Hi!
I am using corosync-1.0.0 and corosync-keygen always gives this error:
# corosync-keygen
Corosync Cluster Engine Authentication key generator.
Gathering 1024 bits for key from /dev/random.
Could not read /dev/random: File exists
To fix it I change the way corosync-keygen reads /dev/random.
With this patch, it will waits until we have read 1024 bits.
corosync-keygen_fix_devrandom_read.patch
Reading the list archives, I saw someone cames with a similar
solution and, in the answers, other guy have the idea about
using /dev/urandom instead /dev/random.
With those ideas I create the second patch:
corosync-keygen_add_many_options.patch
This second patch:
1. Changes the default, reading from /dev/urandom
2. Provides -r switch, to use /dev/random
3. Fix /dev/random read and show a message asking the user to
type something on keyboard or move the mouse
4. Add a check to not overwrite /etc/corosync/authkey by
default. The old behaviour (always overwrite) can be
restored using -f
5. Add an usage_do function describing the new options.
I hope it can be useful.
Piter PUNK
--- corosync-1.0.0/tools/corosync-keygen.c 2009-06-19 04:02:55.000000000
-0300
+++ corosync-1.0.0-new/tools/corosync-keygen.c 2009-08-20 06:29:46.000000000
-0300
@@ -46,12 +46,48 @@
#define KEYFILE COROSYSCONFDIR "/authkey"
-int main (void) {
- int authkey_fd;
- int random_fd;
+static void usage_do (void)
+{
+ printf ("\ncorosync-keygen [-r|-u] [-f]\n\n");
+ printf ("Corosync Cluster Engine Authentication key generator.\n");
+ printf ("\nOptions:\n");
+ printf ("\t-u\tUse /dev/urandom as entropy source (default).\n");
+ printf ("\t-r\tUse /dev/random as entropy source.\n");
+ printf ("\t-f\tForce " KEYFILE " overwrite.\n\n");
+}
+
+int main (int argc, char *argv[]) {
+ const char *options = "urfh";
+ char *entropysource = "/dev/urandom";
+ int authkey_fd, opt;
+ int force = 0;
+ int rnd = 0;
+ FILE *random_fd;
unsigned char key[128];
ssize_t res;
+ if (argc > 1) {
+ while ( (opt = getopt(argc, argv, options)) != -1 ) {
+ switch (opt) {
+ case 'f':
+ force = 1;
+ break;
+ case 'u':
+ entropysource = "/dev/urandom";
+ rnd = 0;
+ break;
+ case 'r':
+ entropysource = "/dev/random";
+ rnd = 1;
+ break;
+ default:
+ usage_do();
+ exit (1);
+ break;
+ }
+ }
+ }
+
printf ("Corosync Cluster Engine Authentication key generator.\n");
if (geteuid() != 0) {
printf ("Error: Authorization key must be generated as root
user.\n");
@@ -64,22 +100,41 @@
}
}
- printf ("Gathering %lu bits for key from /dev/random.\n", (unsigned
long)(sizeof (key) * 8));
- random_fd = open ("/dev/random", O_RDONLY);
- if (random_fd == -1) {
- perror ("Is /dev/random present? Opening /dev/random");
+ if ((fopen (KEYFILE, "r")) && (force == 0)) {
+ printf ("Key file " KEYFILE " already exists.\n");
+ printf ("If you want a new key, remove "KEYFILE" or \n");
+ printf ("use -f option on command line.\n");
exit (1);
}
+ printf ("Gathering %lu bits for key from %s.\n", (unsigned long)(sizeof
(key) * 8),entropysource);
+ random_fd = fopen (entropysource, "r");
+ if (!random_fd) {
+ if (rnd == 1) {
+ perror ("Is /dev/random present? Opening /dev/random");
+ } else {
+ perror ("Is /dev/urandom present? Opening
/dev/urandom");
+ }
+ exit (1);
+ }
+
+ if (rnd == 1) {
+ printf("Move your mouse or press keys on your keyboard to
generate entropy.\n");
+ }
+
/*
* Read random data
*/
- res = read (random_fd, key, sizeof (key));
- if (res != sizeof (key)) {
- perror ("Could not read /dev/random");
+ res = fread (key, sizeof (key),1,random_fd);
+ if (res == 0) {
+ if (rnd == 1) {
+ perror ("Could not read /dev/random");
+ } else {
+ perror ("Could not read /dev/urandom");
+ }
exit (1);
}
- close (random_fd);
+ fclose (random_fd);
/*
* Open key
--- corosync-1.0.0/tools/corosync-keygen.c 2009-06-19 04:02:55.000000000
-0300
+++ corosync-1.0.0-new/tools/corosync-keygen.c 2009-08-18 12:07:34.000000000
-0300
@@ -48,7 +48,7 @@
int main (void) {
int authkey_fd;
- int random_fd;
+ FILE * random_fd;
unsigned char key[128];
ssize_t res;
@@ -65,8 +65,8 @@
}
printf ("Gathering %lu bits for key from /dev/random.\n", (unsigned
long)(sizeof (key) * 8));
- random_fd = open ("/dev/random", O_RDONLY);
- if (random_fd == -1) {
+ random_fd = fopen ("/dev/random", "r");
+ if (!random_fd) {
perror ("Is /dev/random present? Opening /dev/random");
exit (1);
}
@@ -74,12 +74,12 @@
/*
* Read random data
*/
- res = read (random_fd, key, sizeof (key));
- if (res != sizeof (key)) {
+ res = fread (key, sizeof (key),1,random_fd);
+ if (res == 0) {
perror ("Could not read /dev/random");
exit (1);
}
- close (random_fd);
+ fclose (random_fd);
/*
* Open key
_______________________________________________
Openais mailing list
[email protected]
https://lists.linux-foundation.org/mailman/listinfo/openais
