Patch from Jeremie Courreges-Anglas to use arc4random_uniform

author Wouter Wijngaards <wouter@nlnetlabs.nl>

Wed, 23 Apr 2014 13:00:35 +0000 (13:00 +0000)

committer Wouter Wijngaards <wouter@nlnetlabs.nl>

Wed, 23 Apr 2014 13:00:35 +0000 (13:00 +0000)
author Wouter Wijngaards <wouter@nlnetlabs.nl>
Wed, 23 Apr 2014 13:00:35 +0000 (13:00 +0000)
committer Wouter Wijngaards <wouter@nlnetlabs.nl>
Wed, 23 Apr 2014 13:00:35 +0000 (13:00 +0000)
diff --git a/configure.ac b/configure.ac

index 28ff07748155ecec19ae815f3b978caa5d68a99f..f058fb46f714b8e60ddae732726812ee783e9d49 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -965,7 +965,7 @@ AC_INCLUDES_DEFAULT
  #endif
  ])
  AC_SEARCH_LIBS([setusercontext], [util])
-AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam getrlimit setrlimit setsid sbrk chroot kill sleep usleep random srandom recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent])
+AC_CHECK_FUNCS([tzset sigprocmask fcntl getpwnam getrlimit setrlimit setsid sbrk chroot kill sleep usleep random srandom arc4random_uniform recvmsg sendmsg writev socketpair glob initgroups strftime localtime_r setusercontext _beginthreadex endservent endprotoent])
  AC_CHECK_FUNCS([setresuid],,[AC_CHECK_FUNCS([setreuid])])
  AC_CHECK_FUNCS([setresgid],,[AC_CHECK_FUNCS([setregid])])
  
diff --git a/util/random.c b/util/random.c

index 8a24ff04d990c00f67f8bfd1ed9f5745489222af..3df36c211c4552ea0c72dc3fbc3b98bb57e6a57d 100644 (file)
--- a/util/random.c
+++ b/util/random.c
@@ -61,7 +61,10 @@
  #include "util/random.h"
  #include "util/log.h"
  #include <time.h>
-#ifdef HAVE_SSL
+
+#ifdef HAVE_ARC4RANDOM_UNIFORM
+/* no include for arc4_uniform */
+#elif HAVE_SSL
  #include <openssl/rand.h>
  #include <openssl/rc4.h>
  #include <openssl/err.h>
@@ -79,7 +82,34 @@
   */
  #define MAX_VALUE 0x7fffffff
  
-#ifdef HAVE_SSL
+#ifdef HAVE_ARC4RANDOM_UNIFORM
+
+void
+ub_systemseed(unsigned int ATTR_UNUSED(seed))
+{
+       /* arc4random_uniform does not need seeds, it gets kernel entropy */
+}
+
+struct ub_randstate* 
+ub_initstate(unsigned int ATTR_UNUSED(seed),
+       struct ub_randstate* ATTR_UNUSED(from))
+{
+       struct ub_randstate* s = (struct ub_randstate*)malloc(1);
+       if(!s) {
+               log_err("malloc failure in random init");
+               return NULL;
+       }
+       return s;
+}
+
+long int 
+ub_random(struct ub_randstate* ATTR_UNUSED(s))
+{
+       /* This relies on MAX_VALUE being 0x7fffffff. */
+       return (long)arc4random() & MAX_VALUE;
+}
+
+#elif HAVE_SSL
  /**
   * Struct with per-thread random state.
   * Keeps SSL types away from the header file.
@@ -253,11 +283,12 @@ long int ub_random(struct ub_randstate* ATTR_UNUSED(state))
         return x & MAX_VALUE;
  }
  
-#endif /* HAVE_SSL or HAVE_NSS */
+#endif /* HAVE_ARC4RANDOM_UNIFORM or HAVE_SSL or HAVE_NSS */
  
  long int
  ub_random_max(struct ub_randstate* state, long int x)
  {
+#ifndef HAVE_ARC4RANDOM_UNIFORM
         /* make sure we fetch in a range that is divisible by x. ignore
          * values from d .. MAX_VALUE, instead draw a new number */
         long int d = MAX_VALUE - (MAX_VALUE % x); /* d is divisible by x */
@@ -265,6 +296,11 @@ ub_random_max(struct ub_randstate* state, long int x)
         while(d <= v)
                 v = ub_random(state);
         return (v % x);
+#else
+       (void)state;
+       /* on OpenBSD, this does not need _seed(), or _stir() calls */
+       return (long)arc4random_uniform(x);
+#endif
  }
  
  void
author	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Wed, 23 Apr 2014 13:00:35 +0000 (13:00 +0000)
committer	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Wed, 23 Apr 2014 13:00:35 +0000 (13:00 +0000)
configure.ac		patch \| blob \| blame \| history
util/random.c		patch \| blob \| blame \| history