From 851efd9c60eaa30d8843f935c1445d91ddd86d68 Mon Sep 17 00:00:00 2001
From: Eric Leblond <eric@regit.org>
Date: Wed, 23 May 2018 08:57:13 +0200
Subject: [PATCH] util-random: workaround getrandom unavailability

getrandom syscall availability is detected at runtime. So it is
possible that the build is done on a box that supports it but
the run is done on a system with no availability. So a workaround
solution is needed to fix this case.

Also we have seen some issue in docker environment where the build
is detecting getrandom but where it does not work at runtime.

For both reasons, the code is updated to have a call to a fallback
function if ever the getrandom call returns that the syscall is
not available.
---
 src/util-random.c | 49 ++++++++++++++++++++++++++++++++++-------------
 1 file changed, 36 insertions(+), 13 deletions(-)

diff --git a/src/util-random.c b/src/util-random.c
index 1abc036d33..5a709dc66c 100644
--- a/src/util-random.c
+++ b/src/util-random.c
@@ -27,6 +27,33 @@
 #include "suricata-common.h"
 #include "util-random.h"
 
+#if defined(HAVE_CLOCK_GETTIME)
+
+static long int RandomGetClock(void)
+{
+    struct timespec ts;
+    clock_gettime(CLOCK_REALTIME, &ts);
+
+    srandom(ts.tv_nsec ^ ts.tv_sec);
+    long int value = random();
+    return value;
+}
+
+#elif !(defined(HAVE_WINCRYPT_H) &&  defined(OS_WIN32))
+
+static long int RandomGetPosix(void)
+{
+    struct timeval tv;
+    memset(&tv, 0, sizeof(tv));
+    gettimeofday(&tv, NULL);
+
+    srandom(tv.tv_usec ^ tv.tv_sec);
+    long int value = random();
+    return value;
+}
+
+#endif
+
 #if defined(HAVE_WINCRYPT_H) && defined(OS_WIN32)
 #include <wincrypt.h>
 
@@ -62,6 +89,13 @@ long int RandomGet(void)
     /* ret should be sizeof(value), but if it is > 0 and < sizeof(value)
      * it's still better than nothing so we return what we have */
     if (ret <= 0) {
+        if (ret == -ENOSYS) {
+#if defined(HAVE_CLOCK_GETTIME)
+            return RandomGetClock();
+#else
+            return RandomGetPosix();
+#endif
+        }
         return -1;
     }
     return value;
@@ -72,12 +106,7 @@ long int RandomGet(void)
     if (g_disable_randomness)
         return 0;
 
-    struct timespec ts;
-    clock_gettime(CLOCK_REALTIME, &ts);
-
-    srandom(ts.tv_nsec ^ ts.tv_sec);
-    long int value = random();
-    return value;
+    return RandomGetClock();
 }
 #else
 long int RandomGet(void)
@@ -85,12 +114,6 @@ long int RandomGet(void)
     if (g_disable_randomness)
         return 0;
 
-    struct timeval tv;
-    memset(&tv, 0, sizeof(tv));
-    gettimeofday(&tv, NULL);
-
-    srandom(tv.tv_usec ^ tv.tv_sec);
-    long int value = random();
-    return value;
+    return RandomGetPosix();
 }
 #endif
-- 
2.47.2