compat: use OpenSSL RAND_priv_bytes() for entropy (#248)

* compat: use OpenSSL RAND_priv_bytes() for entropy

Use OpenSSL random number generator to seed arc4random() if available,
if it fails fall back to /dev/urandom.

* tests: link eloop-bench against LDADD lib

arc4random might depend on libcrypto so we need to link it.

diff --git a/compat/arc4random.c b/compat/arc4random.c
index edc5fff94ff8cf688e57f3314a35fe2fb6e50f77..8f28f616d2fec9d7d36fca161a11dc5382bc2b7d 100644 (file)
--- a/compat/arc4random.c
+++ b/compat/arc4random.c
@@ -40,6 +40,10 @@
 #include <sys/types.h>
 #include <sys/time.h>
 
+#if defined(HAVE_OPENSSL)
+#include <openssl/rand.h>
+#endif
+
 #define KEYSTREAM_ONLY
 #include "chacha_private.h"
 
@@ -93,6 +97,11 @@ _dhcpcd_getentropy(void *buf, size_t length)
        struct timeval   tv;
        uint8_t         *rand = (uint8_t *)buf;
 
+#if defined (HAVE_OPENSSL)
+       if (RAND_priv_bytes(buf, (int)length) == 1)
+               return (0);
+#endif
+
        if (length < sizeof(tv)) {
                gettimeofday(&tv, NULL);
                memcpy(buf, &tv, sizeof(tv));

diff --git a/tests/eloop-bench/Makefile b/tests/eloop-bench/Makefile
index 2827c60704222e93e4dd9d16fc2cd3d6cf56a9e9..a0ebafd9c0f981575478da28f8f81990d0836673 100644 (file)
--- a/tests/eloop-bench/Makefile
+++ b/tests/eloop-bench/Makefile
@@ -39,7 +39,7 @@ distclean: clean
 depend:
 
 ${PROG}: ${DEPEND} ${OBJS}
-       ${CC} ${LDFLAGS} -o $@ ${OBJS}
+       ${CC} ${LDFLAGS} -o $@ ${OBJS} ${LDADD}
 
 test: ${PROG}
        ./${PROG}