openbsd/src/lib/libcrypto/arc4random, branch libressl-v2.1.2 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.1.2 2014-11-11T13:54:33+00:00 correct the failure case for getentropy on win32 2014-11-11T13:54:33+00:00 bcook 2014-11-11T13:54:33+00:00 urn:sha1:8d5f6fbe06d6b13dd764a076a1f541134df3c108 CryptAcquireContext and CryptGenRandom returns zero (FALSE) if fails. From: Dongsheng Song <dongsheng.song@gmail.com> Add hooks to override native arc4random_buf on FreeBSD. 2014-11-03T06:23:30+00:00 bcook 2014-11-03T06:23:30+00:00 urn:sha1:97f48e5c1a29dd52ce16c023eaa14f5da0110610 The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is also broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. include header needed by older linux kernels 2014-10-11T16:44:05+00:00 bcook 2014-10-11T16:44:05+00:00 urn:sha1:4e737c824fafe5f105e5f4849a9db2569b5d53d8 not all versions of <linux/random.h> include <linux/types.h> by default preserve errno value on success. 2014-08-28T01:00:57+00:00 bcook 2014-08-28T01:00:57+00:00 urn:sha1:a204a3a466a44d9fd8704c0ac46eef238a8cb1e7 If getrandom returns a temporary failure, make sure errno is not polluted when it succeeds. Thanks to deraadt@ for pointing it out. only build the getrandom path if SYS_getrandom is defined. 2014-08-16T18:42:41+00:00 bcook 2014-08-16T18:42:41+00:00 urn:sha1:8d1497d70ef3cba9c8cb1eeffed8280530bfd921 like the sysctl path getrandom(2) support for getentropy_linux 2014-08-16T17:21:56+00:00 bcook 2014-08-16T17:21:56+00:00 urn:sha1:408eab1e65d65540efc82e6ec61695cebcc06a66 This enables support for the new getrandom(2) syscall in Linux 3.17. If the call exists and fails, return a failure in getentropy(2) emulation as well. This adds a EINTR check in case the urandom pool is not initialized. Tested on Fedora Rawhide with 3.17rc0 and Ubuntu 14.04 ok deraadt@ munmap correct object in (extremely unlikely, and effectively terminal) 2014-08-13T06:04:10+00:00 deraadt 2014-08-13T06:04:10+00:00 urn:sha1:a4dcb1ba73868ec4ce8e7552483d80ead4aab937 case of failing to map the 2nd object. found by Paul Maurers better match proposed syscall api 2014-07-22T01:15:58+00:00 bcook 2014-07-22T01:15:58+00:00 urn:sha1:0ed0b42beb5b86bbeae21da1895c40f4f6d552b5 protect sysctl path with SYS__sysctl instead; from enh@google, ok bcook 2014-07-21T23:34:54+00:00 deraadt 2014-07-21T23:34:54+00:00 urn:sha1:7a43275649d54761a1b6314f34094b07b0eb8a0f Use explicit_bzero() instead of memset() on buffers going out of scope. 2014-07-21T20:19:47+00:00 guenther 2014-07-21T20:19:47+00:00 urn:sha1:0872907b62794cd6aa17af938318ed13aef2aecc Also, zero the SHA256 context. suggested by "eric" in a comment on an opensslrampage.org post ok miod@ deraadt@