summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libc/crypt/arc4random.c11
-rw-r--r--src/lib/libc/stdlib/random.37
-rw-r--r--src/lib/libc/stdlib/random.c49
3 files changed, 16 insertions, 51 deletions
diff --git a/src/lib/libc/crypt/arc4random.c b/src/lib/libc/crypt/arc4random.c
index 843751d09e..1e338f9968 100644
--- a/src/lib/libc/crypt/arc4random.c
+++ b/src/lib/libc/crypt/arc4random.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: arc4random.c,v 1.14 2005/06/06 14:57:59 kjell Exp $ */ 1/* $OpenBSD: arc4random.c,v 1.15 2005/11/30 07:51:02 otto Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1996, David Mazieres <dm@uun.org> 4 * Copyright (c) 1996, David Mazieres <dm@uun.org>
@@ -99,14 +99,7 @@ arc4_stir(struct arc4_stream *as)
99 mib[1] = KERN_ARND; 99 mib[1] = KERN_ARND;
100 100
101 len = sizeof(rnd); 101 len = sizeof(rnd);
102 if (sysctl(mib, 2, rnd, &len, NULL, 0) == -1) { 102 sysctl(mib, 2, rnd, &len, NULL, 0);
103 for (i = 0; i < sizeof(rnd) / sizeof(u_int); i ++) {
104 len = sizeof(u_int);
105 if (sysctl(mib, 2, &rnd[i * sizeof(u_int)], &len,
106 NULL, 0) == -1)
107 break;
108 }
109 }
110 103
111 arc4_stir_pid = getpid(); 104 arc4_stir_pid = getpid();
112 arc4_addrandom(as, rnd, sizeof(rnd)); 105 arc4_addrandom(as, rnd, sizeof(rnd));
diff --git a/src/lib/libc/stdlib/random.3 b/src/lib/libc/stdlib/random.3
index f43f06420d..626b040b50 100644
--- a/src/lib/libc/stdlib/random.3
+++ b/src/lib/libc/stdlib/random.3
@@ -25,7 +25,7 @@
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE. 26.\" SUCH DAMAGE.
27.\" 27.\"
28.\" $OpenBSD: random.3,v 1.17 2003/06/02 20:18:38 millert Exp $ 28.\" $OpenBSD: random.3,v 1.18 2005/11/30 07:51:02 otto Exp $
29.\" 29.\"
30.Dd April 19, 1991 30.Dd April 19, 1991
31.Dt RANDOM 3 31.Dt RANDOM 3
@@ -89,9 +89,8 @@ as the seed.
89.Pp 89.Pp
90The 90The
91.Fn srandomdev 91.Fn srandomdev
92routine initializes a state array using the 92routine initializes a state array using
93.Xr arandom 4 93random numbers obtained from the kernel,
94random number device which returns good random numbers,
95suitable for cryptographic use. 94suitable for cryptographic use.
96Note that this particular seeding procedure can generate 95Note that this particular seeding procedure can generate
97states which are impossible to reproduce by calling 96states which are impossible to reproduce by calling
diff --git a/src/lib/libc/stdlib/random.c b/src/lib/libc/stdlib/random.c
index 565542ecdb..48e892042b 100644
--- a/src/lib/libc/stdlib/random.c
+++ b/src/lib/libc/stdlib/random.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: random.c,v 1.14 2005/08/08 08:05:37 espie Exp $ */ 1/* $OpenBSD: random.c,v 1.15 2005/11/30 07:51:02 otto Exp $ */
2/* 2/*
3 * Copyright (c) 1983 Regents of the University of California. 3 * Copyright (c) 1983 Regents of the University of California.
4 * All rights reserved. 4 * All rights reserved.
@@ -220,17 +220,17 @@ srandom(unsigned int x)
220 * srandomdev: 220 * srandomdev:
221 * 221 *
222 * Many programs choose the seed value in a totally predictable manner. 222 * Many programs choose the seed value in a totally predictable manner.
223 * This often causes problems. We seed the generator using the much more 223 * This often causes problems. We seed the generator using random
224 * secure arandom(4) interface. Note that this particular seeding 224 * data from the kernel.
225 * procedure can generate states which are impossible to reproduce by 225 * Note that this particular seeding procedure can generate states
226 * calling srandom() with any value, since the succeeding terms in the 226 * which are impossible to reproduce by calling srandom() with any
227 * state buffer are no longer derived from the LC algorithm applied to 227 * value, since the succeeding terms in the state buffer are no longer
228 * a fixed seed. 228 * derived from the LC algorithm applied to a fixed seed.
229 */ 229 */
230void 230void
231srandomdev(void) 231srandomdev(void)
232{ 232{
233 int fd, i, mib[2], n; 233 int mib[2];
234 size_t len; 234 size_t len;
235 235
236 if (rand_type == TYPE_0) 236 if (rand_type == TYPE_0)
@@ -238,36 +238,9 @@ srandomdev(void)
238 else 238 else
239 len = rand_deg * sizeof(state[0]); 239 len = rand_deg * sizeof(state[0]);
240 240
241 /* 241 mib[0] = CTL_KERN;
242 * To get seed data, first try reading from /dev/arandom. 242 mib[1] = KERN_ARND;
243 * If that fails, try the KERN_ARND sysctl() (one int at a time). 243 sysctl(mib, 2, state, &len, NULL, 0);
244 * As a last resort, call srandom().
245 */
246 if ((fd = open("/dev/arandom", O_RDONLY, 0)) != -1 &&
247 read(fd, (void *) state, len) == (ssize_t) len) {
248 close(fd);
249 } else {
250 if (fd != -1)
251 close(fd);
252 mib[0] = CTL_KERN;
253 mib[1] = KERN_ARND;
254 n = len / sizeof(int);
255 len = sizeof(int);
256 for (i = 0; i < n; i++) {
257 if (sysctl(mib, 2, (char *)((int *)state + i), &len,
258 NULL, 0) == -1)
259 break;
260 }
261 if (i != n) {
262 struct timeval tv;
263 u_int junk;
264
265 /* XXX - this could be better */
266 gettimeofday(&tv, NULL);
267 srandom(getpid() ^ tv.tv_sec ^ tv.tv_usec ^ junk);
268 return;
269 }
270 }
271 244
272 if (rand_type != TYPE_0) { 245 if (rand_type != TYPE_0) {
273 fptr = &state[rand_sep]; 246 fptr = &state[rand_sep];
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 19:38:46 +0000