On Thu, 2009-08-20 at 06:48 -0300, Piter PUNK wrote: > Hi! > > I am using corosync-1.0.0 and corosync-keygen always gives this error: > > # corosync-keygen > Corosync Cluster Engine Authentication key generator. > Gathering 1024 bits for key from /dev/random. > Could not read /dev/random: File exists > > To fix it I change the way corosync-keygen reads /dev/random. > With this patch, it will waits until we have read 1024 bits. > > corosync-keygen_fix_devrandom_read.patch > > Reading the list archives, I saw someone cames with a similar > solution and, in the answers, other guy have the idea about > using /dev/urandom instead /dev/random. > > With those ideas I create the second patch: > > corosync-keygen_add_many_options.patch > > This second patch: > > 1. Changes the default, reading from /dev/urandom > 2. Provides -r switch, to use /dev/random > 3. Fix /dev/random read and show a message asking the user to > type something on keyboard or move the mouse > 4. Add a check to not overwrite /etc/corosync/authkey by > default. The old behaviour (always overwrite) can be > restored using -f > 5. Add an usage_do function describing the new options. > > I hope it can be useful. > > Piter PUNK
The reread until entropy is available patch was already merged into trunk. Your add_options patch is welcome to be merged, but doesn't apply cleanly on top of trunk. Could you rebase it from trunk? To get trunk: svn co http://svn.fedorahosted.org/svn/corosync/trunk Regards -steve > plain text document attachment > (corosync-keygen_add_many_options.patch) > --- corosync-1.0.0/tools/corosync-keygen.c 2009-06-19 04:02:55.000000000 > -0300 > +++ corosync-1.0.0-new/tools/corosync-keygen.c 2009-08-20 > 06:29:46.000000000 -0300 > @@ -46,12 +46,48 @@ > > #define KEYFILE COROSYSCONFDIR "/authkey" > > -int main (void) { > - int authkey_fd; > - int random_fd; > +static void usage_do (void) > +{ > + printf ("\ncorosync-keygen [-r|-u] [-f]\n\n"); > + printf ("Corosync Cluster Engine Authentication key generator.\n"); > + printf ("\nOptions:\n"); > + printf ("\t-u\tUse /dev/urandom as entropy source (default).\n"); > + printf ("\t-r\tUse /dev/random as entropy source.\n"); > + printf ("\t-f\tForce " KEYFILE " overwrite.\n\n"); > +} > + > +int main (int argc, char *argv[]) { > + const char *options = "urfh"; > + char *entropysource = "/dev/urandom"; > + int authkey_fd, opt; > + int force = 0; > + int rnd = 0; > + FILE *random_fd; > unsigned char key[128]; > ssize_t res; > > + if (argc > 1) { > + while ( (opt = getopt(argc, argv, options)) != -1 ) { > + switch (opt) { > + case 'f': > + force = 1; > + break; > + case 'u': > + entropysource = "/dev/urandom"; > + rnd = 0; > + break; > + case 'r': > + entropysource = "/dev/random"; > + rnd = 1; > + break; > + default: > + usage_do(); > + exit (1); > + break; > + } > + } > + } > + > printf ("Corosync Cluster Engine Authentication key generator.\n"); > if (geteuid() != 0) { > printf ("Error: Authorization key must be generated as root > user.\n"); > @@ -64,22 +100,41 @@ > } > } > > - printf ("Gathering %lu bits for key from /dev/random.\n", (unsigned > long)(sizeof (key) * 8)); > - random_fd = open ("/dev/random", O_RDONLY); > - if (random_fd == -1) { > - perror ("Is /dev/random present? Opening /dev/random"); > + if ((fopen (KEYFILE, "r")) && (force == 0)) { > + printf ("Key file " KEYFILE " already exists.\n"); > + printf ("If you want a new key, remove "KEYFILE" or \n"); > + printf ("use -f option on command line.\n"); > exit (1); > } > > + printf ("Gathering %lu bits for key from %s.\n", (unsigned long)(sizeof > (key) * 8),entropysource); > + random_fd = fopen (entropysource, "r"); > + if (!random_fd) { > + if (rnd == 1) { > + perror ("Is /dev/random present? Opening /dev/random"); > + } else { > + perror ("Is /dev/urandom present? Opening > /dev/urandom"); > + } > + exit (1); > + } > + > + if (rnd == 1) { > + printf("Move your mouse or press keys on your keyboard to > generate entropy.\n"); > + } > + > /* > * Read random data > */ > - res = read (random_fd, key, sizeof (key)); > - if (res != sizeof (key)) { > - perror ("Could not read /dev/random"); > + res = fread (key, sizeof (key),1,random_fd); > + if (res == 0) { > + if (rnd == 1) { > + perror ("Could not read /dev/random"); > + } else { > + perror ("Could not read /dev/urandom"); > + } > exit (1); > } > - close (random_fd); > + fclose (random_fd); > > /* > * Open key > plain text document attachment > (corosync-keygen_fix_devrandom_read.patch) > --- corosync-1.0.0/tools/corosync-keygen.c 2009-06-19 04:02:55.000000000 > -0300 > +++ corosync-1.0.0-new/tools/corosync-keygen.c 2009-08-18 > 12:07:34.000000000 -0300 > @@ -48,7 +48,7 @@ > > int main (void) { > int authkey_fd; > - int random_fd; > + FILE * random_fd; > unsigned char key[128]; > ssize_t res; > > @@ -65,8 +65,8 @@ > } > > printf ("Gathering %lu bits for key from /dev/random.\n", (unsigned > long)(sizeof (key) * 8)); > - random_fd = open ("/dev/random", O_RDONLY); > - if (random_fd == -1) { > + random_fd = fopen ("/dev/random", "r"); > + if (!random_fd) { > perror ("Is /dev/random present? Opening /dev/random"); > exit (1); > } > @@ -74,12 +74,12 @@ > /* > * Read random data > */ > - res = read (random_fd, key, sizeof (key)); > - if (res != sizeof (key)) { > + res = fread (key, sizeof (key),1,random_fd); > + if (res == 0) { > perror ("Could not read /dev/random"); > exit (1); > } > - close (random_fd); > + fclose (random_fd); > > /* > * Open key > _______________________________________________ > Openais mailing list > [email protected] > https://lists.linux-foundation.org/mailman/listinfo/openais _______________________________________________ Openais mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/openais
