From 9b94679fce041bcbbc85904d3bc56addb9ccedc5 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Thu, 19 Oct 2017 09:51:18 +0200 Subject: [PATCH] random: support getrandom(2) if available Ticket: #2193 --- configure.ac | 7 +++++++ src/suricata-common.h | 4 ++++ src/util-random.c | 15 +++++++++++++++ 3 files changed, 26 insertions(+) diff --git a/configure.ac b/configure.ac index b31307a1ae..9e7b8c9209 100644 --- a/configure.ac +++ b/configure.ac @@ -130,6 +130,7 @@ AC_CHECK_HEADER(glob.h,,[AC_ERROR(glob.h not found ...)]) AC_CHECK_HEADERS([dirent.h fnmatch.h]) AC_CHECK_HEADERS([sys/resource.h sys/types.h sys/un.h]) + AC_CHECK_HEADERS([sys/random.h]) AC_CHECK_HEADERS([sys/socket.h net/if.h sys/mman.h linux/if_arp.h], [], [], [[#ifdef HAVE_SYS_SOCKET_H @@ -168,6 +169,12 @@ AC_FUNC_REALLOC AC_CHECK_FUNCS([gettimeofday memset strcasecmp strchr strdup strerror strncasecmp strtol strtoul memchr memrchr clock_gettime]) + AC_CHECK_DECL([getrandom], + AC_DEFINE([HAVE_GETRANDOM], [1], [Use getrandom]), + [], [ + #include + ]) + OCFLAGS=$CFLAGS CFLAGS="" AC_CHECK_FUNCS([strlcpy strlcat]) diff --git a/src/suricata-common.h b/src/suricata-common.h index 41e969abd8..ec34a8c6ce 100644 --- a/src/suricata-common.h +++ b/src/suricata-common.h @@ -168,6 +168,10 @@ #include #endif +#if HAVE_SYS_RANDOM_H +#include +#endif + #if HAVE_NETINET_IN_H #include #endif diff --git a/src/util-random.c b/src/util-random.c index 35a29056ab..1abc036d33 100644 --- a/src/util-random.c +++ b/src/util-random.c @@ -51,6 +51,21 @@ long int RandomGet(void) return value; } +#elif defined(HAVE_GETRANDOM) +long int RandomGet(void) +{ + if (g_disable_randomness) + return 0; + + long int value = 0; + int ret = getrandom(&value, sizeof(value), 0); + /* ret should be sizeof(value), but if it is > 0 and < sizeof(value) + * it's still better than nothing so we return what we have */ + if (ret <= 0) { + return -1; + } + return value; +} #elif defined(HAVE_CLOCK_GETTIME) long int RandomGet(void) { -- 2.47.2