diff options
| author | Glenn Strauss <gstrauss@gluelogic.com> | 2016-10-16 05:01:42 -0400 |
|---|---|---|
| committer | Glenn Strauss <gstrauss@gluelogic.com> | 2016-10-16 05:11:38 -0400 |
| commit | 032772ab6cde79ef78cc46a75ad92425fe4622b4 (patch) | |
| tree | 732f9f93da81c8d8de685e2fdd1af8fc73797bdc | |
| parent | 768dc3aa5bc94860b80a0cef5516f2b14f2c9a58 (diff) | |
| download | lighttpd-git-032772ab6cde79ef78cc46a75ad92425fe4622b4.tar.gz | |
add random() to list of rand() fallbackslighttpd-1.4.42
(but prefer better mechanisms)
| -rw-r--r-- | SConstruct | 2 | ||||
| -rw-r--r-- | configure.ac | 2 | ||||
| -rw-r--r-- | src/CMakeLists.txt | 1 | ||||
| -rw-r--r-- | src/rand.c | 17 |
4 files changed, 16 insertions, 6 deletions
@@ -220,7 +220,7 @@ if 1: getuid select signal pathconf madvise prctl\ writev sigaction sendfile64 send_file kqueue port_create localtime_r posix_fadvise issetugid inet_pton \ memset_s explicit_bzero clock_gettime \ - getentropy arc4random jrand48')) + getentropy arc4random jrand48 srandom')) checkFunc(autoconf, 'getrandom', 'linux/random.h') checkTypes(autoconf, Split('pid_t size_t off_t')) diff --git a/configure.ac b/configure.ac index 3842d31e..6e556171 100644 --- a/configure.ac +++ b/configure.ac @@ -763,7 +763,7 @@ AC_CHECK_FUNCS([dup2 getcwd inet_ntoa inet_ntop inet_pton issetugid memset mmap getuid select signal pathconf madvise posix_fadvise posix_madvise \ writev sigaction sendfile64 send_file kqueue port_create localtime_r gmtime_r \ memset_s explicit_bzero clock_gettime \ - getentropy arc4random jrand48]) + getentropy arc4random jrand48 srandom]) AC_CHECK_HEADERS([linux/random.h],[ AC_CHECK_FUNC([getrandom], AC_DEFINE([HAVE_GETRANDOM], [1], [getrandom])) ]) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 3d01272a..112009fa 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -159,6 +159,7 @@ check_function_exists(sendfilev HAVE_SENDFILEV) check_function_exists(sigaction HAVE_SIGACTION) check_function_exists(signal HAVE_SIGNAL) check_function_exists(sigtimedwait HAVE_SIGTIMEDWAIT) +check_function_exists(srandom HAVE_SRANDOM) check_function_exists(strptime HAVE_STRPTIME) check_function_exists(syslog HAVE_SYSLOG) check_function_exists(writev HAVE_WRITEV) @@ -123,19 +123,24 @@ void li_rand_reseed (void) unsigned int u; if (1 == li_rand_device_bytes((unsigned char *)xsubi, (int)sizeof(xsubi))) { u = ((unsigned int)xsubi[0] << 16) | xsubi[1]; - srand(u); /*(initialize just in case rand() used elsewhere)*/ } else { #ifdef HAVE_ARC4RANDOM - srand(arc4random()); /*(initialize just in case rand() used elsewhere)*/ + u = arc4random(); arc4random_buf(xsubi, sizeof(xsubi)); #else /* NOTE: not cryptographically random !!! */ srand((unsigned int)(time(NULL) ^ getpid())); for (u = 0; u < sizeof(unsigned short); ++u) + /* coverity[dont_call : FALSE] */ xsubi[u] = (unsigned short)(rand() & 0xFFFF); + u = ((unsigned int)xsubi[0] << 16) | xsubi[1]; #endif } + srand(u); /*(initialize just in case rand() used elsewhere)*/ + #ifdef HAVE_SRANDOM + srandom(u); /*(initialize just in case random() used elsewhere)*/ + #endif #ifdef USE_OPENSSL RAND_poll(); RAND_seed(xsubi, (int)sizeof(xsubi)); @@ -152,11 +157,15 @@ int li_rand (void) #endif #ifdef HAVE_ARC4RANDOM return (int)arc4random(); - #endif - #ifdef HAVE_JRAND48 + #elif defined(HAVE_SRANDOM) + /* coverity[dont_call : FALSE] */ + return (int)random(); + #elif defined(HAVE_JRAND48) /*(FYI: jrand48() reentrant, but use of file-scoped static xsubi[] is not)*/ + /* coverity[dont_call : FALSE] */ return (int)jrand48(xsubi); #else + /* coverity[dont_call : FALSE] */ return rand(); #endif } |