openbsd/src/lib/libcrypto/crypto/arc4random_freebsd.h, branch OPENBSD_5_9_BASEA mirror of https://github.com/libressl/openbsd.git
https://git.lua4.win/openbsd/atom?h=OPENBSD_5_9_BASE2015-09-11T11:52:55+00:00unify files further2015-09-11T11:52:55+00:00deraadt2015-09-11T11:52:55+00:00urn:sha1:2a8f39dde4eb3fc8b492e8c665128c557ff500afback in september I did the large abstraction refactoring to allow these2015-01-15T06:57:18+00:00deraadt2015-01-15T06:57:18+00:00urn:sha1:2c0fa7a33267776e90c29aa1b640595e92c0d8f7
other systems to fit into the same mold, so add copyright
Add hooks to override native arc4random_buf on FreeBSD.2014-11-03T06:23:30+00:00bcook2014-11-03T06:23:30+00:00urn:sha1:97f48e5c1a29dd52ce16c023eaa14f5da0110610
The FreeBSD-native arc4random_buf implementation falls back to weak sources of
entropy if the sysctl fails. Remove these dangerous fallbacks by overriding
locally.
Unfortunately, pthread_atfork() is also broken on FreeBSD (at least 9 and 10)
if a program does not link to -lthr. Callbacks registered with pthread_atfork()
simply fail silently. So, it is not always possible to detect a PID wraparound.
I wish we could do better.
This improves arc4random_buf's safety compared to the native FreeBSD
implementation.
Tested on FreeBSD 9 and 10.