Module Name: src
Committed By: martin
Date: Wed Nov 4 14:29:40 UTC 2020
Modified Files:
src/usr.sbin/sysinst: Makefile.inc defs.h install.c menus.mi msg.mi.de
msg.mi.en msg.mi.es msg.mi.fr msg.mi.pl msg.pm.de msg.pm.en
msg.pm.es msg.pm.fr msg.pm.pl upgrade.c util.c
src/usr.sbin/sysinst/arch/atari: Makefile
src/usr.sbin/sysinst/arch/ews4800mips: Makefile
Added Files:
src/usr.sbin/sysinst: menus.entropy msg.entropy.de msg.entropy.en
msg.entropy.es msg.entropy.fr msg.entropy.pl
Log Message:
Add (experimental) entropy input support:
Early during new installs or after upgrades we check if entropy is
available. If not (no hardware random number generator available)
we inform the user and ask them to fix it.
To generate a diff of this commit:
cvs rdiff -u -r1.36 -r1.37 src/usr.sbin/sysinst/Makefile.inc
cvs rdiff -u -r1.68 -r1.69 src/usr.sbin/sysinst/defs.h
cvs rdiff -u -r1.19 -r1.20 src/usr.sbin/sysinst/install.c
cvs rdiff -u -r0 -r1.1 src/usr.sbin/sysinst/menus.entropy \
src/usr.sbin/sysinst/msg.entropy.de src/usr.sbin/sysinst/msg.entropy.en \
src/usr.sbin/sysinst/msg.entropy.es src/usr.sbin/sysinst/msg.entropy.fr \
src/usr.sbin/sysinst/msg.entropy.pl
cvs rdiff -u -r1.23 -r1.24 src/usr.sbin/sysinst/menus.mi
cvs rdiff -u -r1.26 -r1.27 src/usr.sbin/sysinst/msg.mi.de
cvs rdiff -u -r1.34 -r1.35 src/usr.sbin/sysinst/msg.mi.en \
src/usr.sbin/sysinst/msg.mi.pl
cvs rdiff -u -r1.28 -r1.29 src/usr.sbin/sysinst/msg.mi.es
cvs rdiff -u -r1.33 -r1.34 src/usr.sbin/sysinst/msg.mi.fr
cvs rdiff -u -r1.2 -r1.3 src/usr.sbin/sysinst/msg.pm.de \
src/usr.sbin/sysinst/msg.pm.en src/usr.sbin/sysinst/msg.pm.es \
src/usr.sbin/sysinst/msg.pm.fr src/usr.sbin/sysinst/msg.pm.pl
cvs rdiff -u -r1.16 -r1.17 src/usr.sbin/sysinst/upgrade.c
cvs rdiff -u -r1.53 -r1.54 src/usr.sbin/sysinst/util.c
cvs rdiff -u -r1.4 -r1.5 src/usr.sbin/sysinst/arch/atari/Makefile
cvs rdiff -u -r1.3 -r1.4 src/usr.sbin/sysinst/arch/ews4800mips/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.sbin/sysinst/Makefile.inc
diff -u src/usr.sbin/sysinst/Makefile.inc:1.36 src/usr.sbin/sysinst/Makefile.inc:1.37
--- src/usr.sbin/sysinst/Makefile.inc:1.36 Fri Oct 30 18:47:38 2020
+++ src/usr.sbin/sysinst/Makefile.inc Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.inc,v 1.36 2020/10/30 18:47:38 martin Exp $
+# $NetBSD: Makefile.inc,v 1.37 2020/11/04 14:29:40 martin Exp $
#
# Makefile for sysinst
@@ -47,6 +47,11 @@ SRCS+= mbr.c
CPPFLAGS+= -DNO_CLONES
.endif
+.if ${CHECK_ENTROPY:Uyes} != "no"
+MENUS_MI+= menus.entropy
+CPPFLAGS+= -DCHECK_ENTROPY=1
+.endif
+
MSG_MD?= msg.md.${SYSINSTLANG}
MENUS_MD?= menus.md.${SYSINSTLANG}
@@ -197,7 +202,11 @@ msgtouch: ${DISTRIBVERDEP}
touch ${.TARGET}
.if !defined(NOPARTMAN)
-MSG_MD+= msg.pm.${SYSINSTLANG}
+MSG_MD+= msg.pm.${SYSINSTLANG}
+.endif
+
+.if ${CHECK_ENTROPY:Uyes} != "no"
+MSG_MD+= msg.entropy.${SYSINSTLANG}
.endif
msg.def: msg.mi.${SYSINSTLANG} ${MSG_MD} msgtouch
Index: src/usr.sbin/sysinst/defs.h
diff -u src/usr.sbin/sysinst/defs.h:1.68 src/usr.sbin/sysinst/defs.h:1.69
--- src/usr.sbin/sysinst/defs.h:1.68 Fri Oct 30 18:47:38 2020
+++ src/usr.sbin/sysinst/defs.h Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: defs.h,v 1.68 2020/10/30 18:47:38 martin Exp $ */
+/* $NetBSD: defs.h,v 1.69 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -41,6 +41,7 @@
#include <sys/queue.h>
#include <sys/types.h>
#include <sys/disk.h>
+#include <limits.h>
#include <uuid.h>
const char *getfslabelname(uint, uint);
@@ -604,6 +605,7 @@ extern struct ftpinfo ftp, pkg, pkgsrc;
extern int (*fetch_fn)(const char *);
extern char nfs_host[STRSIZE];
extern char nfs_dir[STRSIZE];
+extern char entropy_file[PATH_MAX];
extern char cdrom_dev[SSTRSIZE]; /* Typically "cd0a" */
extern char fd_dev[SSTRSIZE]; /* Typically "/dev/fd0a" */
@@ -888,6 +890,7 @@ bool install_desc_from_parts(struct inst
struct disk_partitions*);
void free_install_desc(struct install_partition_desc*);
bool may_swap_if_not_sdmmc(const char*);
+bool do_check_entropy(void);
/* from target.c */
#if defined(DEBUG) || defined(DEBUG_ROOT)
Index: src/usr.sbin/sysinst/install.c
diff -u src/usr.sbin/sysinst/install.c:1.19 src/usr.sbin/sysinst/install.c:1.20
--- src/usr.sbin/sysinst/install.c:1.19 Wed Oct 14 13:20:27 2020
+++ src/usr.sbin/sysinst/install.c Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: install.c,v 1.19 2020/10/14 13:20:27 martin Exp $ */
+/* $NetBSD: install.c,v 1.20 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -168,6 +168,13 @@ do_install(void)
return;
#endif
+#ifdef CHECK_ENTROPY
+ if (!do_check_entropy()) {
+ hit_enter_to_continue(MSG_abort_installation, NULL);
+ return;
+ }
+#endif
+
memset(&install, 0, sizeof install);
/* Create and mount partitions */
Index: src/usr.sbin/sysinst/menus.mi
diff -u src/usr.sbin/sysinst/menus.mi:1.23 src/usr.sbin/sysinst/menus.mi:1.24
--- src/usr.sbin/sysinst/menus.mi:1.23 Tue Oct 27 15:28:01 2020
+++ src/usr.sbin/sysinst/menus.mi Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: menus.mi,v 1.23 2020/10/27 15:28:01 martin Exp $ */
+/* $NetBSD: menus.mi,v 1.24 2020/11/04 14:29:40 martin Exp $ */
/*-
* Copyright (c) 2003 The NetBSD Foundation, Inc.
@@ -661,5 +661,3 @@ menu reedit, title MSG_reeditpart, y=-10
action {((arg_rep_int*)arg)->rv = 2;};
option MSG_abort_installation, exit,
action {((arg_rep_int*)arg)->rv = 0;};
-
-
Index: src/usr.sbin/sysinst/msg.mi.de
diff -u src/usr.sbin/sysinst/msg.mi.de:1.26 src/usr.sbin/sysinst/msg.mi.de:1.27
--- src/usr.sbin/sysinst/msg.mi.de:1.26 Tue Oct 27 15:28:01 2020
+++ src/usr.sbin/sysinst/msg.mi.de Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.mi.de,v 1.26 2020/10/27 15:28:01 martin Exp $ */
+/* $NetBSD: msg.mi.de,v 1.27 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -1247,21 +1247,10 @@ message pkgin_failed
{Die Installation von pkgin ist fehlgeschlagen, evtl. weil keine Bin�rpakete
vorhanden sind. Bitte den Pfad der Pakete �berpr�fen und noch einmal versuchen.}
message failed {Fehlgeschlagen}
-message notsupported {Operation wird nicht unterst�tzt!}
message askfsmountadv {Mountpoint oder 'raid' oder 'cgd' oder 'lvm'?}
message partman {Erweiterte Partitionierung}
-message edit_parts {Partitionen bearbeiten}
message editpart {Partitionen bearbeiten}
-message switch_parts {Switch partitioning scheme}
-message fmtasraid {Als RAID Komponente formatieren}
-message fmtaslvm {Als LVM-PV formatieren}
-message encrypt {Verschl�sseln (CGD)}
message setbootable {Boot-Flag}
-message erase {Safe Erase}
-message undo {R�ckg�ngigmachen von �nderungen}
-message unconfig {Dekonfigurieren}
-message edit {Bearbeiten}
-message doumount {Force-umount}
message fremove {ENTFERNEN}
message remove {Entfernen}
Index: src/usr.sbin/sysinst/msg.mi.en
diff -u src/usr.sbin/sysinst/msg.mi.en:1.34 src/usr.sbin/sysinst/msg.mi.en:1.35
--- src/usr.sbin/sysinst/msg.mi.en:1.34 Tue Oct 27 15:28:01 2020
+++ src/usr.sbin/sysinst/msg.mi.en Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.mi.en,v 1.34 2020/10/27 15:28:01 martin Exp $ */
+/* $NetBSD: msg.mi.en,v 1.35 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -1176,21 +1176,9 @@ message pkgin_failed
exist. Please check the package path and try again.}
message failed {Failed}
-message notsupported {Operation not supported!}
message askfsmountadv {Mountpoint (or 'raid', 'cgd', 'lvm')?}
message partman {Extended partitioning}
-message edit_parts {Edit partitions}
message editpart {Edit partitions}
-message switch_parts {Switch partitioning scheme}
-message fmtasraid {Format as RAID}
-message fmtaslvm {Format as LVM PV}
-message encrypt {Encrypt (CGD)}
-message setbootable {Bootable flag}
-message erase {Safe erase}
-message undo {Undo changes}
-message unconfig {Unconfigure}
-message edit {Edit}
-message doumount {Force umount}
message fremove {REMOVE}
message remove {Remove}
Index: src/usr.sbin/sysinst/msg.mi.pl
diff -u src/usr.sbin/sysinst/msg.mi.pl:1.34 src/usr.sbin/sysinst/msg.mi.pl:1.35
--- src/usr.sbin/sysinst/msg.mi.pl:1.34 Tue Oct 27 15:28:01 2020
+++ src/usr.sbin/sysinst/msg.mi.pl Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.mi.pl,v 1.34 2020/10/27 15:28:01 martin Exp $ */
+/* $NetBSD: msg.mi.pl,v 1.35 2020/11/04 14:29:40 martin Exp $ */
/* Based on english version: */
/* NetBSD: msg.mi.pl,v 1.36 2004/04/17 18:55:35 atatat Exp */
@@ -1176,21 +1176,9 @@ pakietow binarnych.
Sprawdz sciezke pakietow i sprobuj ponownie.}
message failed {Nie powiodlo sie}
-message notsupported {Operacja nie jest obslugiwana!}
message askfsmountadv {Punkt montowania (lub "raid", "cgd" albo "lvm")?}
message partman {Partycje rozszerzone}
-message edit_parts {Edytuj partycje}
message editpart {Edytuj partycje}
-message switch_parts {Switch partitioning scheme}
-message fmtasraid {Formatuj jako RAID}
-message fmtaslvm {Formatuj jak LVM PV}
-message encrypt {Szyfrowanie (CGD)}
-message setbootable {Rozruchowy}
-message erase {Bezpieczne kasowanie}
-message undo {Cofanie zmian}
-message unconfig {Cofnij konfiguracje}
-message edit {Edytuj}
-message doumount {Wymus odmontowanie}
message fremove {USUN}
message remove {Usun}
@@ -1472,4 +1460,3 @@ message clone_target_hdr
message clone_target_disp {cloned partition(s)}
message clone_src_done
{Source selection OK, proceed to target selection}
-
Index: src/usr.sbin/sysinst/msg.mi.es
diff -u src/usr.sbin/sysinst/msg.mi.es:1.28 src/usr.sbin/sysinst/msg.mi.es:1.29
--- src/usr.sbin/sysinst/msg.mi.es:1.28 Tue Oct 27 15:28:01 2020
+++ src/usr.sbin/sysinst/msg.mi.es Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.mi.es,v 1.28 2020/10/27 15:28:01 martin Exp $ */
+/* $NetBSD: msg.mi.es,v 1.29 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -1227,21 +1227,9 @@ paquetes binarios. Por favor verifique
reint�ntelo de nuevo.}
message failed {Error}
-message notsupported {Operaci�n no admitida!}
message askfsmountadv {Punto de montaje o 'raid' o 'CGD' o 'lvm'?}
message partman {Partici�n extendida}
-message edit_parts {Editar particiones}
message editpart {Editar particiones}
-message switch_parts {Switch partitioning scheme}
-message fmtasraid {Formato como RAID}
-message fmtaslvm {Formato como LVM PV}
-message encrypt {Cifrar (CGD)}
-message setbootable {La bandera de arranque}
-message erase {Borrado seguro}
-message undo {Deshacer los cambios}
-message unconfig {Desconfigurar}
-message edit {Editar}
-message doumount {Fuerza umount}
message fremove {QUITAR}
message remove {Quitar}
@@ -1535,4 +1523,3 @@ message clone_target_hdr
message clone_target_disp {cloned partition(s)}
message clone_src_done
{Source selection OK, proceed to target selection}
-
Index: src/usr.sbin/sysinst/msg.mi.fr
diff -u src/usr.sbin/sysinst/msg.mi.fr:1.33 src/usr.sbin/sysinst/msg.mi.fr:1.34
--- src/usr.sbin/sysinst/msg.mi.fr:1.33 Tue Oct 27 15:28:01 2020
+++ src/usr.sbin/sysinst/msg.mi.fr Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.mi.fr,v 1.33 2020/10/27 15:28:01 martin Exp $ */
+/* $NetBSD: msg.mi.fr,v 1.34 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -1266,21 +1266,9 @@ n'existe pas. V�rifiez le chemin et ess
message failed {�chou�}
-message notsupported {Le fonctionnement n'est pas pris en charge!}
message askfsmountadv {Point de montage ou de 'raid' ou 'cgd' ou 'lvm'?}
message partman {Partitionnement �tendu}
-message edit_parts {Modifier les partitions}
message editpart {Modifier les partitions}
-message switch_parts {Switch partitioning scheme}
-message fmtasraid {Format en RAID}
-message fmtaslvm {Format de LVM PV}
-message encrypt {Crypter (CGD)}
-message setbootable {Drapeau d'amor�age}
-message erase {Fonction d'effacement s�curis�}
-message undo {Annuler les changements}
-message unconfig {Annulation de la configuration}
-message edit {�diter}
-message doumount {Groupe umount}
message fremove {ENLEVER}
message remove {Supprimer}
@@ -1566,4 +1554,3 @@ message clone_target_hdr
message clone_target_disp {cloned partition(s)}
message clone_src_done
{Source selection OK, proceed to target selection}
-
Index: src/usr.sbin/sysinst/msg.pm.de
diff -u src/usr.sbin/sysinst/msg.pm.de:1.2 src/usr.sbin/sysinst/msg.pm.de:1.3
--- src/usr.sbin/sysinst/msg.pm.de:1.2 Thu Jan 9 13:22:30 2020
+++ src/usr.sbin/sysinst/msg.pm.de Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.pm.de,v 1.2 2020/01/09 13:22:30 martin Exp $ */
+/* $NetBSD: msg.pm.de,v 1.3 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -151,3 +151,17 @@ message lvmlv_mirrors_ask {Spiegel?}
message lvmlv_regsiz_ask {MirrorLogRegionSize?}
message lvmlv_readahsect_ask {ReadAheadSectors?}
message lvmlv_stripes_ask {Stripes?}
+
+message notsupported {Operation wird nicht unterst�tzt!}
+message edit_parts {Partitionen bearbeiten}
+message encrypt {Verschl�sseln (CGD)}
+message erase {Safe Erase}
+message undo {R�ckg�ngigmachen von �nderungen}
+message unconfig {Dekonfigurieren}
+message edit {Bearbeiten}
+message doumount {Force-umount}
+
+message switch_parts {Switch partitioning scheme}
+message fmtasraid {Als RAID Komponente formatieren}
+message fmtaslvm {Als LVM-PV formatieren}
+
Index: src/usr.sbin/sysinst/msg.pm.en
diff -u src/usr.sbin/sysinst/msg.pm.en:1.2 src/usr.sbin/sysinst/msg.pm.en:1.3
--- src/usr.sbin/sysinst/msg.pm.en:1.2 Thu Jan 9 13:22:30 2020
+++ src/usr.sbin/sysinst/msg.pm.en Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.pm.en,v 1.2 2020/01/09 13:22:30 martin Exp $ */
+/* $NetBSD: msg.pm.en,v 1.3 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -153,3 +153,16 @@ message lvmlv_regsiz_ask {MirrorLogRegio
message lvmlv_readahsect_ask {ReadAheadSectors?}
message lvmlv_stripes_ask {Stripes?}
+message notsupported {Operation not supported!}
+message edit_parts {Edit partitions}
+message switch_parts {Switch partitioning scheme}
+message fmtasraid {Format as RAID}
+message fmtaslvm {Format as LVM PV}
+message encrypt {Encrypt (CGD)}
+message setbootable {Bootable flag}
+message erase {Safe erase}
+message undo {Undo changes}
+message unconfig {Unconfigure}
+message edit {Edit}
+message doumount {Force umount}
+
Index: src/usr.sbin/sysinst/msg.pm.es
diff -u src/usr.sbin/sysinst/msg.pm.es:1.2 src/usr.sbin/sysinst/msg.pm.es:1.3
--- src/usr.sbin/sysinst/msg.pm.es:1.2 Thu Jan 9 13:22:30 2020
+++ src/usr.sbin/sysinst/msg.pm.es Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.pm.es,v 1.2 2020/01/09 13:22:30 martin Exp $ */
+/* $NetBSD: msg.pm.es,v 1.3 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -152,3 +152,16 @@ message lvmlv_regsiz_ask {MirrorLogRegio
message lvmlv_readahsect_ask {ReadAheadSectors?}
message lvmlv_stripes_ask {Rayas?}
+message notsupported {Operaci�n no admitida!}
+message edit_parts {Editar particiones}
+message switch_parts {Switch partitioning scheme}
+message fmtasraid {Formato como RAID}
+message fmtaslvm {Formato como LVM PV}
+message encrypt {Cifrar (CGD)}
+message setbootable {La bandera de arranque}
+message erase {Borrado seguro}
+message undo {Deshacer los cambios}
+message unconfig {Desconfigurar}
+message edit {Editar}
+message doumount {Fuerza umount}
+
Index: src/usr.sbin/sysinst/msg.pm.fr
diff -u src/usr.sbin/sysinst/msg.pm.fr:1.2 src/usr.sbin/sysinst/msg.pm.fr:1.3
--- src/usr.sbin/sysinst/msg.pm.fr:1.2 Thu Jan 9 13:22:30 2020
+++ src/usr.sbin/sysinst/msg.pm.fr Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.pm.fr,v 1.2 2020/01/09 13:22:30 martin Exp $ */
+/* $NetBSD: msg.pm.fr,v 1.3 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -152,3 +152,16 @@ message lvmlv_regsiz_ask {MirrorLogRegio
message lvmlv_readahsect_ask {ReadAheadSectors?}
message lvmlv_stripes_ask {Stripes?}
+message notsupported {Le fonctionnement n'est pas pris en charge!}
+message edit_parts {Modifier les partitions}
+message switch_parts {Switch partitioning scheme}
+message fmtasraid {Format en RAID}
+message fmtaslvm {Format de LVM PV}
+message encrypt {Crypter (CGD)}
+message setbootable {Drapeau d'amor�age}
+message erase {Fonction d'effacement s�curis�}
+message undo {Annuler les changements}
+message unconfig {Annulation de la configuration}
+message edit {�diter}
+message doumount {Groupe umount}
+
Index: src/usr.sbin/sysinst/msg.pm.pl
diff -u src/usr.sbin/sysinst/msg.pm.pl:1.2 src/usr.sbin/sysinst/msg.pm.pl:1.3
--- src/usr.sbin/sysinst/msg.pm.pl:1.2 Thu Jan 9 13:22:30 2020
+++ src/usr.sbin/sysinst/msg.pm.pl Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: msg.pm.pl,v 1.2 2020/01/09 13:22:30 martin Exp $ */
+/* $NetBSD: msg.pm.pl,v 1.3 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -152,3 +152,16 @@ message lvmlv_regsiz_ask {MirrorLogRegio
message lvmlv_readahsect_ask {ReadAheadSectors?}
message lvmlv_stripes_ask {Stripes?}
+message notsupported {Operacja nie jest obslugiwana!}
+message edit_parts {Edytuj partycje}
+message switch_parts {Switch partitioning scheme}
+message fmtasraid {Formatuj jako RAID}
+message fmtaslvm {Formatuj jak LVM PV}
+message encrypt {Szyfrowanie (CGD)}
+message setbootable {Rozruchowy}
+message erase {Bezpieczne kasowanie}
+message undo {Cofanie zmian}
+message unconfig {Cofnij konfiguracje}
+message edit {Edytuj}
+message doumount {Wymus odmontowanie}
+
Index: src/usr.sbin/sysinst/upgrade.c
diff -u src/usr.sbin/sysinst/upgrade.c:1.16 src/usr.sbin/sysinst/upgrade.c:1.17
--- src/usr.sbin/sysinst/upgrade.c:1.16 Thu Feb 6 19:50:04 2020
+++ src/usr.sbin/sysinst/upgrade.c Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: upgrade.c,v 1.16 2020/02/06 19:50:04 martin Exp $ */
+/* $NetBSD: upgrade.c,v 1.17 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -104,7 +104,6 @@ do_upgrade(void)
#endif
/* Do any md updating of the file systems ... e.g. bootblocks,
copy file systems ... */
- /* XXX pass install here too */
if (!md_update(&install))
goto free_install;
Index: src/usr.sbin/sysinst/util.c
diff -u src/usr.sbin/sysinst/util.c:1.53 src/usr.sbin/sysinst/util.c:1.54
--- src/usr.sbin/sysinst/util.c:1.53 Fri Oct 30 18:47:38 2020
+++ src/usr.sbin/sysinst/util.c Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-/* $NetBSD: util.c,v 1.53 2020/10/30 18:47:38 martin Exp $ */
+/* $NetBSD: util.c,v 1.54 2020/11/04 14:29:40 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -62,6 +62,10 @@
#ifdef MD_MAY_SWAP_TO
#include <sys/drvctlio.h>
#endif
+#ifdef CHECK_ENTROPY
+#include <sha2.h>
+#include <paths.h>
+#endif
#define MAX_CD_DEVS 256 /* how many cd drives do we expect to attach */
#define ISO_BLKSIZE ISO_DEFAULT_BLOCK_SIZE
@@ -1107,6 +1111,271 @@ get_set_distinfo(int opt)
return NULL;
}
+#ifdef CHECK_ENTROPY
+
+char entropy_file[PATH_MAX];
+
+/*
+ * Are we short of entropy?
+ */
+static size_t
+entropy_needed(void)
+{
+ int needed;
+ size_t len;
+
+ len = sizeof(needed);
+ if (sysctlbyname("kern.entropy.needed", &needed, &len, NULL, 0))
+ return 0;
+
+ if (needed < 0)
+ return 0;
+
+ return needed;
+}
+
+static void
+entropy_write_to_kernel(const uint8_t *data, size_t len)
+{
+ int fd;
+
+ fd = open(_PATH_RANDOM, O_RDWR, 0);
+ if (fd >= 0) {
+ write(fd, data, len);
+ close(fd);
+ }
+}
+
+static void
+entropy_add_manual(void)
+{
+ SHA256_CTX ctx;
+ char buf[256], line[25];
+ size_t line_no, l;
+ uint8_t digest[SHA256_DIGEST_LENGTH];
+ bool ok = false;
+
+ msg_display(MSG_entropy_enter_manual1);
+ msg_printf("\n\n");
+ msg_display_add(MSG_entropy_enter_manual2);
+ msg_printf("\n\n dd if=/dev/random bs=32 count=16 | openssl base64\n\n");
+ msg_display_add(MSG_entropy_enter_manual3);
+ msg_printf("\n\n");
+ SHA256_Init(&ctx);
+ line_no = 1;
+ do {
+ sprintf(line, "%zu", line_no);
+ msg_prompt_win(line, -1, 15, 0, 0, "", buf, sizeof(buf));
+ l = strlen(buf);
+ if (l > 0)
+ SHA256_Update(&ctx, (const uint8_t*)buf, l);
+ line_no++;
+ } while(buf[0] != 0);
+ ok = ctx.bitcount >= 256;
+ SHA256_Final(digest, &ctx);
+
+ if (ok)
+ entropy_write_to_kernel(digest, sizeof digest);
+ else
+ hit_enter_to_continue(NULL, MSG_entropy_manual_not_enough);
+}
+
+/*
+ * Get a file by some means and return a (potentioally only
+ * temporary valid) path to the local copy.
+ * If mountpt is non empty, the caller should unmount that
+ * directory after processing the file.
+ * Return success if the file is available, or failure if
+ * the user canelled the request or network transfer failed.
+ */
+static bool
+entropy_get_file(bool use_netbsd_seed, char *path)
+{
+ static struct ftpinfo server = { .user = "ftp" };
+ char url[STRSIZE], tmpf[PATH_MAX], mountpt[PATH_MAX], *fn;
+ const char *ftp_opt;
+ arg_rv arg;
+ int rv = 0;
+ const char *file_desc = msg_string(use_netbsd_seed ?
+ MSG_entropy_seed : MSG_entropy_data);
+ char *dir;
+
+ path[0] = 0;
+ mountpt[0] = 0;
+
+ strcpy(tmpf, "/tmp/entr.XXXXXX");
+ fn = mktemp(tmpf);
+ if (fn == NULL)
+ return false;
+
+ msg_display(use_netbsd_seed ?
+ MSG_entropy_seed_hdr : MSG_entropy_data_hdr);
+ msg_printf("\n\n %s\n\n",
+ use_netbsd_seed ?
+ "rndctl -S /tmp/entropy-file" :
+ "dd if=/dev/random bs=32 count=1 of=/tmp/random.tmp");
+ strcpy(entropy_file, use_netbsd_seed ?
+ "entropy-file" : "random.tmp");
+ process_menu(MENU_entropy_select_file, &rv);
+ switch (rv) {
+ case 1:
+ case 2:
+#ifndef DEBUG
+ if (!network_up)
+ config_network();
+#endif
+ server.xfer = rv == 1 ? XFER_HTTP : XFER_FTP;
+ arg.arg = &server;
+ arg.rv = -1;
+ msg_display_add_subst(MSG_entropy_via_download, 1, file_desc);
+ msg_printf("\n\n");
+ process_menu(MENU_entropy_ftpsource, &arg);
+ if (arg.rv == SET_RETRY)
+ return false;
+ make_url(url, &server, entropy_file);
+ if (server.xfer == XFER_FTP &&
+ strcmp("ftp", server.user) == 0 && server.pass[0] == 0) {
+ /* do anon ftp */
+ ftp_opt = "-a ";
+ } else {
+ ftp_opt = "";
+ }
+ rv = run_program(RUN_DISPLAY | RUN_PROGRESS,
+ "/usr/bin/ftp %s -o %s %s",
+ ftp_opt, fn, url);
+ strcpy(path, fn);
+ return rv == 0;
+ case 3:
+#ifndef DEBUG
+ if (!network_up)
+ config_network();
+#endif
+ rv = -1;
+ msg_display_add_subst(MSG_entropy_via_nfs, 1, file_desc);
+ msg_printf("\n\n");
+ process_menu(MENU_entropy_nfssource, &rv);
+ if (rv == SET_RETRY)
+ return false;
+ if (nfs_host[0] != 0 && nfs_dir[0] != 0 &&
+ entropy_file[0] != 0) {
+ strcpy(mountpt, "/tmp/ent-mnt.XXXXXX");
+ dir = mkdtemp(mountpt);
+ if (dir == NULL)
+ return false;
+ sprintf(path, "%s/%s", mountpt, entropy_file);
+ if (run_program(RUN_SILENT,
+ "mount -t nfs -r %s:/%s %s",
+ nfs_host, nfs_dir, mountpt) == 0) {
+ run_program(RUN_SILENT,
+ "cp %s %s", path, fn);
+ run_program(RUN_SILENT,
+ "umount %s", mountpt);
+ rmdir(mountpt);
+ strcpy(path, fn);
+ }
+ }
+ break;
+ case 4:
+ rv = -1;
+ /* Get device, filesystem, and filepath */
+ process_menu (MENU_entropy_localfs, &rv);
+ if (rv == SET_RETRY)
+ return false;
+ if (localfs_dev[0] != 0 && localfs_fs[0] != 0 &&
+ entropy_file[0] != 0) {
+ strcpy(mountpt, "/tmp/ent-mnt.XXXXXX");
+ dir = mkdtemp(mountpt);
+ if (dir == NULL)
+ return false;
+ sprintf(path, "%s/%s", mountpt, entropy_file);
+ if (run_program(RUN_SILENT,
+ "mount -t %s -r /dev/%s %s",
+ localfs_fs, localfs_dev, mountpt) == 0) {
+ run_program(RUN_SILENT,
+ "cp %s %s", path, fn);
+ run_program(RUN_SILENT,
+ "umount %s", mountpt);
+ rmdir(mountpt);
+ strcpy(path, fn);
+ }
+ }
+ break;
+ }
+ return path[0] != 0;
+}
+
+static void
+entropy_add_bin_file(void)
+{
+ char fname[PATH_MAX];
+
+ if (!entropy_get_file(false, fname))
+ return;
+ if (access(fname, R_OK) == 0)
+ run_program(RUN_SILENT, "dd if=%s of=" _PATH_RANDOM,
+ fname);
+}
+
+static void
+entropy_add_seed(void)
+{
+ char fname[PATH_MAX];
+
+ if (!entropy_get_file(true, fname))
+ return;
+ if (access(fname, R_OK) == 0)
+ run_program(RUN_SILENT, "rndctl -L %s", fname);
+}
+
+/*
+ * return true if we have enough entropy
+ */
+bool
+do_check_entropy(void)
+{
+ int rv;
+
+ if (entropy_needed() == 0)
+ return true;
+
+ for (;;) {
+ if (entropy_needed() == 0)
+ return true;
+
+ msg_clear();
+ rv = 0;
+ process_menu(MENU_not_enough_entropy, &rv);
+ switch (rv) {
+ case 0:
+ return false;
+ case 1:
+ entropy_add_manual();
+ break;
+ case 2:
+ entropy_add_seed();
+ break;
+ case 3:
+ entropy_add_bin_file();
+ break;
+ default:
+ /*
+ * retry after small delay to give a new USB device
+ * a chance to attach and do deliver some
+ * entropy
+ */
+ msg_display(".");
+ for (size_t i = 0; i < 10; i++) {
+ if (entropy_needed() == 0)
+ return true;
+ sleep(1);
+ msg_display_add(".");
+ }
+ }
+ }
+}
+#endif
+
+
/*
* Get and unpack the distribution.
@@ -1246,7 +1515,14 @@ get_and_unpack_sets(int update, msg setu
if (set_status[SET_BASE] & SET_INSTALLED)
run_makedev();
- if (!update) {
+ if (update) {
+#ifdef CHECK_ENTROPY
+ if (!do_check_entropy()) {
+ hit_enter_to_continue(NULL, MSG_abortupgr);
+ return 1;
+ }
+#endif
+ } else {
struct stat sb1, sb2;
if (stat(target_expand("/"), &sb1) == 0
@@ -1280,6 +1556,10 @@ get_and_unpack_sets(int update, msg setu
/* Mounted dist dir? */
umount_mnt2();
+#ifdef CHECK_ENTROPY
+ entropy_loaded |= entropy_needed() == 0;
+#endif
+
/* Save entropy -- on some systems it's ~all we'll ever get */
if (!update || entropy_loaded)
run_program(RUN_SILENT | RUN_CHROOT | RUN_ERROR_OK,
Index: src/usr.sbin/sysinst/arch/atari/Makefile
diff -u src/usr.sbin/sysinst/arch/atari/Makefile:1.4 src/usr.sbin/sysinst/arch/atari/Makefile:1.5
--- src/usr.sbin/sysinst/arch/atari/Makefile:1.4 Wed Jun 12 06:20:18 2019
+++ src/usr.sbin/sysinst/arch/atari/Makefile Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.4 2019/06/12 06:20:18 martin Exp $
+# $NetBSD: Makefile,v 1.5 2020/11/04 14:29:40 martin Exp $
#
# Makefile for atari
#
@@ -9,6 +9,7 @@ LANGUAGES= en de
CPPFLAGS+= -DSUPPORT_8_3_SOURCE_FILESYSTEM
.ifdef SMALLPROG
+CHECK_ENTROPY= no # do not check entropy/offer adding
NOPARTMAN= yes
NO_GPT= yes
.endif
Index: src/usr.sbin/sysinst/arch/ews4800mips/Makefile
diff -u src/usr.sbin/sysinst/arch/ews4800mips/Makefile:1.3 src/usr.sbin/sysinst/arch/ews4800mips/Makefile:1.4
--- src/usr.sbin/sysinst/arch/ews4800mips/Makefile:1.3 Wed Nov 13 18:58:09 2019
+++ src/usr.sbin/sysinst/arch/ews4800mips/Makefile Wed Nov 4 14:29:40 2020
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.3 2019/11/13 18:58:09 martin Exp $
+# $NetBSD: Makefile,v 1.4 2020/11/04 14:29:40 martin Exp $
#
# Makefile for ews4800mips
#
@@ -6,6 +6,7 @@
LANGUAGES= # no translations
.ifdef SMALLPROG
+CHECK_ENTROPY= no # do not check entropy/offer adding
NOPARTMAN= yes
NO_GPT= yes
NO_MBR= yes
Added files:
Index: src/usr.sbin/sysinst/menus.entropy
diff -u /dev/null src/usr.sbin/sysinst/menus.entropy:1.1
--- /dev/null Wed Nov 4 14:29:41 2020
+++ src/usr.sbin/sysinst/menus.entropy Wed Nov 4 14:29:40 2020
@@ -0,0 +1,131 @@
+/* $NetBSD: menus.entropy,v 1.1 2020/11/04 14:29:40 martin Exp $ */
+
+/*-
+ * Copyright (c) 2003 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by David Laight.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Menu system definitions -- entropy setup */
+
+/* arg is an int*, returning a magic value for the selected menu option */
+menu not_enough_entropy, title MSG_not_enough_entropy, y=-1, no box, clear,
+ exit, exitstring MSG_abort_installation;
+ option MSG_entropy_add_manually, exit,
+ action { *((int*)arg) = 1; };
+ option MSG_entropy_download_seed, exit,
+ action { *((int*)arg) = 2; };
+ option MSG_entropy_download_raw, exit,
+ action { *((int*)arg) = 3; };
+ option MSG_entropy_retry, exit,
+ action { *((int*)arg) = 4; };
+
+
+/* arg is an int*, returning a magic value for the selected menu option */
+menu entropy_select_file, title MSG_entropy_select_file, y=-5, box,
+ exit, exitstring MSG_cancel;
+ option MSG_entropy_add_download_http, exit,
+ action { *((int*)arg) = 1; };
+ option MSG_entropy_add_download_ftp, exit,
+ action { *((int*)arg) = 2; };
+ option MSG_entropy_add_nfs, exit,
+ action { *((int*)arg) = 3; };
+ option MSG_entropy_add_local, exit,
+ action { *((int*)arg) = 4; };
+
+
+/* arg is an int*, set to SET_RETRY when the menu is aborted */
+menu entropy_nfssource, y=-5, x=0, w=70, no box, no clear,
+ exitstring MSG_load_entropy;
+ option {src_legend(menu, MSG_Host, nfs_host);},
+ action { src_prompt(MSG_Host, nfs_host, sizeof nfs_host); };
+ option {src_legend(menu, MSG_Base_dir, nfs_dir);},
+ action { src_prompt(MSG_Base_dir, nfs_dir, sizeof nfs_dir); };
+ option {src_legend(menu, MSG_entropy_file, entropy_file);},
+ action { src_prompt(MSG_set_entropy_file, entropy_file, sizeof entropy_file); };
+ option MSG_cancel, exit,
+ action { *((int*)arg) = SET_RETRY; };
+
+
+/* arg is an arg_rv*, pointing to a struct ftpinfo and a return value */
+menu entropy_ftpsource, y=-4, x=0, w=70, no box, no clear,
+ exitstring MSG_download_entropy;
+ option {src_legend(menu, MSG_Host,
+ ((struct ftpinfo*)((arg_rv*)arg)->arg)->xfer_host[
+ ((struct ftpinfo*)((arg_rv*)arg)->arg)->xfer]);},
+ action { struct ftpinfo *fpi = (struct ftpinfo*)((arg_rv*)arg)->arg;
+ src_prompt(MSG_Host, fpi->xfer_host[fpi->xfer],
+ sizeof fpi->xfer_host[fpi->xfer]); };
+ option {src_legend(menu, MSG_entropy_path_and_file, entropy_file);},
+ action { src_prompt(MSG_entropy_path_and_file,
+ entropy_file, sizeof entropy_file); };
+ option {src_legend(menu, MSG_User,
+ ((struct ftpinfo*)((arg_rv*)arg)->arg)->user);},
+ action { struct ftpinfo *fpi = (struct ftpinfo*)((arg_rv*)arg)->arg;
+ src_prompt(MSG_User, fpi->user, sizeof fpi->user);
+ fpi->pass[0] = 0;
+ };
+ option {src_legend(menu, MSG_Password,
+ strcmp(((struct ftpinfo*)((arg_rv*)arg)->arg)->user,
+ "ftp") == 0 ||
+ ((struct ftpinfo*)((arg_rv*)arg)->arg)->pass[0] == 0
+ ? ((struct ftpinfo*)((arg_rv*)arg)->arg)->pass
+ : msg_string(MSG_hidden));},
+ action { struct ftpinfo *fpi = (struct ftpinfo*)((arg_rv*)arg)->arg;
+ if (strcmp(fpi->user, "ftp") == 0)
+ src_prompt(MSG_email, fpi->pass, sizeof fpi->pass);
+ else {
+ msg_prompt_noecho(MSG_Password, "",
+ fpi->pass, sizeof fpi->pass);
+ }
+ };
+ option {src_legend(menu, MSG_Proxy,
+ ((struct ftpinfo*)((arg_rv*)arg)->arg)->proxy);},
+ action { struct ftpinfo *fpi = (struct ftpinfo*)((arg_rv*)arg)->arg;
+ src_prompt(MSG_Proxy, fpi->proxy, sizeof fpi->proxy);
+ if (strcmp(fpi->proxy, "") == 0) {
+ unsetenv("ftp_proxy");
+ unsetenv("http_proxy");
+ } else {
+ setenv("ftp_proxy", fpi->proxy, 1);
+ setenv("http_proxy", fpi->proxy, 1);
+ }
+ };
+ option MSG_cancel, exit, action { ((arg_rv*)arg)->rv = SET_RETRY; };
+
+
+/* arg is an int*, set to SET_RETRY when the menu is aborted */
+menu entropy_localfs, y=-4, x=0, w=70, no box, no clear,
+ exitstring MSG_load_entropy;
+ display action { msg_display(MSG_entropy_localfs); };
+ option {src_legend(menu, MSG_Device, localfs_dev);},
+ action { src_prompt(MSG_dev, localfs_dev, sizeof localfs_dev);};
+ option {src_legend(menu, MSG_File_system, localfs_fs);},
+ action { src_prompt(MSG_filesys, localfs_fs, sizeof localfs_fs); };
+ option {src_legend(menu, MSG_entropy_path_and_file, entropy_file);},
+ action { src_prompt(MSG_entropy_path_and_file, entropy_file, sizeof entropy_file);};
+ option MSG_cancel, exit, action { *((int*)arg) = SET_RETRY; };
+
Index: src/usr.sbin/sysinst/msg.entropy.de
diff -u /dev/null src/usr.sbin/sysinst/msg.entropy.de:1.1
--- /dev/null Wed Nov 4 14:29:41 2020
+++ src/usr.sbin/sysinst/msg.entropy.de Wed Nov 4 14:29:40 2020
@@ -0,0 +1,128 @@
+/* $NetBSD: msg.entropy.de,v 1.1 2020/11/04 14:29:40 martin Exp $ */
+
+/*
+ * Copyright 2018 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY PIERMONT INFORMATION SYSTEMS INC. ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL PIERMONT INFORMATION SYSTEMS INC. BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+message not_enough_entropy
+{Dieses System scheint nicht �ber einen Pseudo-Zufallszahlengenerator
+zu verf�gen. F�r das Erzeugen von kryptografisch sicheren Schl�sseldateien
+(z.B. ssh host keys) ist nicht genug Entropie verf�gbar.
+
+Am einfachsten generieren Sie Zufallsdaten auf einem anderen Computer
+und laden sie in dieser Installation. Alternativ k�nnen Sie auch
+manuell Zufallsdaten eingeben.
+
+Falls Sie einen USB Zufallsgenerator besitzen, verbinden Sie diesen
+jetzt und w�hlen dann die Option "Erneut testen".}
+
+message entropy_add_manually {Manuelle Zufallseingabe}
+message entropy_download_raw {Zufallsdaten laden}
+message entropy_download_seed {NetBSD Entropie-Datei laden}
+message entropy_retry {Erneut testen}
+
+message entropy_enter_manual1
+{Geben Sie bitte mehrere Zeilen zuf�llige Zeichen ein,
+in denen genug Entropie enthalten sein sollte, die 256 M�nzw�rfen,
+100 W�rfen mit einem sechsseitigen W�rfel oder 64 zuf�lligen hexadezimalen
+Zeichen entspricht.}
+
+message entropy_enter_manual2
+{Falls Sie Daten von einem anderen System per Kopieren & Einf�gen in dieses
+Installationsprogramm �bertragen k�nnen, k�nnen Sie die Ausgabe des
+folgenden Kommandos (auf einem System dessen Entropie Sie vertrauen)
+verwenden:}
+
+message entropy_enter_manual3
+{Benutzen Sie nicht die gleiche Eingabe f�r mehrere Installationen.
+Beenden Sie die Eingabe mit einer leeren Zeile.}
+
+message entropy_manual_not_enough
+{Sie haben nicht genug Zeichen eingegeben!}
+
+message entropy_select_file
+{W�hlen Sie auf welche Art Sie die Zufallsdaten auf diesen Computer
+�bertragen wollen:}
+
+message entropy_add_download_ftp
+{Download per ftp}
+
+message entropy_add_download_http
+{Download per http}
+
+message entropy_add_nfs
+{Von einer NFS Freigabe laden}
+
+message download_entropy
+{Download starten}
+
+message entropy_add_local
+{Von einem lokalen Dateisystem laden (z.B. USB)}
+
+message entropy_file
+{Pfad/Datei}
+
+message load_entropy
+{Zufallsdatei laden}
+
+message set_entropy_file
+{Pfad der Zuffalsdatei}
+
+/* Called with: Example
+ * $0 = content of file NetBSD entropy seed file
+ */
+message entropy_via_nfs
+{W�hlen Sie Server, Freigabe und Dateipfad von dem die $0 geladen werden kann.}
+
+/* Called with: Example
+ * $0 = content of file NetBSD entropy seed file
+ */
+message entropy_via_download
+{Da derzeit auf diesem System nicht genug Entropie vorhanden ist, sind alle
+kryptographischen Operation durch replay-Attacken angreifbar.
+Verwenden Sie nur lokale vertrauensw�rdige Netzwerke.}
+
+message entropy_data
+{Bin�rdatei mit Zuffallsdaten}
+
+message entropy_data_hdr
+{Auf einem System mit kryptographisch starkem Zufallszahlengenerator
+k�nnen Sie zuf�llige Bin�rdaten z.B. so erzeugen:}
+
+message entropy_seed
+{NetBSD entropy Datei}
+
+message entropy_seed_hdr
+{Auf einem NetBSD System mit kryptographisch starkem Zufallszahlengenerator
+k�nnen Sie einen Entropie-Schnappschuss folgenderma�en erstellen:}
+
+message entropy_path_and_file
+{Pfad und Dateiname}
+
+message entropy_localfs
+{Geben Sie das noch nicht gemountete lokale Ger�t und dessen entsprechendes
+Verzeichnis an, in dem die Zufallsdatei zu finden ist.}
+
Index: src/usr.sbin/sysinst/msg.entropy.en
diff -u /dev/null src/usr.sbin/sysinst/msg.entropy.en:1.1
--- /dev/null Wed Nov 4 14:29:41 2020
+++ src/usr.sbin/sysinst/msg.entropy.en Wed Nov 4 14:29:40 2020
@@ -0,0 +1,125 @@
+/* $NetBSD: msg.entropy.en,v 1.1 2020/11/04 14:29:40 martin Exp $ */
+
+/*
+ * Copyright 2018 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY PIERMONT INFORMATION SYSTEMS INC. ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL PIERMONT INFORMATION SYSTEMS INC. BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+message not_enough_entropy
+{This system seems to lack a cryptographically strong pseudo random
+number generator. There is not enough entropy available to create secure
+keys (e.g. ssh host keys).
+
+You may use random data generated on another computer and load it
+here, or you could enter random characters manually.
+
+If you own a USB random number device, connect it now and select
+the "Re-test" option.}
+
+message entropy_add_manually {Manual input of random data}
+message entropy_download_raw {Load random data}
+message entropy_download_seed {Import a NetBSD entropy file}
+message entropy_retry {Re-test}
+
+message entropy_enter_manual1
+{Enter random characters.}
+
+message entropy_enter_manual2
+{They should contain at last 256 bits of randomness, as in 256 coin
+tosses, 100 throws of a 6-sided die, 64 random hexadecimal digits, or
+(if you are able to copy & paste output from another machine into this
+installer) the output from running the following command on another
+machine whose randomness you trust:}
+
+message entropy_enter_manual3
+{Do not use the same data for multiple installations.
+Terminate the input with an empty line.}
+
+message entropy_manual_not_enough
+{You did not enter enough characters!}
+
+message entropy_select_file
+{Please select how you want to transfer the random data file
+to this machine:}
+
+message entropy_add_download_ftp
+{Download via ftp}
+
+message entropy_add_download_http
+{Download via http}
+
+message download_entropy
+{Start download}
+
+message entropy_add_nfs
+{Load from a NFS share}
+
+message entropy_add_local
+{Load from a local file system (e.g. a USB device)}
+
+message entropy_file
+{Path/file}
+
+message load_entropy
+{Load random data}
+
+message set_entropy_file
+{Random data file path}
+
+/* Called with: Example
+ * $0 = content of file NetBSD entropy seed file
+ */
+message entropy_via_nfs
+{Select a server, a share and the file path to load the $0.}
+
+/* Called with: Example
+ * $0 = content of file NetBSD entropy seed file
+ */
+message entropy_via_download
+{Since not enough entropy is available on this system, all crytographic
+operations are suspect to replay attacks.
+Please only use trustworthy local networks.}
+
+message entropy_data
+{random data binary file}
+
+message entropy_data_hdr
+{On a system with cryptographically strong pseudo random number generator
+you can create a file with random binary data like this:}
+
+message entropy_seed
+{NetBSD entropy seed file}
+
+message entropy_seed_hdr
+{On a NetBSD system with cryptographically strong pseudo random number
+generator you can create an entropy snapshot like this:}
+
+message entropy_path_and_file
+{Path and filename}
+
+message entropy_localfs
+{Enter the unmounted local device and directory on that device where
+the random data is located.}
+
Index: src/usr.sbin/sysinst/msg.entropy.es
diff -u /dev/null src/usr.sbin/sysinst/msg.entropy.es:1.1
--- /dev/null Wed Nov 4 14:29:41 2020
+++ src/usr.sbin/sysinst/msg.entropy.es Wed Nov 4 14:29:40 2020
@@ -0,0 +1,125 @@
+/* $NetBSD: msg.entropy.es,v 1.1 2020/11/04 14:29:40 martin Exp $ */
+
+/*
+ * Copyright 2018 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY PIERMONT INFORMATION SYSTEMS INC. ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL PIERMONT INFORMATION SYSTEMS INC. BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+message not_enough_entropy
+{This system seems to lack a cryptographically strong pseudo random
+number generator. There is not enough entropy available to create secure
+keys (e.g. ssh host keys).
+
+You may use random data generated on another computer and load it
+here, or you could enter random characters manually.
+
+If you own a USB random number device, connect it now and select
+the "Re-test" option.}
+
+message entropy_add_manually {Manual input of random data}
+message entropy_download_raw {Load random data}
+message entropy_download_seed {Import a NetBSD entropy file}
+message entropy_retry {Re-test}
+
+message entropy_enter_manual1
+{Enter random characters.}
+
+message entropy_enter_manual2
+{They should contain at last 256 bits of randomness, as in 256 coin
+tosses, 100 throws of a 6-sided die, 64 random hexadecimal digits, or
+(if you are able to copy & paste output from another machine into this
+installer) the output from running the following command on another
+machine whose randomness you trust:}
+
+message entropy_enter_manual3
+{Do not use the same data for multiple installations.
+Terminate the input with an empty line.}
+
+message entropy_manual_not_enough
+{You did not enter enough characters!}
+
+message entropy_select_file
+{Please select how you want to transfer the random data file
+to this machine:}
+
+message entropy_add_download_ftp
+{Download via ftp}
+
+message entropy_add_download_http
+{Download via http}
+
+message download_entropy
+{Start download}
+
+message entropy_add_nfs
+{Load from a NFS share}
+
+message entropy_add_local
+{Laod from a local file system (e.g. a USB device)}
+
+message entropy_file
+{Path/file}
+
+message load_entropy
+{Load random data}
+
+message set_entropy_file
+{Random data file path}
+
+/* Called with: Example
+ * $0 = content of file NetBSD entropy seed file
+ */
+message entropy_via_nfs
+{Select a server, a share and the file path to load the $0.}
+
+/* Called with: Example
+ * $0 = content of file NetBSD entropy seed file
+ */
+message entropy_via_download
+{Since not enough entropy is available on this system, all crytographic
+operations are suspect to replay attacks.
+Please only use trustworthy local networks.}
+
+message entropy_data
+{random data binary file}
+
+message entropy_data_hdr
+{On a system with cryptographically strong pseudo random number generator
+you can create a file with random binary data like this:}
+
+message entropy_seed
+{NetBSD entropy seed file}
+
+message entropy_seed_hdr
+{On a NetBSD system with cryptographically strong pseudo random number
+generator you can create an entropy snapshot like this:}
+
+message entropy_path_and_file
+{Path and filename}
+
+message entropy_localfs
+{Enter the unmounted local device and directory on that device where
+the random data is located.}
+
Index: src/usr.sbin/sysinst/msg.entropy.fr
diff -u /dev/null src/usr.sbin/sysinst/msg.entropy.fr:1.1
--- /dev/null Wed Nov 4 14:29:41 2020
+++ src/usr.sbin/sysinst/msg.entropy.fr Wed Nov 4 14:29:40 2020
@@ -0,0 +1,125 @@
+/* $NetBSD: msg.entropy.fr,v 1.1 2020/11/04 14:29:40 martin Exp $ */
+
+/*
+ * Copyright 2018 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY PIERMONT INFORMATION SYSTEMS INC. ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL PIERMONT INFORMATION SYSTEMS INC. BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+message not_enough_entropy
+{This system seems to lack a cryptographically strong pseudo random
+number generator. There is not enough entropy available to create secure
+keys (e.g. ssh host keys).
+
+You may use random data generated on another computer and load it
+here, or you could enter random characters manually.
+
+If you own a USB random number device, connect it now and select
+the "Re-test" option.}
+
+message entropy_add_manually {Manual input of random data}
+message entropy_download_raw {Load random data}
+message entropy_download_seed {Import a NetBSD entropy file}
+message entropy_retry {Re-test}
+
+message entropy_enter_manual1
+{Enter random characters.}
+
+message entropy_enter_manual2
+{They should contain at last 256 bits of randomness, as in 256 coin
+tosses, 100 throws of a 6-sided die, 64 random hexadecimal digits, or
+(if you are able to copy & paste output from another machine into this
+installer) the output from running the following command on another
+machine whose randomness you trust:}
+
+message entropy_enter_manual3
+{Do not use the same data for multiple installations.
+Terminate the input with an empty line.}
+
+message entropy_manual_not_enough
+{You did not enter enough characters!}
+
+message entropy_select_file
+{Please select how you want to transfer the random data file
+to this machine:}
+
+message entropy_add_download_ftp
+{Download via ftp}
+
+message entropy_add_download_http
+{Download via http}
+
+message download_entropy
+{Start download}
+
+message entropy_add_nfs
+{Load from a NFS share}
+
+message entropy_add_local
+{Load from a local file system (e.g. a USB device)}
+
+message entropy_file
+{Path/file}
+
+message load_entropy
+{Load random data}
+
+message set_entropy_file
+{Random data file path}
+
+/* Called with: Example
+ * $0 = content of file NetBSD entropy seed file
+ */
+message entropy_via_nfs
+{Select a server, a share and the file path to load the $0.}
+
+/* Called with: Example
+ * $0 = content of file NetBSD entropy seed file
+ */
+message entropy_via_download
+{Since not enough entropy is available on this system, all crytographic
+operations are suspect to replay attacks.
+Please only use trustworthy local networks.}
+
+message entropy_data
+{random data binary file}
+
+message entropy_data_hdr
+{On a system with cryptographically strong pseudo random number generator
+you can create a file with random binary data like this:}
+
+message entropy_seed
+{NetBSD entropy seed file}
+
+message entropy_seed_hdr
+{On a NetBSD system with cryptographically strong pseudo random number
+generator you can create an entropy snapshot like this:}
+
+message entropy_path_and_file
+{Path and filename}
+
+message entropy_localfs
+{Enter the unmounted local device and directory on that device where
+the random data is located.}
+
Index: src/usr.sbin/sysinst/msg.entropy.pl
diff -u /dev/null src/usr.sbin/sysinst/msg.entropy.pl:1.1
--- /dev/null Wed Nov 4 14:29:41 2020
+++ src/usr.sbin/sysinst/msg.entropy.pl Wed Nov 4 14:29:40 2020
@@ -0,0 +1,125 @@
+/* $NetBSD: msg.entropy.pl,v 1.1 2020/11/04 14:29:40 martin Exp $ */
+
+/*
+ * Copyright 2018 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY PIERMONT INFORMATION SYSTEMS INC. ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL PIERMONT INFORMATION SYSTEMS INC. BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+message not_enough_entropy
+{This system seems to lack a cryptographically strong pseudo random
+number generator. There is not enough entropy available to create secure
+keys (e.g. ssh host keys).
+
+You may use random data generated on another computer and load it
+here, or you could enter random characters manually.
+
+If you own a USB random number device, connect it now and select
+the "Re-test" option.}
+
+message entropy_add_manually {Manual input of random data}
+message entropy_download_raw {Load random data}
+message entropy_download_seed {Import a NetBSD entropy file}
+message entropy_retry {Re-test}
+
+message entropy_enter_manual1
+{Enter random characters.}
+
+message entropy_enter_manual2
+{They should contain at last 256 bits of randomness, as in 256 coin
+tosses, 100 throws of a 6-sided die, 64 random hexadecimal digits, or
+(if you are able to copy & paste output from another machine into this
+installer) the output from running the following command on another
+machine whose randomness you trust:}
+
+message entropy_enter_manual3
+{Do not use the same data for multiple installations.
+Terminate the input with an empty line.}
+
+message entropy_manual_not_enough
+{You did not enter enough characters!}
+
+message entropy_select_file
+{Please select how you want to transfer the random data file
+to this machine:}
+
+message entropy_add_download_ftp
+{Download via ftp}
+
+message entropy_add_download_http
+{Download via http}
+
+message download_entropy
+{Start download}
+
+message entropy_add_nfs
+{Load from a NFS share}
+
+message entropy_add_local
+{Load from a local file system (e.g. a USB device)}
+
+message entropy_file
+{Path/file}
+
+message load_entropy
+{Load random data}
+
+message set_entropy_file
+{Random data file path}
+
+/* Called with: Example
+ * $0 = content of file NetBSD entropy seed file
+ */
+message entropy_via_nfs
+{Select a server, a share and the file path to load the $0.}
+
+/* Called with: Example
+ * $0 = content of file NetBSD entropy seed file
+ */
+message entropy_via_download
+{Since not enough entropy is available on this system, all crytographic
+operations are suspect to replay attacks.
+Please only use trustworthy local networks.}
+
+message entropy_data
+{random data binary file}
+
+message entropy_data_hdr
+{On a system with cryptographically strong pseudo random number generator
+you can create a file with random binary data like this:}
+
+message entropy_seed
+{NetBSD entropy seed file}
+
+message entropy_seed_hdr
+{On a NetBSD system with cryptographically strong pseudo random number
+generator you can create an entropy snapshot like this:}
+
+message entropy_path_and_file
+{Path and filename}
+
+message entropy_localfs
+{Enter the unmounted local device and directory on that device where
+the random data is located.}
+
