git.ipfire.org Git - thirdparty/shadow.git/commit

author	Alejandro Colomar <alx@kernel.org>
	Fri, 30 Dec 2022 11:48:55 +0000 (12:48 +0100)
committer	Iker Pedrosa <ikerpedrosam@gmail.com>
	Mon, 16 Jan 2023 09:12:31 +0000 (10:12 +0100)
commit	ac8b81c2b7ed378528e5cc60754e10be1e369e40
tree	988d9143a43dce5ee552fd21782d995115226d8f	tree
parent	39ecca84d4f26ae61d20bff57b27c09681538205	commit \| diff

Prefer getrandom(3)/getentropy(3) over arc4random(3bsd)

arc4random(3) without kernel support is unsafe, as it can't know when to
drop the buffer. Since we depend on libbsd since recently, we have
arc4random(3) functions always available, and thus, this code would have
always called arc4random_buf(3bsd), which is unsafe. Put it after some
better alternatives, at least until in a decade or so all systems have a
recent enough glibc.

glibc implements arc4random(3) safely, since it's just a wrapper around
getrandom(2).

Link: <https://inbox.sourceware.org/libc-alpha/20220722122137.3270666-1-adhemerval.zanella@linaro.org/>
Link: <https://inbox.sourceware.org/libc-alpha/5c29df04-6283-9eee-6648-215b52cfa26b@cs.ucla.edu/T/>
Cc: Cristian Rodríguez <crrodriguez@opensuse.org>
Cc: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Cc: Guillem Jover <guillem@hadrons.org>
Cc: Björn Esser <besser82@fedoraproject.org>
Reviewed-by: "Jason A. Donenfeld" <Jason@zx2c4.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>