propagate from branch 'au.asn.ucc.matt.dropbear' (head 0501e6f661b5415eb76f3b312d183c3adfbfb712)

            to branch 'au.asn.ucc.matt.dropbear.cli-agent' (head 01038174ec27245b51bd43a66c01ad930880f67b)

--HG--
branch : agent-client
extra : convert_revision : 12b2f59db65e7339d340e95ac67d6d9ddb193c2b

1 files changed, 28 insertions, 3 deletions

diff --git a/random.c b/random.c
index b085962..a395728 100644
--- a/random.c
+++ b/random.c
@@ -30,8 +30,8 @@
 static int donerandinit = 0;
 
 /* this is used to generate unique output from the same hashpool */
-static unsigned int counter = 0;
-#define MAX_COUNTER 1000000/* the max value for the counter, so it won't loop */
+static uint32_t counter = 0;
+#define MAX_COUNTER 1<<31 /* the max value for the counter, so it won't loop */
 
 static unsigned char hashpool[SHA1_HASH_SIZE];
 
@@ -128,7 +128,8 @@ void seedrandom() {
 
 	hash_state hs;
 
-	/* initialise so compilers will be happy about hashing it */
+	/* initialise so that things won't warn about
+     * hashing an undefined buffer */
 	if (!donerandinit) {
 		m_burn(hashpool, sizeof(hashpool));
 	}
@@ -146,6 +147,30 @@ void seedrandom() {
 	donerandinit = 1;
 }
 
+/* hash the current random pool with some unique identifiers
+ * for this process and point-in-time. this is used to separate
+ * the random pools for fork()ed processes. */
+void reseedrandom() {
+
+    pid_t pid;
+    struct timeval tv;
+
+	if (!donerandinit) {
+		dropbear_exit("seedrandom not done");
+	}
+
+    pid = getpid();
+    gettimeofday(&tv, NULL);
+
+	hash_state hs;
+	unsigned char hash[SHA1_HASH_SIZE];
+	sha1_init(&hs);
+	sha1_process(&hs, (void*)hashpool, sizeof(hashpool));
+	sha1_process(&hs, (void*)&pid, sizeof(pid));
+	sha1_process(&hs, (void*)&tv, sizeof(tv));
+	sha1_done(&hs, hashpool);
+}
+
 /* return len bytes of pseudo-random data */
 void genrandom(unsigned char* buf, unsigned int len) {