From 3a9b7267dd7ba537aafc40b217f14874a95d0a7c Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Wed, 4 Nov 2020 21:50:47 +0000
Subject: [PATCH] psusan: fix assertion failure in SFTP server.

Uppity's built-in SFTP server makes up its file handle identifiers
using random_read(). But when that server is reused in psusan, which
doesn't have the random number generator enabled, you get an assertion
failure.
---
 sshserver.h         |  3 +++
 unix/uxpsusan.c     | 10 ++++++++++
 unix/uxserver.c     |  5 +++++
 unix/uxsftpserver.c |  3 ++-
 4 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/sshserver.h b/sshserver.h
index f8c53bad..c0b2c933 100644
--- a/sshserver.h
+++ b/sshserver.h
@@ -132,3 +132,6 @@ int platform_make_x11_server(Plug *plug, const char *progname, int mindisp,
                              Socket **sockets, Conf *conf);
 
 Conf *make_ssh_server_conf(void);
+
+/* Provided by Unix front end programs to uxsftpserver.c */
+void make_unix_sftp_filehandle_key(void *data, size_t size);
diff --git a/unix/uxpsusan.c b/unix/uxpsusan.c
index 59de0a9a..6fb82da7 100644
--- a/unix/uxpsusan.c
+++ b/unix/uxpsusan.c
@@ -84,6 +84,16 @@ void timer_change_notify(unsigned long next)
 
 char *platform_get_x_display(void) { return NULL; }
 
+void make_unix_sftp_filehandle_key(void *vdata, size_t size)
+{
+    /* psusan runs without a random number generator, so we can't make
+     * this up by random_read. Fortunately, psusan is also
+     * non-adversarial, so it's safe to generate this trivially. */
+    unsigned char *data = (unsigned char *)vdata;
+    for (size_t i = 0; i < size; i++)
+        data[i] = (unsigned)rand() / ((unsigned)RAND_MAX / 256);
+}
+
 static bool verbose;
 
 struct server_instance {
diff --git a/unix/uxserver.c b/unix/uxserver.c
index 48a27d2c..65978dbe 100644
--- a/unix/uxserver.c
+++ b/unix/uxserver.c
@@ -103,6 +103,11 @@ void timer_change_notify(unsigned long next)
 
 char *platform_get_x_display(void) { return NULL; }
 
+void make_unix_sftp_filehandle_key(void *data, size_t size)
+{
+    random_read(data, size);
+}
+
 static bool verbose;
 
 struct AuthPolicyShared {
diff --git a/unix/uxsftpserver.c b/unix/uxsftpserver.c
index 8835442d..acefe9bd 100644
--- a/unix/uxsftpserver.c
+++ b/unix/uxsftpserver.c
@@ -20,6 +20,7 @@
 
 #include "putty.h"
 #include "ssh.h"
+#include "sshserver.h"
 #include "sftp.h"
 #include "tree234.h"
 
@@ -65,7 +66,7 @@ static SftpServer *uss_new(const SftpServerVtable *vt)
     uss->dirhandles = newtree234(uss_dirhandle_cmp);
     uss->srv.vt = vt;
 
-    random_read(uss->handlekey, sizeof(uss->handlekey));
+    make_unix_sftp_filehandle_key(uss->handlekey, sizeof(uss->handlekey));
 
     return &uss->srv;
 }