From 8b27f0efd0c64adf15140fd4fa2856da224cf62e Mon Sep 17 00:00:00 2001 From: "Martin v. L?wis" Date: Fri, 25 Jan 2013 14:06:18 +0100 Subject: Drop support for Windows 2000; allow any XP API (but not Vista+). Drop SDK version configuration for Tk compilation, to not bind it to W2k anymore. Binding it to XP would conflict with Tk's own binding of tkMenu to W2k. --- Python/random.c | 33 +++------------------------------ 1 file changed, 3 insertions(+), 30 deletions(-) (limited to 'Python/random.c') diff --git a/Python/random.c b/Python/random.c index 53518c2ebe..1ad4c3df7f 100644 --- a/Python/random.c +++ b/Python/random.c @@ -12,13 +12,6 @@ static int _Py_HashSecret_Initialized = 0; #endif #ifdef MS_WINDOWS -typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTA)(HCRYPTPROV *phProv,\ - LPCSTR pszContainer, LPCSTR pszProvider, DWORD dwProvType,\ - DWORD dwFlags ); -typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV hProv, DWORD dwLen,\ - BYTE *pbBuffer ); - -static CRYPTGENRANDOM pCryptGenRandom = NULL; /* This handle is never explicitly released. Instead, the operating system will release it when the process terminates. */ static HCRYPTPROV hCryptProv = 0; @@ -26,29 +19,9 @@ static HCRYPTPROV hCryptProv = 0; static int win32_urandom_init(int raise) { - HINSTANCE hAdvAPI32 = NULL; - CRYPTACQUIRECONTEXTA pCryptAcquireContext = NULL; - - /* Obtain handle to the DLL containing CryptoAPI. This should not fail. */ - hAdvAPI32 = GetModuleHandle("advapi32.dll"); - if(hAdvAPI32 == NULL) - goto error; - - /* Obtain pointers to the CryptoAPI functions. This will fail on some early - versions of Win95. */ - pCryptAcquireContext = (CRYPTACQUIRECONTEXTA)GetProcAddress( - hAdvAPI32, "CryptAcquireContextA"); - if (pCryptAcquireContext == NULL) - goto error; - - pCryptGenRandom = (CRYPTGENRANDOM)GetProcAddress(hAdvAPI32, - "CryptGenRandom"); - if (pCryptGenRandom == NULL) - goto error; - /* Acquire context */ - if (! pCryptAcquireContext(&hCryptProv, NULL, NULL, - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) + if (!CryptAcquireContext(&hCryptProv, NULL, NULL, + PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) goto error; return 0; @@ -77,7 +50,7 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise) while (size > 0) { chunk = size > INT_MAX ? INT_MAX : size; - if (!pCryptGenRandom(hCryptProv, chunk, buffer)) + if (!CryptGenRandom(hCryptProv, chunk, buffer)) { /* CryptGenRandom() failed */ if (raise) -- cgit v1.2.1 From e5883d6d95989121670eca012dd5bde1721747e7 Mon Sep 17 00:00:00 2001 From: Victor Stinner Date: Wed, 28 Aug 2013 00:53:59 +0200 Subject: Issue #18571: Implementation of the PEP 446: file descriptors and file handles are now created non-inheritable; add functions os.get/set_inheritable(), os.get/set_handle_inheritable() and socket.socket.get/set_inheritable(). --- Python/random.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'Python/random.c') diff --git a/Python/random.c b/Python/random.c index 709f980dca..8cf2fef7c6 100644 --- a/Python/random.c +++ b/Python/random.c @@ -101,7 +101,7 @@ dev_urandom_noraise(char *buffer, Py_ssize_t size) assert (0 < size); - fd = open("/dev/urandom", O_RDONLY); + fd = _Py_open("/dev/urandom", O_RDONLY); if (fd < 0) Py_FatalError("Failed to open /dev/urandom"); @@ -134,7 +134,7 @@ dev_urandom_python(char *buffer, Py_ssize_t size) return 0; Py_BEGIN_ALLOW_THREADS - fd = open("/dev/urandom", O_RDONLY); + fd = _Py_open("/dev/urandom", O_RDONLY); Py_END_ALLOW_THREADS if (fd < 0) { -- cgit v1.2.1 From a7b94565928a47b36f01c932aad076cc093a9db5 Mon Sep 17 00:00:00 2001 From: Antoine Pitrou Date: Sat, 31 Aug 2013 00:26:02 +0200 Subject: Issue #18756: os.urandom() now uses a lazily-opened persistent file descriptor, so as to avoid using many file descriptors when run in parallel from multiple threads. --- Python/random.c | 55 ++++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 42 insertions(+), 13 deletions(-) (limited to 'Python/random.c') diff --git a/Python/random.c b/Python/random.c index 8cf2fef7c6..1d470c703c 100644 --- a/Python/random.c +++ b/Python/random.c @@ -90,6 +90,7 @@ vms_urandom(unsigned char *buffer, Py_ssize_t size, int raise) #if !defined(MS_WINDOWS) && !defined(__VMS) +static int urandom_fd = -1; /* Read size bytes from /dev/urandom into buffer. Call Py_FatalError() on error. */ @@ -133,18 +134,30 @@ dev_urandom_python(char *buffer, Py_ssize_t size) if (size <= 0) return 0; - Py_BEGIN_ALLOW_THREADS - fd = _Py_open("/dev/urandom", O_RDONLY); - Py_END_ALLOW_THREADS - if (fd < 0) - { - if (errno == ENOENT || errno == ENXIO || - errno == ENODEV || errno == EACCES) - PyErr_SetString(PyExc_NotImplementedError, - "/dev/urandom (or equivalent) not found"); + if (urandom_fd >= 0) + fd = urandom_fd; + else { + Py_BEGIN_ALLOW_THREADS + fd = _Py_open("/dev/urandom", O_RDONLY); + Py_END_ALLOW_THREADS + if (fd < 0) + { + if (errno == ENOENT || errno == ENXIO || + errno == ENODEV || errno == EACCES) + PyErr_SetString(PyExc_NotImplementedError, + "/dev/urandom (or equivalent) not found"); + else + PyErr_SetFromErrno(PyExc_OSError); + return -1; + } + if (urandom_fd >= 0) { + /* urandom_fd was initialized by another thread while we were + not holding the GIL, keep it. */ + close(fd); + fd = urandom_fd; + } else - PyErr_SetFromErrno(PyExc_OSError); - return -1; + urandom_fd = fd; } Py_BEGIN_ALLOW_THREADS @@ -168,12 +181,20 @@ dev_urandom_python(char *buffer, Py_ssize_t size) PyErr_Format(PyExc_RuntimeError, "Failed to read %zi bytes from /dev/urandom", size); - close(fd); return -1; } - close(fd); return 0; } + +static void +dev_urandom_close(void) +{ + if (urandom_fd >= 0) { + close(urandom_fd); + urandom_fd = -1; + } +} + #endif /* !defined(MS_WINDOWS) && !defined(__VMS) */ /* Fill buffer with pseudo-random bytes generated by a linear congruent @@ -271,3 +292,11 @@ _PyRandom_Init(void) #endif } } + +void +_PyRandom_Fini(void) +{ +#if !defined(MS_WINDOWS) && !defined(__VMS) + dev_urandom_close(); +#endif +} -- cgit v1.2.1 From 6988dd8e0360108ccf61854ba7ff6cf45b3abff0 Mon Sep 17 00:00:00 2001 From: Victor Stinner Date: Fri, 15 Nov 2013 23:26:25 +0100 Subject: Fix compiler warning in win32_urandom(): explicit cast to DWORD in CryptGenRandom() --- Python/random.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Python/random.c') diff --git a/Python/random.c b/Python/random.c index 9c9370c233..d9c7e77109 100644 --- a/Python/random.c +++ b/Python/random.c @@ -50,7 +50,7 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise) while (size > 0) { chunk = size > INT_MAX ? INT_MAX : size; - if (!CryptGenRandom(hCryptProv, chunk, buffer)) + if (!CryptGenRandom(hCryptProv, (DWORD)chunk, buffer)) { /* CryptGenRandom() failed */ if (raise) -- cgit v1.2.1 From 1f4288b872047826fa7bc66ab5fe785e61a095b1 Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Wed, 20 Nov 2013 11:46:18 +0100 Subject: ssue #19183: Implement PEP 456 'secure and interchangeable hash algorithm'. Python now uses SipHash24 on all major platforms. --- Python/random.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'Python/random.c') diff --git a/Python/random.c b/Python/random.c index d9c7e77109..de8e9e72c7 100644 --- a/Python/random.c +++ b/Python/random.c @@ -95,7 +95,7 @@ static int urandom_fd = -1; /* Read size bytes from /dev/urandom into buffer. Call Py_FatalError() on error. */ static void -dev_urandom_noraise(char *buffer, Py_ssize_t size) +dev_urandom_noraise(unsigned char *buffer, Py_ssize_t size) { int fd; Py_ssize_t n; @@ -249,8 +249,9 @@ void _PyRandom_Init(void) { char *env; - void *secret = &_Py_HashSecret; + unsigned char *secret = (unsigned char *)&_Py_HashSecret.uc; Py_ssize_t secret_size = sizeof(_Py_HashSecret_t); + assert(secret_size == sizeof(_Py_HashSecret.uc)); if (_Py_HashSecret_Initialized) return; @@ -278,17 +279,17 @@ _PyRandom_Init(void) memset(secret, 0, secret_size); } else { - lcg_urandom(seed, (unsigned char*)secret, secret_size); + lcg_urandom(seed, secret, secret_size); } } else { #ifdef MS_WINDOWS - (void)win32_urandom((unsigned char *)secret, secret_size, 0); + (void)win32_urandom(secret, secret_size, 0); #else /* #ifdef MS_WINDOWS */ # ifdef __VMS - vms_urandom((unsigned char *)secret, secret_size, 0); + vms_urandom(secret, secret_size, 0); # else - dev_urandom_noraise((char*)secret, secret_size); + dev_urandom_noraise(secret, secret_size); # endif #endif } -- cgit v1.2.1 From 8531989aa308c3953619aafa8ad9c1106911ceca Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Sat, 21 Dec 2013 16:19:10 +0100 Subject: Issue #16136: Remove VMS support and VMS-related code --- Python/random.c | 37 ++++--------------------------------- 1 file changed, 4 insertions(+), 33 deletions(-) (limited to 'Python/random.c') diff --git a/Python/random.c b/Python/random.c index de8e9e72c7..cdace0036b 100644 --- a/Python/random.c +++ b/Python/random.c @@ -68,28 +68,7 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise) #endif /* MS_WINDOWS */ -#ifdef __VMS -/* Use openssl random routine */ -#include -static int -vms_urandom(unsigned char *buffer, Py_ssize_t size, int raise) -{ - if (RAND_pseudo_bytes(buffer, size) < 0) { - if (raise) { - PyErr_Format(PyExc_ValueError, - "RAND_pseudo_bytes"); - } else { - Py_FatalError("Failed to initialize the randomized hash " - "secret using RAND_pseudo_bytes"); - } - return -1; - } - return 0; -} -#endif /* __VMS */ - - -#if !defined(MS_WINDOWS) && !defined(__VMS) +#ifndef MS_WINDOWS static int urandom_fd = -1; /* Read size bytes from /dev/urandom into buffer. @@ -195,7 +174,7 @@ dev_urandom_close(void) } } -#endif /* !defined(MS_WINDOWS) && !defined(__VMS) */ +#endif /* MS_WINDOWS */ /* Fill buffer with pseudo-random bytes generated by a linear congruent generator (LCG): @@ -237,11 +216,7 @@ _PyOS_URandom(void *buffer, Py_ssize_t size) #ifdef MS_WINDOWS return win32_urandom((unsigned char *)buffer, size, 1); #else -# ifdef __VMS - return vms_urandom((unsigned char *)buffer, size, 1); -# else return dev_urandom_python((char*)buffer, size); -# endif #endif } @@ -285,12 +260,8 @@ _PyRandom_Init(void) else { #ifdef MS_WINDOWS (void)win32_urandom(secret, secret_size, 0); -#else /* #ifdef MS_WINDOWS */ -# ifdef __VMS - vms_urandom(secret, secret_size, 0); -# else +#else dev_urandom_noraise(secret, secret_size); -# endif #endif } } @@ -298,7 +269,7 @@ _PyRandom_Init(void) void _PyRandom_Fini(void) { -#if !defined(MS_WINDOWS) && !defined(__VMS) +#ifndef MS_WINDOWS dev_urandom_close(); #endif } -- cgit v1.2.1