diff options
| author |   Ondřej Surý <ondrej@sury.org>
| 2016-08-30 10:08:07 +0200 |
|---|---|---|
| committer | Ondřej Surý <ondrej@sury.org>
| 2016-08-30 10:08:07 +0200 |
| commit | 6de837ba4e208260ac6043d521b0a1d79ffd58a7 (patch) | |
| tree | 6370c790fadc971c6fc3ef7d16eff1d5ece5e747 /src | |
| parent | 40951862e12fe8d9c2fd0ffd4f16e9fe4d951f33 (diff) | |
| download | luaossl-6de837ba4e208260ac6043d521b0a1d79ffd58a7.tar.gz luaossl-6de837ba4e208260ac6043d521b0a1d79ffd58a7.tar.bz2 luaossl-6de837ba4e208260ac6043d521b0a1d79ffd58a7.zip | |
Use arc4random()/getrandom() to get random bytes instead of sysctl() interface
Diffstat (limited to 'src')
| -rw-r--r-- | src/openssl.c | 63 |
1 files changed, 32 insertions, 31 deletions
diff --git a/src/openssl.c b/src/openssl.c index d8eebb5..6addcaa 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -48,6 +48,19 @@ #if __APPLE__ #include <mach/mach_time.h> /* mach_absolute_time() */ +#define HAVE_ARC4RANDOM +#endif + +#if defined(__FreeBSD_kernel__) || defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) +#define HAVE_ARC4RANDOM +#endif + +#if defined(__linux__) +#include <linux/version.h> +#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0) +#define HAVE_GETRANDOM +#include <linux/random.h> +#endif #endif #include <openssl/opensslconf.h> @@ -7811,44 +7824,16 @@ static struct randL_state *randL_getstate(lua_State *L) { return lua_touserdata(L, lua_upvalueindex(1)); } /* randL_getstate() */ -#ifndef HAVE_SYS_SYSCTL_H -#define HAVE_SYS_SYSCTL_H (BSD || __GLIBC__) -#endif - -#if HAVE_SYS_SYSCTL_H -#include <sys/sysctl.h> /* CTL_KERN KERN_RANDOM RANDOM_UUID KERN_URND KERN_ARND sysctl(2) */ -#endif - -#ifndef HAVE_RANDOM_UUID -#define HAVE_RANDOM_UUID (HAVE_SYS_SYSCTL_H && defined __linux) /* RANDOM_UUID is an enum, not macro */ -#endif - -#ifndef HAVE_KERN_URND -#define HAVE_KERN_URND (defined KERN_URND) -#endif - -#ifndef HAVE_KERN_ARND -#define HAVE_KERN_ARND (defined KERN_ARND) -#endif static int randL_stir(struct randL_state *st, unsigned rqstd) { unsigned count = 0; int error; unsigned char data[256]; -#if HAVE_RANDOM_UUID || HAVE_KERN_URND || HAVE_KERN_ARND -#if HAVE_RANDOM_UUID - int mib[] = { CTL_KERN, KERN_RANDOM, RANDOM_UUID }; -#elif HAVE_KERN_URND - int mib[] = { CTL_KERN, KERN_URND }; -#else - int mib[] = { CTL_KERN, KERN_ARND }; -#endif - - while (count < rqstd) { +#if HAVE_ARC4RANDOM + while (count < rqst) { size_t n = MIN(rqstd - count, sizeof data); - if (0 != sysctl(mib, countof(mib), data, &n, (void *)0, 0)) - break; + arc4random(data, n); RAND_add(data, n, n); @@ -7856,6 +7841,22 @@ static int randL_stir(struct randL_state *st, unsigned rqstd) { } #endif +#if HAVE_GETRANDOM + while (count < rqst) { + size_t n = MIN(rqstd - count, sizeof data); + + n = getrandom(data, n, 0); + + if (n == -1) { + break; + } + + RAND_add(data, n, n); + + count += n; + } +#endif + if (count < rqstd) { #if defined O_CLOEXEC && (!defined _AIX /* O_CLOEXEC overflows int */) int fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC); |