use arc4random instead of /dev/arandom,

allows RAND_poll after chroot, ok deraadt, fgsch
author: markus <> 2002-09-17 20:15:03 +0000
committer: markus <> 2002-09-17 20:15:03 +0000
commit: b8476376aa93d01a90c88ac2718a3516cf9a7222 (patch)
tree: f12cc724d1658ddc3405c573559140c2b9064aa8 /src
parent: 72ff746fa7e976fb78c8f445cc45492132e38860 (diff)
download: openbsd-b8476376aa93d01a90c88ac2718a3516cf9a7222.tar.gz
openbsd-b8476376aa93d01a90c88ac2718a3516cf9a7222.tar.bz2
openbsd-b8476376aa93d01a90c88ac2718a3516cf9a7222.zip
2 files changed, 22 insertions, 60 deletions
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c
index a7f66c6dfe..fa2bab57c6 100644
--- a/src/lib/libcrypto/rand/rand_unix.c
+++ b/src/lib/libcrypto/rand/rand_unix.c
@@ -125,40 +125,21 @@
 #include <time.h>
 #ifdef __OpenBSD__
-#undef DEVRANDOM
-#define DEVRANDOM "/dev/arandom"
 int RAND_poll(void)
 {
-        unsigned long l;
+        u_int32_t rnd = 0, i;
-        pid_t curr_pid = getpid();
+        unsigned char buf[ENTROPY_NEEDED];
-        FILE *fh;
-        /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
+        for (i = 0; i < sizeof(buf); i++) {
-         * have this. Use /dev/urandom if you can as /dev/random may block
+                if (i % 4 == 0)
-         * if it runs out of random entries.  */
+                        rnd = arc4random();
+                buf[i] = rnd;
+                rnd >>= 8;
+        }
+        RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
+        memset(buf, 0, sizeof(buf));
-        if ((fh = fopen(DEVRANDOM, "r")) != NULL)
+        return 1;
-                {
-                unsigned char tmpbuf[ENTROPY_NEEDED];
-                int n;
-                setvbuf(fh, NULL, _IONBF, 0);
-                n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
-                fclose(fh);
-                RAND_add(tmpbuf,sizeof tmpbuf,n);
-                memset(tmpbuf,0,n);
-                }
-        /* put in some default random data, we need more than just this */
-        l=curr_pid;
-        RAND_add(&l,sizeof(l),0);
-        l=getuid();
-        RAND_add(&l,sizeof(l),0);
-        l=time(NULL);
-        RAND_add(&l,sizeof(l),0);
-        return 1;
 }
 #else
 int RAND_poll(void)
diff --git a/src/lib/libssl/src/crypto/rand/rand_unix.c b/src/lib/libssl/src/crypto/rand/rand_unix.c
index a7f66c6dfe..fa2bab57c6 100644
--- a/src/lib/libssl/src/crypto/rand/rand_unix.c
+++ b/src/lib/libssl/src/crypto/rand/rand_unix.c
@@ -125,40 +125,21 @@
 #include <time.h>
 #ifdef __OpenBSD__
-#undef DEVRANDOM
-#define DEVRANDOM "/dev/arandom"
 int RAND_poll(void)
 {
-        unsigned long l;
+        u_int32_t rnd = 0, i;
-        pid_t curr_pid = getpid();
+        unsigned char buf[ENTROPY_NEEDED];
-        FILE *fh;
-        /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
+        for (i = 0; i < sizeof(buf); i++) {
-         * have this. Use /dev/urandom if you can as /dev/random may block
+                if (i % 4 == 0)
-         * if it runs out of random entries.  */
+                        rnd = arc4random();
+                buf[i] = rnd;
+                rnd >>= 8;
+        }
+        RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
+        memset(buf, 0, sizeof(buf));
-        if ((fh = fopen(DEVRANDOM, "r")) != NULL)
+        return 1;
-                {
-                unsigned char tmpbuf[ENTROPY_NEEDED];
-                int n;
-                setvbuf(fh, NULL, _IONBF, 0);
-                n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
-                fclose(fh);
-                RAND_add(tmpbuf,sizeof tmpbuf,n);
-                memset(tmpbuf,0,n);
-                }
-        /* put in some default random data, we need more than just this */
-        l=curr_pid;
-        RAND_add(&l,sizeof(l),0);
-        l=getuid();
-        RAND_add(&l,sizeof(l),0);
-        l=time(NULL);
-        RAND_add(&l,sizeof(l),0);
-        return 1;
 }
 #else
 int RAND_poll(void)
author	markus <>	2002-09-17 20:15:03 +0000
committer	markus <>	2002-09-17 20:15:03 +0000
commit	b8476376aa93d01a90c88ac2718a3516cf9a7222 (patch)
tree	f12cc724d1658ddc3405c573559140c2b9064aa8 /src
parent	72ff746fa7e976fb78c8f445cc45492132e38860 (diff)
download	openbsd-b8476376aa93d01a90c88ac2718a3516cf9a7222.tar.gz openbsd-b8476376aa93d01a90c88ac2718a3516cf9a7222.tar.bz2 openbsd-b8476376aa93d01a90c88ac2718a3516cf9a7222.zip

diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c index a7f66c6dfe..fa2bab57c6 100644 --- a/src/lib/libcrypto/rand/rand_unix.c +++ b/src/lib/libcrypto/rand/rand_unix.c
@@ -125,40 +125,21 @@
125	#include <time.h>	125	#include <time.h>
126		126
127	#ifdef __OpenBSD__	127	#ifdef __OpenBSD__
128	#undef DEVRANDOM
129	#define DEVRANDOM "/dev/arandom"
130	int RAND_poll(void)	128	int RAND_poll(void)
131	{	129	{
132	unsigned long l;	130	u_int32_t rnd = 0, i;
133	pid_t curr_pid = getpid();	131	unsigned char buf[ENTROPY_NEEDED];
134	FILE *fh;
135		132
136	/* Use a random entropy pool device. Linux, FreeBSD and OpenBSD	133	for (i = 0; i < sizeof(buf); i++) {
137	* have this. Use /dev/urandom if you can as /dev/random may block	134	if (i % 4 == 0)
138	* if it runs out of random entries. */	135	rnd = arc4random();
		136	buf[i] = rnd;
		137	rnd >>= 8;
		138	}
		139	RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
		140	memset(buf, 0, sizeof(buf));
139		141
140	if ((fh = fopen(DEVRANDOM, "r")) != NULL)	142	return 1;
141	{
142	unsigned char tmpbuf[ENTROPY_NEEDED];
143	int n;
144
145	setvbuf(fh, NULL, _IONBF, 0);
146	n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
147	fclose(fh);
148	RAND_add(tmpbuf,sizeof tmpbuf,n);
149	memset(tmpbuf,0,n);
150	}
151
152	/* put in some default random data, we need more than just this */
153	l=curr_pid;
154	RAND_add(&l,sizeof(l),0);
155	l=getuid();
156	RAND_add(&l,sizeof(l),0);
157
158	l=time(NULL);
159	RAND_add(&l,sizeof(l),0);
160
161	return 1;
162	}	143	}
163	#else	144	#else
164	int RAND_poll(void)	145	int RAND_poll(void)


diff --git a/src/lib/libssl/src/crypto/rand/rand_unix.c b/src/lib/libssl/src/crypto/rand/rand_unix.c index a7f66c6dfe..fa2bab57c6 100644 --- a/src/lib/libssl/src/crypto/rand/rand_unix.c +++ b/src/lib/libssl/src/crypto/rand/rand_unix.c
@@ -125,40 +125,21 @@
125	#include <time.h>	125	#include <time.h>
126		126
127	#ifdef __OpenBSD__	127	#ifdef __OpenBSD__
128	#undef DEVRANDOM
129	#define DEVRANDOM "/dev/arandom"
130	int RAND_poll(void)	128	int RAND_poll(void)
131	{	129	{
132	unsigned long l;	130	u_int32_t rnd = 0, i;
133	pid_t curr_pid = getpid();	131	unsigned char buf[ENTROPY_NEEDED];
134	FILE *fh;
135		132
136	/* Use a random entropy pool device. Linux, FreeBSD and OpenBSD	133	for (i = 0; i < sizeof(buf); i++) {
137	* have this. Use /dev/urandom if you can as /dev/random may block	134	if (i % 4 == 0)
138	* if it runs out of random entries. */	135	rnd = arc4random();
		136	buf[i] = rnd;
		137	rnd >>= 8;
		138	}
		139	RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
		140	memset(buf, 0, sizeof(buf));
139		141
140	if ((fh = fopen(DEVRANDOM, "r")) != NULL)	142	return 1;
141	{
142	unsigned char tmpbuf[ENTROPY_NEEDED];
143	int n;
144
145	setvbuf(fh, NULL, _IONBF, 0);
146	n=fread((unsigned char *)tmpbuf,1,ENTROPY_NEEDED,fh);
147	fclose(fh);
148	RAND_add(tmpbuf,sizeof tmpbuf,n);
149	memset(tmpbuf,0,n);
150	}
151
152	/* put in some default random data, we need more than just this */
153	l=curr_pid;
154	RAND_add(&l,sizeof(l),0);
155	l=getuid();
156	RAND_add(&l,sizeof(l),0);
157
158	l=time(NULL);
159	RAND_add(&l,sizeof(l),0);
160
161	return 1;
162	}	143	}
163	#else	144	#else
164	int RAND_poll(void)	145	int RAND_poll(void)