util: add UTI_GetRandomBytesUrandom()

This function always uses /dev/urandom, even if arc4random() is
available, and is intended for generating long-term keys.

diff --git a/util.c b/util.c
index 313bb29f16f263a9eda92f69a6050e45d0f9c486..4287b98d7439633ab1205db54446a87cbee26659 100644 (file)
--- a/util.c
+++ b/util.c
@@ -1141,17 +1141,26 @@ UTI_DropRoot(uid_t uid, gid_t gid)
 #define DEV_URANDOM "/dev/urandom"
 
 void
-UTI_GetRandomBytes(void *buf, unsigned int len)
+UTI_GetRandomBytesUrandom(void *buf, unsigned int len)
 {
-#ifdef HAVE_ARC4RANDOM
-  arc4random_buf(buf, len);
-#else
   static FILE *f = NULL;
+
   if (!f)
     f = fopen(DEV_URANDOM, "r");
   if (!f)
     LOG_FATAL(LOGF_Util, "Can't open %s : %s", DEV_URANDOM, strerror(errno));
   if (fread(buf, 1, len, f) != len)
     LOG_FATAL(LOGF_Util, "Can't read from %s", DEV_URANDOM);
+}
+
+/* ================================================== */
+
+void
+UTI_GetRandomBytes(void *buf, unsigned int len)
+{
+#ifdef HAVE_ARC4RANDOM
+  arc4random_buf(buf, len);
+#else
+  UTI_GetRandomBytesUrandom(buf, len);
 #endif
 }

diff --git a/util.h b/util.h
index 69caae1068ce1ab3455665f2571088f02794bf6c..a019fe53bbb0c2e5c5aa493fd09bd50dc9b088dc 100644 (file)
--- a/util.h
+++ b/util.h
@@ -148,7 +148,12 @@ extern int UTI_CheckDirPermissions(const char *path, mode_t perm, uid_t uid, gid
 /* Set process user/group IDs and drop supplementary groups */
 extern void UTI_DropRoot(uid_t uid, gid_t gid);
 
-/* Fill buffer with random bytes */
+/* Fill buffer with random bytes from /dev/urandom */
+extern void UTI_GetRandomBytesUrandom(void *buf, unsigned int len);
+
+/* Fill buffer with random bytes from /dev/urandom or a faster source if it's
+   available (e.g. arc4random()), which may not necessarily be suitable for
+   generating long-term keys */
 extern void UTI_GetRandomBytes(void *buf, unsigned int len);
 
 /* Macros to get maximum and minimum of two values */