Update entropy gathering for interface changes of pyOpenSSL.
Fixes: #7642
This commit is contained in:
parent
460c62860a
commit
ec2156ec42
|
@ -87,7 +87,7 @@ def add_entropy_sources_OpenSSL():
|
||||||
os.environ, os.getcwd(), os.getpid()]
|
os.environ, os.getcwd(), os.getpid()]
|
||||||
|
|
||||||
for s in sources:
|
for s in sources:
|
||||||
OpenSSL.rand.add(str(s).encode('utf-8'), 0.01)
|
OpenSSL.rand.add(str(s).encode('utf-8'), 1)
|
||||||
|
|
||||||
# On Windows add the current contents of the screen to the PRNG state.
|
# On Windows add the current contents of the screen to the PRNG state.
|
||||||
if os.name == 'nt':
|
if os.name == 'nt':
|
||||||
|
@ -105,7 +105,7 @@ def add_entropy_sources_OpenSSL():
|
||||||
# Limit the ammount of read bytes, in case a memory
|
# Limit the ammount of read bytes, in case a memory
|
||||||
# file was opened
|
# file was opened
|
||||||
OpenSSL.rand.add(str(fp.read(5000)).encode('utf-8'),
|
OpenSSL.rand.add(str(fp.read(5000)).encode('utf-8'),
|
||||||
0.01)
|
1)
|
||||||
except:
|
except:
|
||||||
# Ignore all read and access errors
|
# Ignore all read and access errors
|
||||||
pass
|
pass
|
||||||
|
|
|
@ -118,7 +118,7 @@ def get_context(fingerprint, verify_cb=None, remote_jid=None):
|
||||||
dh_params_name = os.path.join(gajim.MY_CERT_DIR, DH_PARAMS)
|
dh_params_name = os.path.join(gajim.MY_CERT_DIR, DH_PARAMS)
|
||||||
try:
|
try:
|
||||||
with open(dh_params_name, "r") as dh_params_file:
|
with open(dh_params_name, "r") as dh_params_file:
|
||||||
ctx.load_tmp_dh(dh_params_name)
|
ctx.load_tmp_dh(str(dh_params_name).encode('utf-8'))
|
||||||
except IOError as err:
|
except IOError as err:
|
||||||
log.warn('Unable to load DH parameter file: %s. You should generate it '
|
log.warn('Unable to load DH parameter file: %s. You should generate it '
|
||||||
'by using this command : "openssl dhparam 4096 -out '
|
'by using this command : "openssl dhparam 4096 -out '
|
||||||
|
@ -128,7 +128,7 @@ def get_context(fingerprint, verify_cb=None, remote_jid=None):
|
||||||
'other', DEFAULT_DH_PARAMS)
|
'other', DEFAULT_DH_PARAMS)
|
||||||
try:
|
try:
|
||||||
with open(default_dh_params_name, "r") as default_dh_params_file:
|
with open(default_dh_params_name, "r") as default_dh_params_file:
|
||||||
ctx.load_tmp_dh(default_dh_params_name)
|
ctx.load_tmp_dh(str(default_dh_params_name).encode('utf-8'))
|
||||||
except IOError as err:
|
except IOError as err:
|
||||||
log.error('Unable to load default DH parameter file: %s , %s'
|
log.error('Unable to load default DH parameter file: %s , %s'
|
||||||
% (default_dh_params_name, err))
|
% (default_dh_params_name, err))
|
||||||
|
|
|
@ -320,7 +320,7 @@ try:
|
||||||
from common import crypto
|
from common import crypto
|
||||||
PYOPENSSL_PRNG_PRESENT = True
|
PYOPENSSL_PRNG_PRESENT = True
|
||||||
# Seed from file
|
# Seed from file
|
||||||
OpenSSL.rand.load_file(RNG_SEED)
|
OpenSSL.rand.load_file(str(RNG_SEED).encode('utf-8'))
|
||||||
crypto.add_entropy_sources_OpenSSL()
|
crypto.add_entropy_sources_OpenSSL()
|
||||||
except ImportError:
|
except ImportError:
|
||||||
log.info("PyOpenSSL PRNG not available")
|
log.info("PyOpenSSL PRNG not available")
|
||||||
|
@ -473,7 +473,7 @@ del pid_dir
|
||||||
def on_exit():
|
def on_exit():
|
||||||
# Save the entropy from OpenSSL PRNG
|
# Save the entropy from OpenSSL PRNG
|
||||||
if PYOPENSSL_PRNG_PRESENT:
|
if PYOPENSSL_PRNG_PRESENT:
|
||||||
OpenSSL.rand.write_file(RNG_SEED)
|
OpenSSL.rand.write_file(str(RNG_SEED).encode('utf-8'))
|
||||||
# delete pid file on normal exit
|
# delete pid file on normal exit
|
||||||
if os.path.exists(pid_filename):
|
if os.path.exists(pid_filename):
|
||||||
os.remove(pid_filename)
|
os.remove(pid_filename)
|
||||||
|
|
Loading…
Reference in New Issue