
-- R( d, e, a, b, c, F2, K2, 3, 11 );
-- R( c, d, e, a, b, F2, K2, 10, 13 );
-- R( b, c, d, e, a, F2, K2, 14, 6 );
-- R( a, b, c, d, e, F2, K2, 4, 7 );
-- R( e, a, b, c, d, F2, K2, 9, 14 );
-- R( d, e, a, b, c, F2, K2, 15, 9 );
-- R( c, d, e, a, b, F2, K2, 8, 13 );
-- R( b, c, d, e, a, F2, K2, 1, 15 );
-- R( a, b, c, d, e, F2, K2, 2, 14 );
-- R( e, a, b, c, d, F2, K2, 7, 8 );
-- R( d, e, a, b, c, F2, K2, 0, 13 );
-- R( c, d, e, a, b, F2, K2, 6, 6 );
-- R( b, c, d, e, a, F2, K2, 13, 5 );
-- R( a, b, c, d, e, F2, K2, 11, 12 );
-- R( e, a, b, c, d, F2, K2, 5, 7 );
-- R( d, e, a, b, c, F2, K2, 12, 5 );
-- R( c, d, e, a, b, F3, K3, 1, 11 );
-- R( b, c, d, e, a, F3, K3, 9, 12 );
-- R( a, b, c, d, e, F3, K3, 11, 14 );
-- R( e, a, b, c, d, F3, K3, 10, 15 );
-- R( d, e, a, b, c, F3, K3, 0, 14 );
-- R( c, d, e, a, b, F3, K3, 8, 15 );
-- R( b, c, d, e, a, F3, K3, 12, 9 );
-- R( a, b, c, d, e, F3, K3, 4, 8 );
-- R( e, a, b, c, d, F3, K3, 13, 9 );
-- R( d, e, a, b, c, F3, K3, 3, 14 );
-- R( c, d, e, a, b, F3, K3, 7, 5 );
-- R( b, c, d, e, a, F3, K3, 15, 6 );
-- R( a, b, c, d, e, F3, K3, 14, 8 );
-- R( e, a, b, c, d, F3, K3, 5, 6 );
-- R( d, e, a, b, c, F3, K3, 6, 5 );
-- R( c, d, e, a, b, F3, K3, 2, 12 );
-- R( b, c, d, e, a, F4, K4, 4, 9 );
-- R( a, b, c, d, e, F4, K4, 0, 15 );
-- R( e, a, b, c, d, F4, K4, 5, 5 );
-- R( d, e, a, b, c, F4, K4, 9, 11 );
-- R( c, d, e, a, b, F4, K4, 7, 6 );
-- R( b, c, d, e, a, F4, K4, 12, 8 );
-- R( a, b, c, d, e, F4, K4, 2, 13 );
-- R( e, a, b, c, d, F4, K4, 10, 12 );
-- R( d, e, a, b, c, F4, K4, 14, 5 );
-- R( c, d, e, a, b, F4, K4, 1, 12 );
-- R( b, c, d, e, a, F4, K4, 3, 13 );
-- R( a, b, c, d, e, F4, K4, 8, 14 );
-- R( e, a, b, c, d, F4, K4, 11, 11 );
-- R( d, e, a, b, c, F4, K4, 6, 8 );
-- R( c, d, e, a, b, F4, K4, 15, 5 );
-- R( b, c, d, e, a, F4, K4, 13, 6 );
--
-- aa = a; bb = b; cc = c; dd = d; ee = e;
--
-- /* right lane */
-- a = hd->h0;
-- b = hd->h1;
-- c = hd->h2;
-- d = hd->h3;
-- e = hd->h4;
-- R( a, b, c, d, e, F4, KK0, 5, 8);
-- R( e, a, b, c, d, F4, KK0, 14, 9);
-- R( d, e, a, b, c, F4, KK0, 7, 9);
-- R( c, d, e, a, b, F4, KK0, 0, 11);
-- R( b, c, d, e, a, F4, KK0, 9, 13);
-- R( a, b, c, d, e, F4, KK0, 2, 15);
-- R( e, a, b, c, d, F4, KK0, 11, 15);
-- R( d, e, a, b, c, F4, KK0, 4, 5);
-- R( c, d, e, a, b, F4, KK0, 13, 7);
-- R( b, c, d, e, a, F4, KK0, 6, 7);
-- R( a, b, c, d, e, F4, KK0, 15, 8);
-- R( e, a, b, c, d, F4, KK0, 8, 11);
-- R( d, e, a, b, c, F4, KK0, 1, 14);
-- R( c, d, e, a, b, F4, KK0, 10, 14);
-- R( b, c, d, e, a, F4, KK0, 3, 12);
-- R( a, b, c, d, e, F4, KK0, 12, 6);
-- R( e, a, b, c, d, F3, KK1, 6, 9);
-- R( d, e, a, b, c, F3, KK1, 11, 13);
-- R( c, d, e, a, b, F3, KK1, 3, 15);
-- R( b, c, d, e, a, F3, KK1, 7, 7);
-- R( a, b, c, d, e, F3, KK1, 0, 12);
-- R( e, a, b, c, d, F3, KK1, 13, 8);
-- R( d, e, a, b, c, F3, KK1, 5, 9);
-- R( c, d, e, a, b, F3, KK1, 10, 11);
-- R( b, c, d, e, a, F3, KK1, 14, 7);
-- R( a, b, c, d, e, F3, KK1, 15, 7);
-- R( e, a, b, c, d, F3, KK1, 8, 12);
-- R( d, e, a, b, c, F3, KK1, 12, 7);
-- R( c, d, e, a, b, F3, KK1, 4, 6);
-- R( b, c, d, e, a, F3, KK1, 9, 15);
-- R( a, b, c, d, e, F3, KK1, 1, 13);
-- R( e, a, b, c, d, F3, KK1, 2, 11);
-- R( d, e, a, b, c, F2, KK2, 15, 9);
-- R( c, d, e, a, b, F2, KK2, 5, 7);
-- R( b, c, d, e, a, F2, KK2, 1, 15);
-- R( a, b, c, d, e, F2, KK2, 3, 11);
-- R( e, a, b, c, d, F2, KK2, 7, 8);
-- R( d, e, a, b, c, F2, KK2, 14, 6);
-- R( c, d, e, a, b, F2, KK2, 6, 6);
-- R( b, c, d, e, a, F2, KK2, 9, 14);
-- R( a, b, c, d, e, F2, KK2, 11, 12);
-- R( e, a, b, c, d, F2, KK2, 8, 13);
-- R( d, e, a, b, c, F2, KK2, 12, 5);
-- R( c, d, e, a, b, F2, KK2, 2, 14);
-- R( b, c, d, e, a, F2, KK2, 10, 13);
-- R( a, b, c, d, e, F2, KK2, 0, 13);
-- R( e, a, b, c, d, F2, KK2, 4, 7);
-- R( d, e, a, b, c, F2, KK2, 13, 5);
-- R( c, d, e, a, b, F1, KK3, 8, 15);
-- R( b, c, d, e, a, F1, KK3, 6, 5);
-- R( a, b, c, d, e, F1, KK3, 4, 8);
-- R( e, a, b, c, d, F1, KK3, 1, 11);
-- R( d, e, a, b, c, F1, KK3, 3, 14);
-- R( c, d, e, a, b, F1, KK3, 11, 14);
-- R( b, c, d, e, a, F1, KK3, 15, 6);
-- R( a, b, c, d, e, F1, KK3, 0, 14);
-- R( e, a, b, c, d, F1, KK3, 5, 6);
-- R( d, e, a, b, c, F1, KK3, 12, 9);
-- R( c, d, e, a, b, F1, KK3, 2, 12);
-- R( b, c, d, e, a, F1, KK3, 13, 9);
-- R( a, b, c, d, e, F1, KK3, 9, 12);
-- R( e, a, b, c, d, F1, KK3, 7, 5);
-- R( d, e, a, b, c, F1, KK3, 10, 15);
-- R( c, d, e, a, b, F1, KK3, 14, 8);
-- R( b, c, d, e, a, F0, KK4, 12, 8);
-- R( a, b, c, d, e, F0, KK4, 15, 5);
-- R( e, a, b, c, d, F0, KK4, 10, 12);
-- R( d, e, a, b, c, F0, KK4, 4, 9);
-- R( c, d, e, a, b, F0, KK4, 1, 12);
-- R( b, c, d, e, a, F0, KK4, 5, 5);
-- R( a, b, c, d, e, F0, KK4, 8, 14);
-- R( e, a, b, c, d, F0, KK4, 7, 6);
-- R( d, e, a, b, c, F0, KK4, 6, 8);
-- R( c, d, e, a, b, F0, KK4, 2, 13);
-- R( b, c, d, e, a, F0, KK4, 13, 6);
-- R( a, b, c, d, e, F0, KK4, 14, 5);
-- R( e, a, b, c, d, F0, KK4, 0, 15);
-- R( d, e, a, b, c, F0, KK4, 3, 13);
-- R( c, d, e, a, b, F0, KK4, 9, 11);
-- R( b, c, d, e, a, F0, KK4, 11, 11);
--
--
-- t = hd->h1 + d + cc;
-- hd->h1 = hd->h2 + e + dd;
-- hd->h2 = hd->h3 + a + ee;
-- hd->h3 = hd->h4 + b + aa;
-- hd->h4 = hd->h0 + c + bb;
-- hd->h0 = t;
--}
--
--
--/* Update the message digest with the contents
-- * of INBUF with length INLEN.
-- */
--static void
--rmd160_write( RMD160_CONTEXT *hd, byte *inbuf, size_t inlen)
--{
-- if( hd->count == 64 ) { /* flush the buffer */
-- transform( hd, hd->buf );
-- burn_stack (108+5*sizeof(void*));
-- hd->count = 0;
-- hd->nblocks++;
-- }
-- if( !inbuf )
-- return;
-- if( hd->count ) {
-- for( ; inlen && hd->count < 64; inlen-- )
-- hd->buf[hd->count++] = *inbuf++;
-- rmd160_write( hd, NULL, 0 );
-- if( !inlen )
-- return;
-- }
--
-- while( inlen >= 64 ) {
-- transform( hd, inbuf );
-- hd->count = 0;
-- hd->nblocks++;
-- inlen -= 64;
-- inbuf += 64;
-- }
-- burn_stack (108+5*sizeof(void*));
-- for( ; inlen && hd->count < 64; inlen-- )
-- hd->buf[hd->count++] = *inbuf++;
--}
--
--/****************
-- * Apply the rmd160 transform function on the buffer which must have
-- * a length 64 bytes. Do not use this function together with the
-- * other functions, use rmd160_init to initialize internal variables.
-- * Returns: 16 bytes in buffer with the mixed contentes of buffer.
-- */
--void
--rmd160_mixblock( RMD160_CONTEXT *hd, char *buffer )
--{
-- char *p = buffer;
-- transform( hd, buffer );
-- #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
-- X(0);
-- X(1);
-- X(2);
-- X(3);
-- X(4);
-- #undef X
--}
--
--
--/* The routine terminates the computation
-- */
--
--static void
--rmd160_final( RMD160_CONTEXT *hd )
--{
-- u32 t, msb, lsb;
-- byte *p;
--
-- rmd160_write(hd, NULL, 0); /* flush */;
--
-- t = hd->nblocks;
-- /* multiply by 64 to make a byte count */
-- lsb = t << 6;
-- msb = t >> 26;
-- /* add the count */
-- t = lsb;
-- if( (lsb += hd->count) < t )
-- msb++;
-- /* multiply by 8 to make a bit count */
-- t = lsb;
-- lsb <<= 3;
-- msb <<= 3;
-- msb |= t >> 29;
--
-- if( hd->count < 56 ) { /* enough room */
-- hd->buf[hd->count++] = 0x80; /* pad */
-- while( hd->count < 56 )
-- hd->buf[hd->count++] = 0; /* pad */
-- }
-- else { /* need one extra block */
-- hd->buf[hd->count++] = 0x80; /* pad character */
-- while( hd->count < 64 )
-- hd->buf[hd->count++] = 0;
-- rmd160_write(hd, NULL, 0); /* flush */;
-- memset(hd->buf, 0, 56 ); /* fill next block with zeroes */
-- }
-- /* append the 64 bit count */
-- hd->buf[56] = lsb ;
-- hd->buf[57] = lsb >> 8;
-- hd->buf[58] = lsb >> 16;
-- hd->buf[59] = lsb >> 24;
-- hd->buf[60] = msb ;
-- hd->buf[61] = msb >> 8;
-- hd->buf[62] = msb >> 16;
-- hd->buf[63] = msb >> 24;
-- transform( hd, hd->buf );
-- burn_stack (108+5*sizeof(void*));
--
-- p = hd->buf;
-- #ifdef BIG_ENDIAN_HOST
-- #define X(a) do { *p++ = hd->h##a ; *p++ = hd->h##a >> 8; \
-- *p++ = hd->h##a >> 16; *p++ = hd->h##a >> 24; } while(0)
-- #else /* little endian */
-- #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
-- #endif
-- X(0);
-- X(1);
-- X(2);
-- X(3);
-- X(4);
-- #undef X
--}
--
--static byte *
--rmd160_read( RMD160_CONTEXT *hd )
--{
-- return hd->buf;
--}
--
--
--
--/****************
-- * Shortcut functions which puts the hash value of the supplied buffer
-- * into outbuf which must have a size of 20 bytes.
-- */
--void
--rmd160_hash_buffer( char *outbuf, const char *buffer, size_t length )
--{
-- RMD160_CONTEXT hd;
--
-- rmd160_init( &hd );
-- rmd160_write( &hd, (byte*)buffer, length );
-- rmd160_final( &hd );
-- memcpy( outbuf, hd.buf, 20 );
--}
--
--
--/****************
-- * Return some information about the algorithm. We need algo here to
-- * distinguish different flavors of the algorithm.
-- * Returns: A pointer to string describing the algorithm or NULL if
-- * the ALGO is invalid.
-- */
--static const char *
--rmd160_get_info( int algo, size_t *contextsize,
-- byte **r_asnoid, int *r_asnlen, int *r_mdlen,
-- void (**r_init)( void *c ),
-- void (**r_write)( void *c, byte *buf, size_t nbytes ),
-- void (**r_final)( void *c ),
-- byte *(**r_read)( void *c )
-- )
--{
-- static byte asn[15] = /* Object ID is 1.3.36.3.2.1 */
-- { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x24, 0x03,
-- 0x02, 0x01, 0x05, 0x00, 0x04, 0x14 };
--
-- if( algo != 3 )
-- return NULL;
--
-- *contextsize = sizeof(RMD160_CONTEXT);
-- *r_asnoid = asn;
-- *r_asnlen = DIM(asn);
-- *r_mdlen = 20;
-- *(void (**)(RMD160_CONTEXT *))r_init = rmd160_init;
-- *(void (**)(RMD160_CONTEXT *, byte*, size_t))r_write = rmd160_write;
-- *(void (**)(RMD160_CONTEXT *))r_final = rmd160_final;
-- *(byte *(**)(RMD160_CONTEXT *))r_read = rmd160_read;
--
-- return "RIPEMD160";
--}
--
--
--#ifndef IS_MODULE
--static
--#endif
--const char * const gnupgext_version = "RMD160 ($Revision: 1.17.2.4 $)";
--
--static struct {
-- int class;
-- int version;
-- int value;
-- void (*func)(void);
--} func_table[] = {
-- { 10, 1, 0, (void(*)(void))rmd160_get_info },
-- { 11, 1, 3 },
--};
--
--
--#ifndef IS_MODULE
--static
--#endif
--void *
--gnupgext_enum_func( int what, int *sequence, int *class, int *vers )
--{
-- void *ret;
-- int i = *sequence;
--
-- do {
-- if( i >= DIM(func_table) || i < 0 ) {
-- return NULL;
-- }
-- *class = func_table[i].class;
-- *vers = func_table[i].version;
-- switch( *class ) {
-- case 11:
-- case 21:
-- case 31:
-- ret = &func_table[i].value;
-- break;
-- default:
-- ret = func_table[i].func;
-- break;
-- }
-- i++;
-- } while( what && what != *class );
--
-- *sequence = i;
-- return ret;
--}
--
--
--
--#ifndef __HURD__
--#ifndef IS_MODULE
--void
--rmd160_constructor(void)
--{
-- register_internal_cipher_extension( gnupgext_version, gnupgext_enum_func );
--}
--#endif
--#endif
-diff --git a/random/random.c b/random/random.c
-deleted file mode 100644
-index 8f76c5b..0000000
---- a/random/random.c
-+++ /dev/null
-@@ -1,650 +0,0 @@
--/* random.c - A single-file translator providing random data
-- Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc.
--
-- This program is free software; you can redistribute it and/or
-- modify it under the terms of the GNU General Public License as
-- published by the Free Software Foundation; either version 2, or (at
-- your option) any later version.
--
-- This program is distributed in the hope that it will be useful, but
-- WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-- General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */
--
--#define _GNU_SOURCE 1
--
--#include <hurd/paths.h>
--#include <hurd/trivfs.h>
--#include <hurd/startup.h>
--#include <stdio.h>
--#include <stdlib.h>
--#include <argp.h>
--#include <argz.h>
--#include <error.h>
--#include <string.h>
--#include <fcntl.h>
--#include <sys/mman.h>
--#include <pthread.h>
--#include <assert.h>
--
--#include <version.h>
--
--#include "random.h"
--#include "gnupg-random.h"
--
--/* Our control port. */
--struct trivfs_control *fsys;
--
--int read_blocked; /* For read and select. */
--pthread_cond_t wait; /* For read and select. */
--pthread_cond_t select_alert; /* For read and select. */
--
--
--/* The quality of randomness we provide.
-- 0: Very weak randomness based on time() and getrusage().
-- No external random data is used.
-- 1: Pseudo random numbers based on all available real random
-- numbers.
-- 2: Strong random numbers with a somewhat guaranteed entropy.
--*/
--#define DEFAULT_LEVEL 2
--static int level = DEFAULT_LEVEL;
--
--/* Name of file to use as seed. */
--static char *seed_file;
--
--/* The random bytes we collected. */
--char gatherbuf[GATHERBUFSIZE];
--
--/* The current positions in gatherbuf[]. */
--int gatherrpos;
--int gatherwpos;
--
--/* XXX Yuk Yuk. */
--#define POOLSIZE 600
--
--/* Take up to length bytes from gather_random if available. If
-- nothing is available, sleep until something becomes available.
-- Must be called with global_lock held. */
--int
--gather_random( void (*add)(const void*, size_t, int), int requester,
-- size_t length, int level )
--{
-- int avail = (gatherwpos - gatherrpos + GATHERBUFSIZE) % GATHERBUFSIZE;
-- int first = GATHERBUFSIZE - gatherrpos;
-- int second = length - first;
--
-- /* If level is zero, we should not block and not add anything
-- to the pool. */
-- if( !level )
-- return 0;
--
-- /* io_read() should guarantee that there is always data available. */
-- if (level == 2)
-- assert (avail);
--
-- if (length > avail)
-- length = avail;
--
-- if (first > length)
-- first = length;
-- (*add) (&gatherbuf[gatherrpos], first, requester);
-- gatherrpos = (gatherrpos + first) % GATHERBUFSIZE;
-- if (second > 0)
-- {
-- (*add) (&gatherbuf[gatherrpos], second, requester);
-- gatherrpos += second;
-- }
-- return length;
--}
--
--
--const char *argp_program_version = STANDARD_HURD_VERSION (random);
--
--/* This lock protects the GnuPG code. */
--static pthread_mutex_t global_lock;
--
--/* Trivfs hooks. */
--int trivfs_fstype = FSTYPE_MISC;
--int trivfs_fsid = 0;
--
--int trivfs_allow_open = O_READ | O_WRITE;
--
--int trivfs_support_read = 1;
--int trivfs_support_write = 1;
--int trivfs_support_exec = 0;
--
--void
--trivfs_modify_stat (struct trivfs_protid *cred, struct stat *st)
--{
-- /* Mark the node as a read-only plain file. */
-- st->st_mode &= ~S_IFMT;
-- st->st_mode |= (S_IFCHR);
-- st->st_size = 0;
--}
--
--error_t
--trivfs_goaway (struct trivfs_control *cntl, int flags)
--{
-- update_random_seed_file ();
-- exit (0);
--}
--
--/* Read data from an IO object. If offset is -1, read from the object
-- maintained file pointer. If the object is not seekable, offset is
-- ignored. The amount desired to be read is in AMOUNT. */
--error_t
--trivfs_S_io_read (struct trivfs_protid *cred,
-- mach_port_t reply, mach_msg_type_name_t reply_type,
-- data_t *data, mach_msg_type_number_t *data_len,
-- loff_t offs, mach_msg_type_number_t amount)
--{
-- error_t err;
-- mach_msg_type_number_t read_amount = 0;
-- void *buf = NULL;
-- size_t length;
--
-- /* Deny access if they have bad credentials. */
-- if (! cred)
-- return EOPNOTSUPP;
-- else if (! (cred->po->openmodes & O_READ))
-- return EBADF;
--
-- pthread_mutex_lock (&global_lock);
--
-- while (amount > 0)
-- {
-- mach_msg_type_number_t new_amount;
-- /* XXX: It would be nice to fix readable_pool to work for sizes
-- greater than the POOLSIZE. Otherwise we risk detecting too
-- late that we run out of entropy and all that entropy is
-- wasted. */
-- while (readable_pool (amount, level) == 0)
-- {
-- if (cred->po->openmodes & O_NONBLOCK)
-- {
-- pthread_mutex_unlock (&global_lock);
-- err = EWOULDBLOCK;
-- goto errout;
-- }
-- read_blocked = 1;
-- if (pthread_hurd_cond_wait_np (&wait, &global_lock))
-- {
-- pthread_mutex_unlock (&global_lock);
-- err = EINTR;
-- goto errout;
-- }
-- /* See term/users.c for possible race? */
-- }
--
-- /* Possibly allocate a new buffer. */
-- if (*data_len < amount)
-- {
-- *data = mmap (0, amount, PROT_READ|PROT_WRITE,
-- MAP_ANON, 0, 0);
--
-- if (*data == MAP_FAILED)
-- {
-- pthread_mutex_unlock (&global_lock);
-- return errno;
-- }
--
-- /* Keep track of our map in case of errors. */
-- buf = *data, length = amount;
--
-- /* Update DATA_LEN to reflect the new buffers size. */
-- *data_len = amount;
-- }
--
-- new_amount = read_pool (((byte *) *data) + read_amount, amount, level);
-- read_amount += new_amount;
-- amount -= new_amount;
-- }
--
-- /* Set atime, see term/users.c */
--
-- pthread_mutex_unlock (&global_lock);
-- *data_len = read_amount;
-- return 0;
--
-- errout:
-- if (buf)
-- munmap (buf, length);
-- return err;
--}
--
--/* Write data to an IO object. If offset is -1, write at the object
-- maintained file pointer. If the object is not seekable, offset is
-- ignored. The amount successfully written is returned in amount. A
-- given user should not have more than one outstanding io_write on an
-- object at a time; servers implement congestion control by delaying
-- responses to io_write. Servers may drop data (returning ENOBUFS)
-- if they receive more than one write when not prepared for it. */
--error_t
--trivfs_S_io_write (struct trivfs_protid *cred,
-- mach_port_t reply,
-- mach_msg_type_name_t replytype,
-- data_t data,
-- mach_msg_type_number_t datalen,
-- loff_t offset,
-- mach_msg_type_number_t *amount)
--{
-- int i = 0;
-- /* Deny access if they have bad credentials. */
-- if (! cred)
-- return EOPNOTSUPP;
-- else if (! (cred->po->openmodes & O_WRITE))
-- return EBADF;
--
-- pthread_mutex_lock (&global_lock);
--
-- while (i < datalen)
-- {
-- gatherbuf[gatherwpos] = data[i++];
-- gatherwpos = (gatherwpos + 1) % GATHERBUFSIZE;
-- if (gatherrpos == gatherwpos)
-- /* Overrun. */
-- gatherrpos = (gatherrpos + 1) % GATHERBUFSIZE;
-- }
-- *amount = datalen;
--
-- if (datalen > 0 && read_blocked)
-- {
-- read_blocked = 0;
-- pthread_cond_broadcast (&wait);
-- pthread_cond_broadcast (&select_alert);
-- }
--
-- pthread_mutex_unlock (&global_lock);
-- return 0;
--}
--
--/* Tell how much data can be read from the object without blocking for
-- a "long time" (this should be the same meaning of "long time" used
-- by the nonblocking flag. */
--kern_return_t
--trivfs_S_io_readable (struct trivfs_protid *cred,
-- mach_port_t reply, mach_msg_type_name_t replytype,
-- mach_msg_type_number_t *amount)
--{
-- /* Deny access if they have bad credentials. */
-- if (! cred)
-- return EOPNOTSUPP;
-- else if (! (cred->po->openmodes & O_READ))
-- return EBADF;
--
-- pthread_mutex_lock (&global_lock);
--
-- /* XXX: Before initialization, the amount depends on the amount we
-- want to read. Assume some medium value. */
-- *amount = readable_pool (POOLSIZE/2, level);
--
-- pthread_mutex_unlock (&global_lock);
--
-- return 0;
--}
--
--/* SELECT_TYPE is the bitwise OR of SELECT_READ, SELECT_WRITE, and SELECT_URG.
-- Block until one of the indicated types of i/o can be done "quickly", and
-- return the types that are then available. ID_TAG is returned as passed; it
-- is just for the convenience of the user in matching up reply messages with
-- specific requests sent. */
--error_t
--trivfs_S_io_select (struct trivfs_protid *cred,
-- mach_port_t reply,
-- mach_msg_type_name_t reply_type,
-- int *type)
--{
-- if (!cred)
-- return EOPNOTSUPP;
--
-- /* We only deal with SELECT_READ and SELECT_WRITE here. */
-- if (*type & ~(SELECT_READ | SELECT_WRITE))
-- return EINVAL;
--
-- if (*type == 0)
-- return 0;
--
-- pthread_mutex_lock (&global_lock);
--
-- while (1)
-- {
-- /* XXX Before initialization, readable_pool depends on length. */
-- int avail = readable_pool (POOLSIZE/2, level);
--
-- if (avail != 0 || *type & SELECT_WRITE)
-- {
-- *type = (avail ? SELECT_READ : 0) | (*type & SELECT_WRITE);
-- pthread_mutex_unlock (&global_lock);
-- return 0;
-- }
--
-- ports_interrupt_self_on_port_death (cred, reply);
-- read_blocked = 1;
--
-- if (pthread_hurd_cond_wait_np (&select_alert, &global_lock))
-- {
-- *type = 0;
-- pthread_mutex_unlock (&global_lock);
-- return EINTR;
-- }
-- }
--}
--
--
--/* Change current read/write offset */
--error_t
--trivfs_S_io_seek (struct trivfs_protid *cred,
-- mach_port_t reply, mach_msg_type_name_t reply_type,
-- loff_t offs, int whence, loff_t *new_offs)
--{
-- if (! cred)
-- return EOPNOTSUPP;
--
-- /* Not seekable. */
-- return ESPIPE;
--}
--
--/* Change the size of the file. If the size increases, new blocks are
-- zero-filled. After successful return, it is safe to reference mapped
-- areas of the file up to NEW_SIZE. */
--error_t
--trivfs_S_file_set_size (struct trivfs_protid *cred,
-- mach_port_t reply, mach_msg_type_name_t reply_type,
-- loff_t size)
--{
-- if (!cred)
-- return EOPNOTSUPP;
--
-- return size == 0 ? 0 : EINVAL;
--}
--
--/* These four routines modify the O_APPEND, O_ASYNC, O_FSYNC, and
-- O_NONBLOCK bits for the IO object. In addition, io_get_openmodes
-- will tell you which of O_READ, O_WRITE, and O_EXEC the object can
-- be used for. The O_ASYNC bit affects icky async I/O; good async
-- I/O is done through io_async which is orthogonal to these calls. */
--error_t
--trivfs_S_io_set_all_openmodes(struct trivfs_protid *cred,
-- mach_port_t reply,
-- mach_msg_type_name_t reply_type,
-- int mode)
--{
-- if (!cred)
-- return EOPNOTSUPP;
--
-- return 0;
--}
--
--error_t
--trivfs_S_io_set_some_openmodes (struct trivfs_protid *cred,
-- mach_port_t reply,
-- mach_msg_type_name_t reply_type,
-- int bits)
--{
-- if (!cred)
-- return EOPNOTSUPP;
--
-- return 0;
--}
--
--error_t
--trivfs_S_io_get_owner (struct trivfs_protid *cred,
-- mach_port_t reply,
-- mach_msg_type_name_t reply_type,
-- pid_t *owner)
--{
-- if (!cred)
-- return EOPNOTSUPP;
--
-- *owner = 0;
-- return 0;
--}
--
--error_t
--trivfs_S_io_mod_owner (struct trivfs_protid *cred,
-- mach_port_t reply, mach_msg_type_name_t reply_type,
-- pid_t owner)
--{
-- if (!cred)
-- return EOPNOTSUPP;
--
-- return EINVAL;
--}
--
--/* Return objects mapping the data underlying this memory object. If
-- the object can be read then memobjrd will be provided; if the
-- object can be written then memobjwr will be provided. For objects
-- where read data and write data are the same, these objects will be
-- equal, otherwise they will be disjoint. Servers are permitted to
-- implement io_map but not io_map_cntl. Some objects do not provide
-- mapping; they will set none of the ports and return an error. Such
-- objects can still be accessed by io_read and io_write. */
--error_t
--trivfs_S_io_map(struct trivfs_protid *cred,
-- mach_port_t reply, mach_msg_type_name_t reply_type,
-- mach_port_t *rdobj,
-- mach_msg_type_name_t *rdtype,
-- mach_port_t *wrobj,
-- mach_msg_type_name_t *wrtype)
--{
-- if (!cred)
-- return EOPNOTSUPP;
--
-- return EINVAL;
--}
--
--
--int
--random_demuxer (mach_msg_header_t *inp,
-- mach_msg_header_t *outp)
--{
-- extern int startup_notify_server (mach_msg_header_t *, mach_msg_header_t *);
--
-- return (trivfs_demuxer (inp, outp)
-- || startup_notify_server (inp, outp));
--}
--
--
--/* Options processing. We accept the same options on the command line
-- and from fsys_set_options. */
--
--static const struct argp_option options[] =
--{
-- {"weak", 'w', 0, 0, "Output weak pseudo random data"},
-- {"fast", 'f', 0, 0, "Output cheap random data fast"},
-- {"secure", 's', 0, 0, "Output cryptographically secure random"},
-- {"seed-file", 'S', "FILE", 0, "Use FILE to remember the seed"},
-- {0}
--};
--
--static error_t
--parse_opt (int opt, char *arg, struct argp_state *state)
--{
-- switch (opt)
-- {
-- default:
-- return ARGP_ERR_UNKNOWN;
-- case ARGP_KEY_INIT:
-- case ARGP_KEY_SUCCESS:
-- case ARGP_KEY_ERROR:
-- break;
--
-- case 'w':
-- {
-- level = 0;
-- break;
-- }
-- case 'f':
-- {
-- level = 1;
-- break;
-- }
-- case 's':
-- {
-- level = 2;
-- break;
-- }
-- case 'S':
-- {
-- seed_file = strdup (arg);
-- set_random_seed_file (arg);
-- }
-- }
-- return 0;
--}
--
--/* This will be called from libtrivfs to help construct the answer
-- to an fsys_get_options RPC. */
--error_t
--trivfs_append_args (struct trivfs_control *fsys,
-- char **argz, size_t *argz_len)
--{
-- error_t err = 0;
-- char *opt;
--
-- pthread_mutex_lock (&global_lock);
-- switch (level)
-- {
-- case 0:
-- opt = "--weak";
-- break;
--
-- case 1:
-- opt = "--fast";
-- break;
--
-- default:
-- opt = "--secure";
-- }
-- if (level != DEFAULT_LEVEL)
-- err = argz_add (argz, argz_len, opt);
--
-- if (!err && seed_file)
-- {
-- if (asprintf (&opt, "--seed-file=%s", seed_file) < 0)
-- err = ENOMEM;
-- else
-- {
-- err = argz_add (argz, argz_len, opt);
-- free (opt);
-- }
-- }
-- pthread_mutex_unlock (&global_lock);
--
-- return err;
--}
--
--static struct argp random_argp =
--{ options, parse_opt, 0,
-- "A translator providing random output." };
--
--/* Setting this variable makes libtrivfs use our argp to
-- parse options passed in an fsys_set_options RPC. */
--struct argp *trivfs_runtime_argp = &random_argp;
--
--struct port_class *shutdown_notify_class;
--
--/* The system is going down; destroy all the extant port rights. That
-- will cause net channels and such to close promptly. */
--error_t
--S_startup_dosync (mach_port_t handle)
--{
-- struct port_info *inpi = ports_lookup_port (fsys->pi.bucket, handle,
-- shutdown_notify_class);
--
-- if (!inpi)
-- return EOPNOTSUPP;
--
-- update_random_seed_file ();
-- return 0;
--}
--
--void
--sigterm_handler (int signo)
--{
-- update_random_seed_file ();
-- signal (SIGTERM, SIG_DFL);
-- raise (SIGTERM);
--}
--
--static error_t
--arrange_shutdown_notification ()
--{
-- error_t err;
-- mach_port_t initport, notify;
-- struct port_info *pi;
--
-- shutdown_notify_class = ports_create_class (0, 0);
--
-- signal (SIGTERM, sigterm_handler);
--
-- /* Arrange to get notified when the system goes down,
-- but if we fail for some reason, just silently give up. No big deal. */
--
-- err = ports_create_port (shutdown_notify_class, fsys->pi.bucket,
-- sizeof (struct port_info), &pi);
-- if (err)
-- return err;
--
-- initport = file_name_lookup (_SERVERS_STARTUP, 0, 0);
-- if (! MACH_PORT_VALID (initport))
-- return errno;
--
-- notify = ports_get_send_right (pi);
-- ports_port_deref (pi);
-- err = startup_request_notification (initport, notify,
-- MACH_MSG_TYPE_MAKE_SEND,
-- program_invocation_short_name);
--
-- mach_port_deallocate (mach_task_self (), notify);
-- mach_port_deallocate (mach_task_self (), initport);
-- return err;
--}
--
--
--int
--main (int argc, char **argv)
--{
-- error_t err;
-- mach_port_t bootstrap;
--
-- /* Initialize the lock that will protect everything.
-- We must do this before argp_parse, because parse_opt (above) will
-- use the lock. */
-- pthread_mutex_init (&global_lock, NULL);
--
-- /* The conditions are used to implement proper read/select
-- behaviour. */
-- pthread_cond_init (&wait, NULL);
-- pthread_cond_init (&select_alert, NULL);
--
-- /* We use the same argp for options available at startup
-- as for options we'll accept in an fsys_set_options RPC. */
-- argp_parse (&random_argp, argc, argv, 0, 0, 0);
--
-- task_get_bootstrap_port (mach_task_self (), &bootstrap);
-- if (bootstrap == MACH_PORT_NULL)
-- error (1, 0, "Must be started as a translator");
--
-- /* Reply to our parent */
-- err = trivfs_startup (bootstrap, 0, 0, 0, 0, 0, &fsys);
-- mach_port_deallocate (mach_task_self (), bootstrap);
-- if (err)
-- error (3, err, "trivfs_startup");
--
-- err = arrange_shutdown_notification ();
-- if (err)
-- error (0, err, "Cannot request shutdown notification");
--
-- /* Launch. */
-- ports_manage_port_operations_multithread (fsys->pi.bucket, random_demuxer,
-- 10 * 1000, /* idle thread */
-- 10 * 60 * 1000, /* idle server */
-- 0);
-- return 0;
--}
-diff --git a/random/random.h b/random/random.h
-deleted file mode 100644
-index a38a417..0000000
---- a/random/random.h
-+++ /dev/null
-@@ -1,32 +0,0 @@
--/* random.c - A single-file translator providing random data
-- Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc.
--
-- This program is free software; you can redistribute it and/or
-- modify it under the terms of the GNU General Public License as
-- published by the Free Software Foundation; either version 2, or (at
-- your option) any later version.
--
-- This program is distributed in the hope that it will be useful, but
-- WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-- General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */
--
--#ifndef __RANDOM_H__
--#define __RANDOM_H__
--
--/* How many random bytes to gather at most.
-- XXX: Should be at least POOLSIZE. */
--#define GATHERBUFSIZE 32768
--
--/* The random bytes we collected. */
--extern char gatherbuf[GATHERBUFSIZE];
--
--/* The current positions in gatherbuf[]. */
--extern int gatherrpos;
--extern int gatherwpos;
--
--#endif
-diff --git a/sutils/MAKEDEV.sh b/sutils/MAKEDEV.sh
-index 1baec15..9fd4b1d 100644
---- a/sutils/MAKEDEV.sh
-+++ b/sutils/MAKEDEV.sh
-@@ -100,7 +100,7 @@ mkdev() {
- ;;
-
- std)
-- mkdev console tty urandom null zero full fd time mem klog shm
-+ mkdev console tty random urandom null zero full fd time mem klog shm
- ;;
- console|com[0-9])
- st $I root 600 /hurd/term ${DEVDIR}/$I device $I;;
-@@ -111,8 +111,10 @@ mkdev() {
- ${DEVDIR}/vcs/`echo $I | sed -e s/tty//`/console;;
- lpr[0-9])
- st $I root 660 /hurd/streamio "$I";;
-+ random)
-+ st $I root 644 /hurd/random --secure --seed-file /var/lib/random-seed;;
- urandom)
-- st $I root 644 /hurd/random --fast --seed-file /var/lib/random-seed;;
-+ st $I root 644 /hurd/random --fast --seed-file /var/lib/urandom-seed;;
- null)
- st $I root 666 /hurd/null;;
- full)
-diff --git a/trans/Makefile b/trans/Makefile
-index ce1eae7..ec0586e 100644
---- a/trans/Makefile
-+++ b/trans/Makefile
-@@ -21,14 +21,14 @@ makemode := servers
-
- targets = symlink firmlink ifsock magic null fifo new-fifo fwd crash \
- password hello hello-mt streamio fakeroot proxy-defpager remap \
-- mtab
-+ mtab random
- SRCS = ifsock.c symlink.c magic.c null.c fifo.c new-fifo.c fwd.c \
- crash.c firmlink.c password.c hello.c hello-mt.c streamio.c \
- fakeroot.c proxy-defpager.c remap.c mtab.c
- OBJS = $(SRCS:.c=.o) fsysServer.o ifsockServer.o passwordServer.o \
- crashServer.o crash_replyUser.o msgServer.o \
- default_pagerServer.o default_pagerUser.o \
-- device_replyServer.o elfcore.o
-+ device_replyServer.o elfcore.o startup_notifyServer.o
- HURDLIBS = ports netfs trivfs iohelp fshelp pipe ihash shouldbeinlibc
- LDLIBS += -lpthread
- password-LDLIBS = -lcrypt
-@@ -51,6 +51,8 @@ device_reply-MIGSFLAGS="-DMACH_PAYLOAD_TO_PORT=ports_payload_get_name"
- # libports. Disable the default payload to port conversion.
- fsys-MIGSFLAGS = "-DHURD_DEFAULT_PAYLOAD_TO_PORT=1"
-
-+random-LDLIBS = -lgcrypt
-+
- include ../Makeconf
-
- vpath elfcore.c $(top_srcdir)/exec
-@@ -71,6 +73,7 @@ hello: ../libtrivfs/libtrivfs.a ../libfshelp/libfshelp.a ../libports/libports.a
- fakeroot: ../libnetfs/libnetfs.a ../libfshelp/libfshelp.a ../libiohelp/libiohelp.a ../libports/libports.a ../libihash/libihash.a
- remap: ../libtrivfs/libtrivfs.a ../libfshelp/libfshelp.a ../libports/libports.a ../libihash/libihash.a
- mtab: ../libtrivfs/libtrivfs.a ../libfshelp/libfshelp.a ../libports/libports.a ../libihash/libihash.a fsUser.o
-+random: ../libtrivfs/libtrivfs.a ../libports/libports.a ../libihash/libihash.a startup_notifyServer.o mach_debugUser.o
- $(targets): ../libshouldbeinlibc/libshouldbeinlibc.a
-
- $(targets): %: %.o
-diff --git a/trans/random.c b/trans/random.c
-new file mode 100644
-index 0000000..0419912
---- /dev/null
-+++ b/trans/random.c
-@@ -0,0 +1,722 @@
-+/* random.c - A single-file translator providing random data
-+ Copyright (C) 1998, 1999, 2001, 2015 Free Software Foundation, Inc.
-+
-+ This program is free software; you can redistribute it and/or
-+ modify it under the terms of the GNU General Public License as
-+ published by the Free Software Foundation; either version 2, or (at
-+ your option) any later version.
-+
-+ This program is distributed in the hope that it will be useful, but
-+ WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-+ General Public License for more details.
-+
-+ You should have received a copy of the GNU General Public License
-+ along with this program; if not, write to the Free Software
-+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */
-+
-+#include <argp.h>
-+#include <argz.h>
-+#include <assert.h>
-+#include <error.h>
-+#include <fcntl.h>
-+#include <gcrypt.h>
-+#include <hurd/paths.h>
-+#include <hurd/startup.h>
-+#include <hurd/trivfs.h>
-+#include <mach_debug/mach_debug_types.h>
-+#include <pthread.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <sys/mman.h>
-+#include <sys/stat.h>
-+#include <unistd.h>
-+#include <version.h>
-+
-+#include "mach_debug_U.h"
-+
-+/* Our control port. */
-+struct trivfs_control *fsys;
-+
-+int read_blocked; /* For read and select. */
-+pthread_cond_t wait; /* For read and select. */
-+pthread_cond_t select_alert; /* For read and select. */
-+
-+/* The quality of randomness we provide. If URANDOM is set, return
-+ unlimited random data. */
-+static int urandom;
-+
-+/* Name of file to use as seed. */
-+static char *seed_file;
-+
-+/* Entropy management. */
-+
-+/* Libgcrypts pool size limits the amount of entropy. */
-+static const size_t entropy_limit = 600;
-+
-+/* Estimate of available entropy measured in bytes. */
-+static size_t entropy;
-+
-+/* Protected by this lock. */
-+static pthread_mutex_t entropy_lock;
-+
-+static error_t
-+entropy_add (const void *buf, size_t length, float factor)
-+{
-+ gcry_error_t cerr;
-+ size_t new_entropy;
-+ pthread_mutex_lock (&entropy_lock);
-+
-+ cerr = gcry_random_add_bytes (buf, length, -1);
-+ if (cerr)
-+ {
-+ pthread_mutex_unlock (&entropy_lock);
-+ error (0, 0, "Failed to add random bytes: %s",
-+ gcry_strerror (cerr));
-+ return EINVAL;
-+ }
-+ new_entropy = (size_t) ((float) length * factor);
-+ entropy += new_entropy;
-+
-+ if (entropy > entropy_limit)
-+ entropy = entropy_limit;
-+
-+ if (new_entropy > 0 && read_blocked)
-+ {
-+ read_blocked = 0;
-+ pthread_cond_broadcast (&wait);
-+ pthread_cond_broadcast (&select_alert);
-+ }
-+
-+ pthread_mutex_unlock (&entropy_lock);
-+ return 0;
-+}
-+
-+static void
-+update_random_seed_file (void)
-+{
-+ gcry_error_t cerr;
-+ cerr = gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE, seed_file, 0);
-+ if (cerr)
-+ error (0, 0, "Updating random seed file %s failed: %s",
-+ seed_file, gcry_strerror (cerr));
-+}
-+
-+static void
-+initialize_gcrypt (void)
-+{
-+ unsigned int seed;
-+ gcry_error_t cerr;
-+
-+ if (! gcry_check_version (GCRYPT_VERSION))
-+ error (1, 0, "libgcrypt version mismatch\n");
-+
-+ cerr = gcry_control (GCRYCTL_SET_PREFERRED_RNG_TYPE,
-+ GCRY_RNG_TYPE_STANDARD, 0);
-+ if (cerr)
-+ error (1, 0, "Selecting preferred rng type failed: %s",
-+ gcry_strerror (cerr));
-+
-+ if (seed_file)
-+ {
-+ struct stat s;
-+
-+ /* Hack! XXX use relative path */
-+ if (seed_file[0] == '/')
-+ {
-+ chdir ("/");
-+ seed_file += 1;
-+ }
-+
-+ cerr = gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, seed_file, 0);
-+ if (cerr)
-+ error (1, 0, "Setting seed file %s failed: %s",
-+ seed_file, gcry_strerror (cerr));
-+
-+ if (stat (seed_file, &s) == 0)
-+ /* Libgcrypt will read the seed file on demand. Set entropy
-+ accordingly. */
-+ entropy = s.st_size;
-+ }
-+
-+ cerr = gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
-+ if (cerr)
-+ error (1, 0, "Finalizing gcrypt failed: %s",
-+ gcry_strerror (cerr));
-+
-+ /* Hack! Trick libgcrypt into assuming /dev/urandom is not
-+ available by diddling with the root directory. */
-+ {
-+ file_t root, var;
-+ root = getcrdir ();
-+ var = file_name_lookup ("/var", 0, 0);
-+ setcrdir (var);
-+
-+ /* Randomize SEED. Forces the random subsystem to be
-+ initialized. */
-+ gcry_randomize (&seed, sizeof seed, GCRY_STRONG_RANDOM);
-+
-+ setcrdir (root);
-+ mach_port_deallocate (mach_task_self (), var);
-+ }
-+
-+ /* Initialize the libcs RNG. */
-+ srandom (seed);
-+}
-+
-+static void
-+gather_slab_info (void)
-+{
-+ error_t err;
-+ cache_info_array_t cache_info;
-+ mach_msg_type_number_t cache_info_count, i;
-+
-+ cache_info = NULL;
-+ cache_info_count = 0;
-+
-+ err = host_slab_info (mach_host_self(), &cache_info, &cache_info_count);
-+ if (err)
-+ {
-+ error (0, err, "host_slab_info");
-+ return;
-+ }
-+
-+ for (i = 0; i < cache_info_count; i++)
-+ if (cache_info[i].nr_bufs > 500)
-+ entropy_add (&cache_info[i].nr_objs, sizeof cache_info[i].nr_objs,
-+ 0.25);
-+
-+ vm_deallocate (mach_task_self (),
-+ (vm_address_t) cache_info,
-+ cache_info_count * sizeof *cache_info);
-+}
-+
-+static void *
-+gather_thread (void *args)
-+{
-+ while (1)
-+ {
-+ gather_slab_info ();
-+ usleep (
-+ (useconds_t) (1000000. * (1.
-+ + (float) random () / (float) RAND_MAX)));
-+ }
-+
-+ assert (! "reached");
-+}
-+
-+error_t
-+start_gather_thread (void)
-+{
-+ error_t err;
-+ pthread_t thread;
-+
-+ err = pthread_create (&thread, NULL, gather_thread, NULL);
-+ if (err)
-+ return err;
-+
-+ err = pthread_detach (thread);
-+ return err;
-+}
-+
-+const char *argp_program_version = STANDARD_HURD_VERSION (random);
-+
-+/* Trivfs hooks. */
-+int trivfs_fstype = FSTYPE_MISC;
-+int trivfs_fsid = 0;
-+
-+int trivfs_allow_open = O_READ | O_WRITE;
-+
-+int trivfs_support_read = 1;
-+int trivfs_support_write = 1;
-+int trivfs_support_exec = 0;
-+
-+void
-+trivfs_modify_stat (struct trivfs_protid *cred, struct stat *st)
-+{
-+ /* Mark the node as a read-only plain file. */
-+ st->st_mode &= ~((unsigned) S_IFMT);
-+ st->st_mode |= (S_IFCHR);
-+ st->st_size = 0;
-+}
-+
-+error_t
-+trivfs_goaway (struct trivfs_control *cntl, int flags)
-+{
-+ update_random_seed_file ();
-+ exit (0);
-+}
-+
-+/* Read data from an IO object. If offset is -1, read from the object
-+ maintained file pointer. If the object is not seekable, offset is
-+ ignored. The amount desired to be read is in AMOUNT. */
-+error_t
-+trivfs_S_io_read (struct trivfs_protid *cred,
-+ mach_port_t reply, mach_msg_type_name_t reply_type,
-+ data_t *data, mach_msg_type_number_t *data_len,
-+ loff_t offs, mach_msg_type_number_t amount)
-+{
-+ error_t err;
-+ void *buf = NULL;
-+ size_t length = 0;
-+
-+ if (! cred)
-+ return EOPNOTSUPP;
-+ else if (! (cred->po->openmodes & O_READ))
-+ return EBADF;
-+
-+ pthread_mutex_lock (&entropy_lock);
-+
-+ if (amount > 0)
-+ {
-+ while (! urandom && amount > entropy)
-+ {
-+ if (cred->po->openmodes & O_NONBLOCK)
-+ {
-+ err = EWOULDBLOCK;
-+ goto errout;
-+ }
-+ read_blocked = 1;
-+ if (pthread_hurd_cond_wait_np (&wait, &entropy_lock))
-+ {
-+ err = EINTR;
-+ goto errout;
-+ }
-+ /* See term/users.c for possible race? */
-+ }
-+
-+ /* Possibly allocate a new buffer. */
-+ if (*data_len < amount)
-+ {
-+ *data = mmap (0, amount, PROT_READ|PROT_WRITE,
-+ MAP_ANON, 0, 0);
-+
-+ if (*data == MAP_FAILED)
-+ {
-+ pthread_mutex_unlock (&entropy_lock);
-+ return errno;
-+ }
-+
-+ /* Keep track of our map in case of errors. */
-+ buf = *data, length = amount;
-+
-+ /* Update DATA_LEN to reflect the new buffers size. */
-+ *data_len = amount;
-+ }
-+
-+ if (! urandom)
-+ assert (entropy >= amount);
-+
-+ if (entropy >= amount)
-+ entropy -= amount;
-+ else
-+ entropy = 0;
-+
-+ gcry_randomize ((unsigned char *) *data, amount, GCRY_STRONG_RANDOM);
-+ }
-+
-+ /* Set atime, see term/users.c */
-+
-+ pthread_mutex_unlock (&entropy_lock);
-+ *data_len = amount;
-+ return 0;
-+
-+ errout:
-+ pthread_mutex_unlock (&entropy_lock);
-+ if (buf)
-+ munmap (buf, length);
-+ return err;
-+}
-+
-+/* Write data to an IO object. If offset is -1, write at the object
-+ maintained file pointer. If the object is not seekable, offset is
-+ ignored. The amount successfully written is returned in amount. A
-+ given user should not have more than one outstanding io_write on an
-+ object at a time; servers implement congestion control by delaying
-+ responses to io_write. Servers may drop data (returning ENOBUFS)
-+ if they receive more than one write when not prepared for it. */
-+error_t
-+trivfs_S_io_write (struct trivfs_protid *cred,
-+ mach_port_t reply,
-+ mach_msg_type_name_t replytype,
-+ data_t data,
-+ mach_msg_type_number_t datalen,
-+ loff_t offset,
-+ mach_msg_type_number_t *amount)
-+{
-+ error_t err;
-+
-+ /* Deny access if they have bad credentials. */
-+ if (! cred)
-+ return EOPNOTSUPP;
-+ else if (! (cred->po->openmodes & O_WRITE))
-+ return EBADF;
-+
-+ err = entropy_add (data, datalen, 0);
-+ *amount = datalen;
-+ return err;
-+}
-+
-+/* Tell how much data can be read from the object without blocking for
-+ a "long time" (this should be the same meaning of "long time" used
-+ by the nonblocking flag. */
-+kern_return_t
-+trivfs_S_io_readable (struct trivfs_protid *cred,
-+ mach_port_t reply, mach_msg_type_name_t replytype,
-+ mach_msg_type_number_t *amount)
-+{
-+ /* Deny access if they have bad credentials. */
-+ if (! cred)
-+ return EOPNOTSUPP;
-+ else if (! (cred->po->openmodes & O_READ))
-+ return EBADF;
-+
-+ pthread_mutex_lock (&entropy_lock);
-+
-+ *amount = entropy;
-+
-+ pthread_mutex_unlock (&entropy_lock);
-+
-+ return 0;
-+}
-+
-+/* SELECT_TYPE is the bitwise OR of SELECT_READ, SELECT_WRITE, and SELECT_URG.
-+ Block until one of the indicated types of i/o can be done "quickly", and
-+ return the types that are then available. ID_TAG is returned as passed; it
-+ is just for the convenience of the user in matching up reply messages with
-+ specific requests sent. */
-+error_t
-+trivfs_S_io_select (struct trivfs_protid *cred,
-+ mach_port_t reply,
-+ mach_msg_type_name_t reply_type,
-+ int *type)
-+{
-+ if (!cred)
-+ return EOPNOTSUPP;
-+
-+ /* We only deal with SELECT_READ and SELECT_WRITE here. */
-+ if (*type & ~(SELECT_READ | SELECT_WRITE))
-+ return EINVAL;
-+
-+ if (*type == 0)
-+ return 0;
-+
-+ pthread_mutex_lock (&entropy_lock);
-+
-+ while (1)
-+ {
-+ if (entropy > 0 || *type & SELECT_WRITE)
-+ {
-+ *type = (entropy > 0 ? SELECT_READ : 0) | (*type & SELECT_WRITE);
-+ pthread_mutex_unlock (&entropy_lock);
-+ return 0;
-+ }
-+
-+ ports_interrupt_self_on_port_death (cred, reply);
-+ read_blocked = 1;
-+
-+ if (pthread_hurd_cond_wait_np (&select_alert, &entropy_lock))
-+ {
-+ *type = 0;
-+ pthread_mutex_unlock (&entropy_lock);
-+ return EINTR;
-+ }
-+ }
-+}
-+
-+
-+/* Change current read/write offset */
-+error_t
-+trivfs_S_io_seek (struct trivfs_protid *cred,
-+ mach_port_t reply, mach_msg_type_name_t reply_type,
-+ loff_t offs, int whence, loff_t *new_offs)
-+{
-+ if (! cred)
-+ return EOPNOTSUPP;
-+
-+ /* Not seekable. */
-+ return ESPIPE;
-+}
-+
-+/* Change the size of the file. If the size increases, new blocks are
-+ zero-filled. After successful return, it is safe to reference mapped
-+ areas of the file up to NEW_SIZE. */
-+error_t
-+trivfs_S_file_set_size (struct trivfs_protid *cred,
-+ mach_port_t reply, mach_msg_type_name_t reply_type,
-+ loff_t size)
-+{
-+ if (!cred)
-+ return EOPNOTSUPP;
-+
-+ return size == 0 ? 0 : EINVAL;
-+}
-+
-+/* These four routines modify the O_APPEND, O_ASYNC, O_FSYNC, and
-+ O_NONBLOCK bits for the IO object. In addition, io_get_openmodes
-+ will tell you which of O_READ, O_WRITE, and O_EXEC the object can
-+ be used for. The O_ASYNC bit affects icky async I/O; good async
-+ I/O is done through io_async which is orthogonal to these calls. */
-+error_t
-+trivfs_S_io_set_all_openmodes(struct trivfs_protid *cred,
-+ mach_port_t reply,
-+ mach_msg_type_name_t reply_type,
-+ int mode)
-+{
-+ if (!cred)
-+ return EOPNOTSUPP;
-+
-+ return 0;
-+}
-+
-+error_t
-+trivfs_S_io_set_some_openmodes (struct trivfs_protid *cred,
-+ mach_port_t reply,
-+ mach_msg_type_name_t reply_type,
-+ int bits)
-+{
-+ if (!cred)
-+ return EOPNOTSUPP;
-+
-+ return 0;
-+}
-+
-+error_t
-+trivfs_S_io_get_owner (struct trivfs_protid *cred,
-+ mach_port_t reply,
-+ mach_msg_type_name_t reply_type,
-+ pid_t *owner)
-+{
-+ if (!cred)
-+ return EOPNOTSUPP;
-+
-+ *owner = 0;
-+ return 0;
-+}
-+
-+error_t
-+trivfs_S_io_mod_owner (struct trivfs_protid *cred,
-+ mach_port_t reply, mach_msg_type_name_t reply_type,
-+ pid_t owner)
-+{
-+ if (!cred)
-+ return EOPNOTSUPP;
-+
-+ return EINVAL;
-+}
-+
-+/* Return objects mapping the data underlying this memory object. If
-+ the object can be read then memobjrd will be provided; if the
-+ object can be written then memobjwr will be provided. For objects
-+ where read data and write data are the same, these objects will be
-+ equal, otherwise they will be disjoint. Servers are permitted to
-+ implement io_map but not io_map_cntl. Some objects do not provide
-+ mapping; they will set none of the ports and return an error. Such
-+ objects can still be accessed by io_read and io_write. */
-+error_t
-+trivfs_S_io_map(struct trivfs_protid *cred,
-+ mach_port_t reply, mach_msg_type_name_t reply_type,
-+ mach_port_t *rdobj,
-+ mach_msg_type_name_t *rdtype,
-+ mach_port_t *wrobj,
-+ mach_msg_type_name_t *wrtype)
-+{
-+ if (!cred)
-+ return EOPNOTSUPP;
-+
-+ return EINVAL;
-+}
-+
-+
-+int
-+random_demuxer (mach_msg_header_t *inp,
-+ mach_msg_header_t *outp)
-+{
-+ extern int startup_notify_server (mach_msg_header_t *, mach_msg_header_t *);
-+
-+ return (trivfs_demuxer (inp, outp)
-+ || startup_notify_server (inp, outp));
-+}
-+
-+
-+/* Options processing. We accept the same options on the command line
-+ and from fsys_set_options. */
-+
-+static const struct argp_option options[] =
-+{
-+ {"fast", 'f', 0, 0, "Output cheap random data fast"},
-+ {"secure", 's', 0, 0,
-+ "Output cryptographically secure random (the default)"},
-+ {"seed-file", 'S', "FILE", 0, "Use FILE to remember the seed"},
-+ {0}
-+};
-+
-+static error_t
-+parse_opt (int opt, char *arg, struct argp_state *state)
-+{
-+ switch (opt)
-+ {
-+ default:
-+ return ARGP_ERR_UNKNOWN;
-+ case ARGP_KEY_INIT:
-+ case ARGP_KEY_SUCCESS:
-+ case ARGP_KEY_ERROR:
-+ break;
-+
-+ case 'f':
-+ urandom = 1;
-+ break;
-+
-+ case 's':
-+ urandom = 0;
-+ break;
-+
-+ case 'S':
-+ seed_file = strdup (arg);
-+ break;
-+ }
-+ return 0;
-+}
-+
-+/* This will be called from libtrivfs to help construct the answer
-+ to an fsys_get_options RPC. */
-+error_t
-+trivfs_append_args (struct trivfs_control *fsys,
-+ char **argz, size_t *argz_len)
-+{
-+ error_t err = 0;
-+ char *opt;
-+
-+ err = argz_add (argz, argz_len, urandom ? "--fast" : "--secure");
-+ if (err)
-+ return err;
-+
-+ if (seed_file)
-+ {
-+ if (asprintf (&opt, "--seed-file=%s", seed_file) < 0)
-+ err = ENOMEM;
-+ else
-+ {
-+ err = argz_add (argz, argz_len, opt);
-+ free (opt);
-+ }
-+ }
-+
-+ return err;
-+}
-+
-+static struct argp random_argp =
-+{ options, parse_opt, 0,
-+ "A translator providing random output." };
-+
-+/* Setting this variable makes libtrivfs use our argp to
-+ parse options passed in an fsys_set_options RPC. */
-+struct argp *trivfs_runtime_argp = &random_argp;
-+
-+struct port_class *shutdown_notify_class;
-+
-+/* The system is going down; destroy all the extant port rights. That
-+ will cause net channels and such to close promptly. */
-+error_t
-+S_startup_dosync (mach_port_t handle)
-+{
-+ struct port_info *inpi = ports_lookup_port (fsys->pi.bucket, handle,
-+ shutdown_notify_class);
-+
-+ if (!inpi)
-+ return EOPNOTSUPP;
-+
-+ update_random_seed_file ();
-+ return 0;
-+}
-+
-+void
-+sigterm_handler (int signo)
-+{
-+ update_random_seed_file ();
-+ signal (SIGTERM, SIG_DFL);
-+ raise (SIGTERM);
-+}
-+
-+static error_t
-+arrange_shutdown_notification ()
-+{
-+ error_t err;
-+ mach_port_t initport, notify;
-+ struct port_info *pi;
-+
-+ shutdown_notify_class = ports_create_class (0, 0);
-+
-+ signal (SIGTERM, sigterm_handler);
-+
-+ /* Arrange to get notified when the system goes down,
-+ but if we fail for some reason, just silently give up. No big deal. */
-+
-+ err = ports_create_port (shutdown_notify_class, fsys->pi.bucket,
-+ sizeof (struct port_info), &pi);
-+ if (err)
-+ return err;
-+
-+ initport = file_name_lookup (_SERVERS_STARTUP, 0, 0);
-+ if (! MACH_PORT_VALID (initport))
-+ return errno;
-+
-+ notify = ports_get_send_right (pi);
-+ ports_port_deref (pi);
-+ err = startup_request_notification (initport, notify,
-+ MACH_MSG_TYPE_MAKE_SEND,
-+ program_invocation_short_name);
-+
-+ mach_port_deallocate (mach_task_self (), notify);
-+ mach_port_deallocate (mach_task_self (), initport);
-+ return err;
-+}
-+
-+int
-+main (int argc, char **argv)
-+{
-+ error_t err;
-+ mach_port_t bootstrap;
-+
-+ /* Initialize the lock that will protect everything.
-+ We must do this before argp_parse, because parse_opt (above) will
-+ use the lock. */
-+ pthread_mutex_init (&entropy_lock, NULL);
-+
-+ /* The conditions are used to implement proper read/select
-+ behaviour. */
-+ pthread_cond_init (&wait, NULL);
-+ pthread_cond_init (&select_alert, NULL);
-+
-+ /* We use the same argp for options available at startup
-+ as for options we'll accept in an fsys_set_options RPC. */
-+ argp_parse (&random_argp, argc, argv, 0, 0, 0);
-+
-+ initialize_gcrypt ();
-+
-+ task_get_bootstrap_port (mach_task_self (), &bootstrap);
-+ if (bootstrap == MACH_PORT_NULL)
-+ error (1, 0, "Must be started as a translator");
-+
-+ /* Reply to our parent */
-+ err = trivfs_startup (bootstrap, 0, 0, 0, 0, 0, &fsys);
-+ mach_port_deallocate (mach_task_self (), bootstrap);
-+ if (err)
-+ error (3, err, "trivfs_startup");
-+
-+ err = arrange_shutdown_notification ();
-+ if (err)
-+ error (0, err, "Cannot request shutdown notification");
-+
-+ err = start_gather_thread ();
-+ if (err)
-+ error (0, err, "Starting gatherer thread failed");
-+
-+ /* Launch. */
-+ ports_manage_port_operations_multithread (fsys->pi.bucket, random_demuxer,
-+ 10 * 1000, /* idle thread */
-+ 10 * 60 * 1000, /* idle server */
-+ 0);
-+ return 0;
-+}
---
-2.1.4
-
diff --git a/debian/patches/series b/debian/patches/series
index 8b4fa423..11ed9d3c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,4 +1,3 @@
-random0001-xxx-standalone-random-translator.patch
diskfs_no_inherit_dir_group.patch
init_try_runsystem.gnu.patch
makedev.diff