refactor(random): on linux+bsd use api instead of /dev/urandom

the api is faster and equally good
author: Thijs Schreijer <thijs@thijsschreijer.nl> 2025-02-06 17:56:34 +0100
committer: Thijs Schreijer <thijs@thijsschreijer.nl> 2025-02-10 09:01:58 +0100
commit: 0cb19e1617d735e815e9747a53b6d9f3b3bd568b (patch)
tree: 6d30d538a13b35dd5b94574f286d5084786e254c
parent: ee7524563af91aa4f0336088c7f85dc1d68b0066 (diff)
download: luasystem-0cb19e1617d735e815e9747a53b6d9f3b3bd568b.tar.gz
luasystem-0cb19e1617d735e815e9747a53b6d9f3b3bd568b.tar.bz2
luasystem-0cb19e1617d735e815e9747a53b6d9f3b3bd568b.zip
2 files changed, 31 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 25114c3..3d95d9f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -33,6 +33,8 @@ The scope of what is covered by the version number excludes:
 - Feat: when detecting character display width, also accept unicode codepoints (integers),
  since the Lua utf8 library returns codepoints, not strings
 - Fix: NetBSD fix compilation, undeclared directives
+- Refactor: random bytes; remove deprecated API usage on Windows, move to
+  binary api instead of /dev/urandom file on linux and bsd
 ### version 0.4.5, released 18-Dec-2024
diff --git a/src/random.c b/src/random.c
index ee544c4..70bf13b 100644
--- a/src/random.c
+++ b/src/random.c
@@ -13,15 +13,21 @@
    #include <windows.h>
    #include <bcrypt.h>
 #else
-#include <errno.h>
+    #include <errno.h>
-#include <unistd.h>
+    #include <unistd.h>
-#include <string.h>
+    #include <string.h>
+    #if defined(__linux__)
+        #include <sys/random.h> // getrandom()
+    #elif defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__)
+        #include <stdlib.h>     // arc4random_buf()
+    #endif
 #endif
 /***
 Generate random bytes.
-This uses `BCryptGenRandom()` on Windows, and `/dev/urandom` on other platforms. It will return the
+This uses `BCryptGenRandom()` on Windows, `getrandom()` on Linux, `arc4random_buf` on BSD,
+and `/dev/urandom` on other platforms. It will return the
 requested number of bytes, or an error, never a partial result.
 @function random
 @tparam[opt=1] int length number of bytes to get
@@ -53,6 +59,7 @@ static int lua_get_random_bytes(lua_State* L) {
    ssize_t total_read = 0;
 #ifdef _WIN32
+    // Use BCryptGenRandom() on Windows
    if (!BCRYPT_SUCCESS(BCryptGenRandom(NULL, buffer, num_bytes, BCRYPT_USE_SYSTEM_PREFERRED_RNG))) {
        DWORD error = GetLastError();
        lua_pushnil(L);
@@ -60,8 +67,25 @@ static int lua_get_random_bytes(lua_State* L) {
        return 2;
    }
+#elif defined(__linux__)
+    // Use getrandom() on Linux (Kernel 3.17+, 2014)
+    while (total_read < num_bytes) {
+        ssize_t n = getrandom(buffer + total_read, num_bytes - total_read, 0);
+        if (n < 0) {
+            if (errno == EINTR) continue;  // Retry on interrupt
+            lua_pushnil(L);
+            lua_pushfstring(L, "getrandom() failed: %s", strerror(errno));
+            return 2;
+        }
+        total_read += n;
+    }
+#elif defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__)
+    // Use arc4random_buf() on BSD/macOS
+    arc4random_buf(buffer, num_bytes);
 #else
-    // for macOS/unixes use /dev/urandom for non-blocking
+    // fall back to /dev/urandom for anything else
    int fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
    if (fd < 0) {
        lua_pushnil(L);
author	Thijs Schreijer <thijs@thijsschreijer.nl>	2025-02-06 17:56:34 +0100
committer	Thijs Schreijer <thijs@thijsschreijer.nl>	2025-02-10 09:01:58 +0100
commit	0cb19e1617d735e815e9747a53b6d9f3b3bd568b (patch)
tree	6d30d538a13b35dd5b94574f286d5084786e254c
parent	ee7524563af91aa4f0336088c7f85dc1d68b0066 (diff)
download	luasystem-0cb19e1617d735e815e9747a53b6d9f3b3bd568b.tar.gz luasystem-0cb19e1617d735e815e9747a53b6d9f3b3bd568b.tar.bz2 luasystem-0cb19e1617d735e815e9747a53b6d9f3b3bd568b.zip