Allow skipping crediting

Might be desirable in certain scenarios.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

2 files changed, 12 insertions, 2 deletions

diff --git a/README.md b/README.md
index f95d75c..4ee9423 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,10 @@ when writing new seed files:
 new_seed = new_seed[:-32] || HASH(fixed_prefix || real_time || boot_time || old_seed_len || old_seed || new_seed_len || new_seed)
 ```
 
-The seed is stored in `LOCALSTATEDIR/seedrng/`, which can be adjusted at compile time.
+The seed is stored in `LOCALSTATEDIR/seedrng/`, which can be adjusted at
+compile time. If the `SEEDRNG_SKIP_CREDIT` environment variable is set to `1`,
+`true`, `yes`, or `y`, then seeds never credit the RNG, even if the seed file
+is creditable.
 
 ### Building & Installing
 
diff --git a/seedrng.c b/seedrng.c
index 982d8b5..f4c96e7 100644
--- a/seedrng.c
+++ b/seedrng.c
@@ -354,6 +354,13 @@ static int seed_from_file_if_exists(const char *filename, bool credit, struct bl
 	return ret;
 }
 
+static bool skip_credit(void)
+{
+	const char *skip = getenv("SEEDRNG_SKIP_CREDIT");
+	return skip && (!strcmp(skip, "1") || !strcasecmp(skip, "true") ||
+			!strcasecmp(skip, "yes") || !strcasecmp(skip, "y"));
+}
+
 int main(int argc __attribute__((unused)), char *argv[] __attribute__((unused)))
 {
 	static const char seedrng_prefix[] = "SeedRNG v1 Old+New Prefix";
@@ -392,7 +399,7 @@ int main(int argc __attribute__((unused)), char *argv[] __attribute__((unused)))
 	ret = seed_from_file_if_exists(NON_CREDITABLE_SEED, false, &hash);
 	if (ret < 0)
 		program_ret |= 1 << 1;
-	ret = seed_from_file_if_exists(CREDITABLE_SEED, true, &hash);
+	ret = seed_from_file_if_exists(CREDITABLE_SEED, !skip_credit(), &hash);
 	if (ret < 0)
 		program_ret |= 1 << 2;