openbsd/src/lib/libcrypto/arc4random, branch libressl-v2.1.4 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.1.4 2015-01-19T20:21:40+00:00 Add arc4random/getentropy shims for NetBSD. 2015-01-19T20:21:40+00:00 bcook 2015-01-19T20:21:40+00:00 urn:sha1:8da41a08c1b0ad547a78765a94025ba2a25b5fb0 The latest NetBSD (6.1.5) arc4random does not appear to reseed the CRNG state after a fork, so provide an override until the fork-safe version in CVS appears in a release. These are the same as the FreeBSD shims. ok deraadt@ back in september I did the large abstraction refactoring to allow these 2015-01-15T06:57:18+00:00 deraadt 2015-01-15T06:57:18+00:00 urn:sha1:2c0fa7a33267776e90c29aa1b640595e92c0d8f7 other systems to fit into the same mold, so add copyright mix in more virtual memory and process information 2015-01-07T01:15:57+00:00 bcook 2015-01-07T01:15:57+00:00 urn:sha1:84d3a443bfbb7a97be016bcdc5e73d244c6987ad add initial HP-UX getentropy/arc4random support. 2015-01-06T21:08:11+00:00 bcook 2015-01-06T21:08:11+00:00 urn:sha1:0facf1dc285a76d9848d5c48673c3b02ce1dec91 patch from Kinichiro Inoguchi, tested on HP-UX 11.31 ok deraadt@ correct the failure case for getentropy on win32 2014-11-11T13:54:33+00:00 bcook 2014-11-11T13:54:33+00:00 urn:sha1:8d5f6fbe06d6b13dd764a076a1f541134df3c108 CryptAcquireContext and CryptGenRandom returns zero (FALSE) if fails. From: Dongsheng Song <dongsheng.song@gmail.com> Add hooks to override native arc4random_buf on FreeBSD. 2014-11-03T06:23:30+00:00 bcook 2014-11-03T06:23:30+00:00 urn:sha1:97f48e5c1a29dd52ce16c023eaa14f5da0110610 The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is also broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. include header needed by older linux kernels 2014-10-11T16:44:05+00:00 bcook 2014-10-11T16:44:05+00:00 urn:sha1:4e737c824fafe5f105e5f4849a9db2569b5d53d8 not all versions of <linux/random.h> include <linux/types.h> by default preserve errno value on success. 2014-08-28T01:00:57+00:00 bcook 2014-08-28T01:00:57+00:00 urn:sha1:a204a3a466a44d9fd8704c0ac46eef238a8cb1e7 If getrandom returns a temporary failure, make sure errno is not polluted when it succeeds. Thanks to deraadt@ for pointing it out. only build the getrandom path if SYS_getrandom is defined. 2014-08-16T18:42:41+00:00 bcook 2014-08-16T18:42:41+00:00 urn:sha1:8d1497d70ef3cba9c8cb1eeffed8280530bfd921 like the sysctl path getrandom(2) support for getentropy_linux 2014-08-16T17:21:56+00:00 bcook 2014-08-16T17:21:56+00:00 urn:sha1:408eab1e65d65540efc82e6ec61695cebcc06a66 This enables support for the new getrandom(2) syscall in Linux 3.17. If the call exists and fails, return a failure in getentropy(2) emulation as well. This adds a EINTR check in case the urandom pool is not initialized. Tested on Fedora Rawhide with 3.17rc0 and Ubuntu 14.04 ok deraadt@