diff options
| author |   deraadt <deraadt@openbsd.org> | 2019-11-06 16:26:24 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2019-11-06 16:26:24 +0000 |
| commit | 6d6858e649b481d11efc65c60bf7b3faf31132da (patch) | |
| tree | d287bea157367358f1b9ed9e6b8463a3d8b32fb2 | |
| parent | Pull break into ifdef; noticed by bluhm who also OK'ed the previous (diff) | |
| download | wireguard-openbsd-6d6858e649b481d11efc65c60bf7b3faf31132da.tar.xz wireguard-openbsd-6d6858e649b481d11efc65c60bf7b3faf31132da.zip | |
we have emergency entropy injection code in rc, for if the bootblocks and
other methods failed to inject/churn the rng enough. Move it up far earlier.
ok naddy sthen kettenis
| -rw-r--r-- | etc/rc | 9 |
1 files changed, 4 insertions, 5 deletions
@@ -1,4 +1,4 @@ -# $OpenBSD: rc,v 1.539 2019/10/06 16:16:19 sthen Exp $ +# $OpenBSD: rc,v 1.540 2019/11/06 16:26:24 deraadt Exp $ # System startup script run by init on autoboot or after single-user. # Output and error are redirected to console by init, and the console is the @@ -353,6 +353,9 @@ if [[ $1 == shutdown ]]; then exit 0 fi +# If bootblocks failed to give us random, try to cause some churn +(dmesg; sysctl hw.{uuid,serialno,sensors} ) >/dev/random 2>&1 + # Add swap block-devices. swapctl -A -t blk @@ -443,10 +446,6 @@ ifconfig -g carp carpdemote 128 sh /etc/netstart -# Any write triggers a rekey. -dmesg >/dev/random -sysctl hw.{uuid,serialno,sensors} >/dev/random 2>&1 - # Load pf rules and bring up pfsync interface. if [[ $pf != NO ]]; then if [[ -f /etc/pf.conf ]]; then |