summaryrefslogtreecommitdiff
path: root/openbsd-compat/arc4random.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2018-04-13 13:31:42 +1000
committerDamien Miller <djm@mindrot.org>2018-04-13 13:32:23 +1000
commitafa6e79b76fb52a0c09a29688b5c0d125eb08302 (patch)
tree307b8e468c1fc8c6311ce749a2057b4bb80c14f5 /openbsd-compat/arc4random.c
parent575fac34a97f69bc217b235f81de9f8f433eceed (diff)
downloadopenssh-git-afa6e79b76fb52a0c09a29688b5c0d125eb08302.tar.gz
prefer to use getrandom() for PRNG seeding
Only applies when built --without-openssl. Thanks Jann Horn for reminder.
Diffstat (limited to 'openbsd-compat/arc4random.c')
-rw-r--r--openbsd-compat/arc4random.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
index b6256b4f..578f69f4 100644
--- a/openbsd-compat/arc4random.c
+++ b/openbsd-compat/arc4random.c
@@ -33,6 +33,10 @@
#include <string.h>
#include <unistd.h>
+#ifdef HAVE_SYS_RANDOM_H
+# include <sys/random.h>
+#endif
+
#ifndef HAVE_ARC4RANDOM
#ifdef WITH_OPENSSL
@@ -78,8 +82,9 @@ _rs_init(u_char *buf, size_t n)
}
#ifndef WITH_OPENSSL
-#define SSH_RANDOM_DEV "/dev/urandom"
-/* XXX use getrandom() if supported on Linux */
+# ifndef SSH_RANDOM_DEV
+# define SSH_RANDOM_DEV "/dev/urandom"
+# endif /* SSH_RANDOM_DEV */
static void
getrnd(u_char *s, size_t len)
{
@@ -87,6 +92,11 @@ getrnd(u_char *s, size_t len)
ssize_t r;
size_t o = 0;
+#ifdef HAVE_GETRANDOM
+ if ((r = getrandom(s, len, 0)) > 0 && (size_t)r == len)
+ return;
+#endif /* HAVE_GETRANDOM */
+
if ((fd = open(SSH_RANDOM_DEV, O_RDONLY)) == -1)
fatal("Couldn't open %s: %s", SSH_RANDOM_DEV, strerror(errno));
while (o < len) {
@@ -101,7 +111,7 @@ getrnd(u_char *s, size_t len)
}
close(fd);
}
-#endif
+#endif /* WITH_OPENSSL */
static void
_rs_stir(void)