本文整理汇总了C++中RAND_file_name函数的典型用法代码示例。如果您正苦于以下问题:C++ RAND_file_name函数的具体用法?C++ RAND_file_name怎么用?C++ RAND_file_name使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了RAND_file_name函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: openssl_random_load
/***
load rand seed from file
@function rand_load
@tparam[opt=nil] string file path to laod seed, default openssl management
@treturn boolean result
*/
static int openssl_random_load(lua_State*L)
{
const char *file = luaL_optstring(L, 1, NULL);
char buffer[MAX_PATH];
int len;
if (file == NULL)
file = RAND_file_name(buffer, sizeof buffer);
#ifndef OPENSSL_NO_EGD
else if (RAND_egd(file) > 0)
{
/* we try if the given filename is an EGD socket.
if it is, we don't write anything back to the file. */;
lua_pushboolean(L, 1);
return 1;
}
#endif
len = luaL_optinteger(L, 2, 2048);
if (file == NULL || !RAND_load_file(file, len))
{
return openssl_pushresult(L, 0);
}
lua_pushboolean(L, RAND_status());
return 1;
}示例2: do_SSL_randomize
void do_SSL_randomize()
{
enum { RAND_VALS = 32 };
int randbuf[RAND_VALS];
char fname[512];
int use_rand_file;
time_t t;
int i, c;
/* if they have a /dev/urandom we can skip this function */
if (RAND_status() != 0)
return;
t = time(0);
RAND_seed((char *)&t, sizeof(time_t));
/* have they specified a random file with RANDFILE environment variable? */
use_rand_file = RAND_file_name(fname, sizeof(fname)) ? 1 : 0;
if (use_rand_file)
RAND_load_file(fname, 4096);
/* stuff it with packets of random numbers until it is satisfied */
for (i = 0; i < 256 && RAND_status() == 0; i++)
{
for (c = 0; c < RAND_VALS; c++)
randbuf[c] = rand();
RAND_seed((char *)randbuf, sizeof(int) * RAND_VALS);
}
}示例3: _randfile
int
_randfile( void )
{
char randfile[ MAXPATHLEN ];
/* generates a default path for the random seed file */
if ( RAND_file_name( randfile, sizeof( randfile )) == NULL ) {
fprintf( stderr, "RAND_file_name: %s\n",
ERR_error_string( ERR_get_error(), NULL ));
return( -1 );
}
/* reads the complete randfile and adds them to the PRNG */
if ( RAND_load_file( randfile, -1 ) <= 0 ) {
fprintf( stderr, "RAND_load_file: %s: %s\n", randfile,
ERR_error_string( ERR_get_error(), NULL ));
return( -1 );
}
/* writes a number of random bytes (currently 1024) to randfile */
if ( RAND_write_file( randfile ) < 0 ) {
fprintf( stderr, "RAND_write_file: %s: %s\n", randfile,
ERR_error_string( ERR_get_error(), NULL ));
return( -1 );
}
return( 0 );
}示例4: sizeof
SSL *getSSL(void)
{
if (!context) {
const SSL_METHOD *m;
unsigned char f_randfile[PATH_MAX];
const unsigned char *f = (const unsigned char *)RAND_file_name(cast_char f_randfile, sizeof(f_randfile));
if (f && RAND_egd(cast_const_char f)<0) {
/* Not an EGD, so read and write to it */
if (RAND_load_file(cast_const_char f_randfile, -1))
RAND_write_file(cast_const_char f_randfile);
}
SSLeay_add_ssl_algorithms();
m = SSLv23_client_method();
if (!m) return NULL;
context = SSL_CTX_new((void *)m);
if (!context) return NULL;
SSL_CTX_set_options(context, SSL_OP_ALL);
SSL_CTX_set_default_verify_paths(context);
/* needed for systems without /dev/random, but obviously kills security. */
/*{
unsigned char pool[32768];
int i;
int rs;
struct timeval tv;
EINTRLOOP(rs, gettimeofday(&tv, NULL));
for (i = 0; i < sizeof pool; i++) pool[i] = random() ^ tv.tv_sec ^ tv.tv_usec;
RAND_add(pool, sizeof pool, sizeof pool);
}*/
}
return (SSL_new(context));
}示例5: openssl_bioBS_random
void openssl_bioBS_random()
{
int size;
const char *p;
unsigned char outs[SHA_DIGEST_LENGTH + 16] = { 0 };
char buf[32], filename[COMM_LEN];
strcpy(buf, "bioBS random");
RAND_add(buf, 32, strlen(buf));
strcpy(buf, "beike2012");
RAND_seed(buf, 32);
while (1) {
if (RAND_status() == 1)
break;
else
RAND_poll();
}
p = RAND_file_name(filename, COMM_LEN);
RAND_write_file(p);
RAND_load_file(p, MAX1_LEN);
RAND_bytes(outs, sizeof(outs));
printf("\nBIO_RANDOM() = ");
for (size = 0; size < strlen((char *)&outs); size++)
printf("%.02x", outs[size]);
printf("\n");
RAND_cleanup();
}示例6: init_openssl
static void
init_openssl(struct module *module)
{
unsigned char f_randfile[PATH_MAX];
/* In a nutshell, on OS's without a /dev/urandom, the OpenSSL library
* cannot initialize the PRNG and so every attempt to use SSL fails.
* It's actually an OpenSSL FAQ, and according to them, it's up to the
* application coders to seed the RNG. -- William Yodlowsky */
RAND_file_name(f_randfile, sizeof(f_randfile));
#ifdef HAVE_RAND_EGD
if (RAND_egd(f_randfile) < 0) {
/* Not an EGD, so read and write to it */
#endif
if (RAND_load_file(f_randfile, -1))
RAND_write_file(f_randfile);
#ifdef HAVE_RAND_EGD
}
#endif
SSLeay_add_ssl_algorithms();
context = SSL_CTX_new(SSLv23_client_method());
SSL_CTX_set_options(context, SSL_OP_ALL);
SSL_CTX_set_default_verify_paths(context);
socket_SSL_ex_data_idx = SSL_get_ex_new_index(0, NULL,
NULL,
socket_SSL_ex_data_dup,
NULL);
}示例7: seed_something
static int
seed_something(void)
{
#ifndef NO_RANDFILE
char buf[1024], seedfile[256];
/* If there is a seed file, load it. But such a file cannot be trusted,
so use 0 for the entropy estimate */
if (RAND_file_name(seedfile, sizeof(seedfile))) {
int fd;
fd = open(seedfile, O_RDONLY | O_BINARY | O_CLOEXEC);
if (fd >= 0) {
ssize_t ret;
rk_cloexec(fd);
ret = read(fd, buf, sizeof(buf));
if (ret > 0)
RAND_add(buf, ret, 0.0);
close(fd);
} else
seedfile[0] = '\0';
} else
seedfile[0] = '\0';
#endif
/* Calling RAND_status() will try to use /dev/urandom if it exists so
we do not have to deal with it. */
if (RAND_status() != 1) {
#if defined(HAVE_RAND_EGD)
krb5_context context;
const char *p;
#ifndef OPENSSL_NO_EGD
/* Try using egd */
if (!krb5_init_context(&context)) {
p = krb5_config_get_string(context, NULL, "libdefaults",
"egd_socket", NULL);
if (p != NULL)
RAND_egd_bytes(p, ENTROPY_NEEDED);
krb5_free_context(context);
}
#endif
#else
/* TODO: Once a Windows CryptoAPI RAND method is defined, we
can use that and failover to another method. */
#endif
}
if (RAND_status() == 1) {
#ifndef NO_RANDFILE
/* Update the seed file */
if (seedfile[0])
RAND_write_file(seedfile);
#endif
return 0;
} else
return -1;
}示例8: seed_prng
int seed_prng(char **errstr)
{
char randfile[512];
time_t t;
int prn;
int system_prn_max = 1024;
/* Most systems have /dev/random or other sources of random numbers that
* OpenSSL can use to seed itself.
* The only system I know of where we must seed the PRNG is DOS.
*/
if (!RAND_status())
{
if (!RAND_file_name(randfile, 512))
{
*errstr = xasprintf(_("no environment variables RANDFILE or HOME, "
"or filename of rand file too long"));
return TLS_ESEED;
}
if (RAND_load_file(randfile, -1) < 1)
{
*errstr = xasprintf(_("%s: input error"), randfile);
return TLS_ESEED;
}
/* Seed in time. I can't think of other "random" things on DOS
* systems. */
if ((t = time(NULL)) < 0)
{
*errstr = xasprintf(_("cannot get system time: %s"),
strerror(errno));
return TLS_ESEED;
}
RAND_seed((unsigned char *)&t, sizeof(time_t));
/* If the RANDFILE + time is not enough, we fall back to the insecure
* and stupid method of seeding OpenSSLs PRNG with the systems PRNG. */
if (!RAND_status())
{
srand((unsigned int)(t % UINT_MAX));
while (!RAND_status() && system_prn_max > 0)
{
prn = rand();
RAND_seed(&prn, sizeof(int));
system_prn_max--;
}
}
/* Are we happy now? */
if (!RAND_status())
{
*errstr = xasprintf(_("random file + time + pseudo randomness is "
"not enough, giving up"));
return TLS_ESEED;
}
/* Save a rand file for later usage. We ignore errors here as we can't
* do anything about them. */
(void)RAND_write_file(randfile);
}
return TLS_EOK;
}示例9: buffer_init
void SSLConnection::init () {
did_init = false;
buffer_t path;
buffer_init(&path);
buffer_grow(&path,_POSIX_PATH_MAX+1);
if (!HAVE_ENTROPY ()) {
/* load entropy from files */
if (SSLEntropyFile)
add_entropy (SSLEntropyFile);
add_entropy (RAND_file_name (path.str,path.size));
/* load entropy from egd sockets */
#ifdef HAVE_RAND_EGD
add_entropy (getenv ("EGDSOCKET"));
buffer_shrink(&path,0);
buffer_add_str(&path,NONULL(Homedir),-1);
buffer_add_str(&path,"/.entropy",9);
add_entropy (path.str);
add_entropy ("/tmp/entropy");
#endif
/* shuffle $RANDFILE (or ~/.rnd if unset) */
RAND_write_file (RAND_file_name (path.str,path.size));
if (!HAVE_ENTROPY ()) {
buffer_t msg; buffer_init(&msg);
buffer_add_str(&msg,_("Failed to find enough entropy on your system"),-1);
displayError.emit(&msg);
buffer_free(&msg);
buffer_free(&path);
return;
}
}
/*
* I don't think you can do this just before reading the error.
* The call itself might clobber the last SSL error.
*/
SSL_load_error_strings ();
SSL_library_init ();
did_init = true;
buffer_free(&path);
}示例10: HTSSL_init
/*
** Create an SSL application context if not already done
*/
PUBLIC BOOL HTSSL_init (void)
{
char rnd_filename[HT_MAX_PATH];
/*
** Initialise OpenSSL 0.9.5 random number generator.
** The random generator of OpenSSL had to be initialised on platforms
** that do not support /dev/random, like Compaq True64 Unix.
** This is done in the default way, and means that the user of the
** libwww-ssl library needs to have a .rnd file in his/her home-directory.
*/
RAND_file_name(rnd_filename, sizeof(rnd_filename));
RAND_load_file(rnd_filename, -1);
if (!app_ctx) {
SSL_METHOD * meth = NULL;
SSLeay_add_ssl_algorithms();
/* Seems to provide English error messages */
SSL_load_error_strings();
/* select the protocol method */
switch (ssl_prot_method) {
case HTSSL_V2:
meth = SSLv2_client_method();
break;
case HTSSL_V3:
meth = SSLv3_client_method();
break;
case HTSSL_V23:
meth = SSLv23_client_method();
break;
default:
case HTTLS_V1:
meth = TLSv1_client_method();
break;
}
/* set up the application context */
if ((app_ctx = SSL_CTX_new(meth)) == NULL) {
HTTRACE(PROT_TRACE, "HTSSLContext Could not create context\n");
return NO;
}
HTTRACE(PROT_TRACE, "HTSSLContext Created context %p" _ app_ctx);
/* See the SSL states in our own callback */
#ifdef HTDEBUG
SSL_CTX_set_info_callback(app_ctx, apps_ssl_info_callback);
#endif
/* Set the certificate verification callback */
SSL_CTX_set_verify(app_ctx, SSL_VERIFY_PEER, verify_callback);
/* Not sure what this does */
SSL_CTX_set_session_cache_mode(app_ctx, SSL_SESS_CACHE_CLIENT);
}
return YES;
}示例11: ssl_init
/**
* ssl_init - Initialise the SSL library
* @retval 0 Success
* @retval -1 Error
*
* OpenSSL library needs to be fed with sufficient entropy. On systems with
* /dev/urandom, this is done transparently by the library itself, on other
* systems we need to fill the entropy pool ourselves.
*
* Even though only OpenSSL 0.9.5 and later will complain about the lack of
* entropy, we try to our best and fill the pool with older versions also.
* (That's the reason for the ugly ifdefs and macros, otherwise I could have
* simply ifdef'd the whole ssl_init function)
*/
static int ssl_init(void)
{
static bool init_complete = false;
if (init_complete)
return 0;
if (!HAVE_ENTROPY())
{
/* load entropy from files */
char path[PATH_MAX];
add_entropy(C_EntropyFile);
add_entropy(RAND_file_name(path, sizeof(path)));
/* load entropy from egd sockets */
#ifdef HAVE_RAND_EGD
add_entropy(mutt_str_getenv("EGDSOCKET"));
snprintf(path, sizeof(path), "%s/.entropy", NONULL(HomeDir));
add_entropy(path);
add_entropy("/tmp/entropy");
#endif
/* shuffle $RANDFILE (or ~/.rnd if unset) */
RAND_write_file(RAND_file_name(path, sizeof(path)));
mutt_clear_error();
if (!HAVE_ENTROPY())
{
mutt_error(_("Failed to find enough entropy on your system"));
return -1;
}
}
/* OpenSSL performs automatic initialization as of 1.1.
* However LibreSSL does not (as of 2.8.3). */
#if (defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L) || \
(defined(LIBRESSL_VERSION_NUMBER))
/* I don't think you can do this just before reading the error. The call
* itself might clobber the last SSL error. */
SSL_load_error_strings();
SSL_library_init();
#endif
init_complete = true;
return 0;
}示例12: openssl_random_write
/***
save rand seed to file
@function rand_write
@tparam[opt=nil] string file path to save seed, default openssl management
@treturn bool result
*/
static int openssl_random_write(lua_State *L)
{
const char *file = luaL_optstring(L, 1, NULL);
char buffer[MAX_PATH];
if (file == NULL && (file = RAND_file_name(buffer, sizeof buffer)) == NULL)
return openssl_pushresult(L, 0);
RAND_write_file(file);
return openssl_pushresult(L, 1);
}示例13: ssl_init
/*
* OpenSSL library needs to be fed with sufficient entropy. On systems
* with /dev/urandom, this is done transparently by the library itself,
* on other systems we need to fill the entropy pool ourselves.
*
* Even though only OpenSSL 0.9.5 and later will complain about the
* lack of entropy, we try to our best and fill the pool with older
* versions also. (That's the reason for the ugly #ifdefs and macros,
* otherwise I could have simply #ifdef'd the whole ssl_init funcion)
*/
static int ssl_init (void)
{
char path[_POSIX_PATH_MAX];
static unsigned char init_complete = 0;
if (init_complete)
return 0;
if (! HAVE_ENTROPY())
{
/* load entropy from files */
add_entropy (SslEntropyFile);
add_entropy (RAND_file_name (path, sizeof (path)));
/* load entropy from egd sockets */
#ifdef HAVE_RAND_EGD
add_entropy (getenv ("EGDSOCKET"));
snprintf (path, sizeof(path), "%s/.entropy", NONULL(Homedir));
add_entropy (path);
add_entropy ("/tmp/entropy");
#endif
/* shuffle $RANDFILE (or ~/.rnd if unset) */
RAND_write_file (RAND_file_name (path, sizeof (path)));
mutt_clear_error ();
if (! HAVE_ENTROPY())
{
mutt_error (_("Failed to find enough entropy on your system"));
mutt_sleep (2);
return -1;
}
}
/* I don't think you can do this just before reading the error. The call
* itself might clobber the last SSL error. */
SSL_load_error_strings();
SSL_library_init();
init_complete = 1;
return 0;
}示例14: rand_write
static int rand_write(lua_State *L)
{
const char *name = luaL_optstring(L, 1, 0);
char tmp[256];
int n;
if (!name && !(name = RAND_file_name(tmp, sizeof tmp)))
return crypto_error(L);
n = RAND_write_file(name);
if (n == 0)
return crypto_error(L);
lua_pushnumber(L, n);
return 1;
}示例15: crypto_deinit
void
crypto_deinit(void)
{
char rnd_file[256];
if (randfile_loaded)
{
RAND_file_name(rnd_file, sizeof(rnd_file));
if (rnd_file[0])
RAND_write_file(rnd_file);
}
crypto_deinit_threading();
}