From: Phil Carmody <phil@dovecot.fi>
Date: Tue, 30 Jan 2018 12:14:42 +0000 (+0200)
Subject: lib/randgen - warn when DOVECOT_SRAND is not able to be used
X-Git-Tag: 2.3.5~23
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8463321f544d022efbeeaa0cf79c5a0555e1484b;p=thirdparty%2Fdovecot%2Fcore.git

lib/randgen - warn when DOVECOT_SRAND is not able to be used

As suggested by Jeff, it's friendly to warn if we're unable to act
upon the request for reproduceable random numbers because we're not
built for that.

Note, this deliberately permits a blank string, so that you can
silence the warning by prefixing a command with an empty
  DOVECOT_SRAND=
which is taken as an explicit attempt to disable use of the feature.

Signed-off-by: Phil Carmody <phil@dovecot.fi>
---

diff --git a/src/lib/randgen.c b/src/lib/randgen.c
index 6808a8432c..ffb9c79b21 100644
--- a/src/lib/randgen.c
+++ b/src/lib/randgen.c
@@ -141,17 +141,21 @@ void random_fill(void *buf, size_t size)
 void random_init(void)
 {
 	unsigned int seed;
+	const char *env_seed;
 
 	if (init_refcount++ > 0)
 		return;
 
+	env_seed = getenv("DOVECOT_SRAND");
 #ifdef DEBUG
-	const char *env_seed = getenv("DOVECOT_SRAND");
 	if (env_seed != NULL && str_to_uint(env_seed, &seed) >= 0) {
 		kiss_init(seed);
 		/* getrandom_present = FALSE; not needed, only used in random_read() */
 		goto normal_exit;
 	}
+#else
+	if (env_seed != NULL && *env_seed != '\0')
+		i_warning("DOVECOT_SRAND is not available in non-debug builds");
 #endif /* DEBUG */
 
 #if defined(USE_RANDOM_DEV)