sysdep: Add wrapper to get random bytes
Add a wrapper function in sysdep to get random bytes, and required checks in configure.ac to select how to do it. The configure script tries, in order, getrandom(), getentropy() and reading from /dev/urandom.
This commit is contained in:
parent
91d0458389
commit
c48ebde5ce
5 changed files with 97 additions and 0 deletions
|
@ -524,6 +524,7 @@ order_shutdown(int gr)
|
|||
c->gr_down = gr;
|
||||
|
||||
config_commit(c, RECONFIG_HARD, 0);
|
||||
random_close();
|
||||
shutting_down = 1;
|
||||
}
|
||||
|
||||
|
|
|
@ -374,6 +374,10 @@ elif test "$bird_cv_lib_log" != yes ; then
|
|||
LIBS="$LIBS $bird_cv_lib_log"
|
||||
fi
|
||||
|
||||
AC_CHECK_FUNCS(getrandom)
|
||||
AC_CHECK_FUNCS(getentropy)
|
||||
AC_CHECK_HEADERS(sys/random.h)
|
||||
|
||||
if test "$enable_debug" = yes ; then
|
||||
AC_DEFINE([DEBUGGING], [1], [Define to 1 if debugging is enabled])
|
||||
LDFLAGS="$LDFLAGS -rdynamic"
|
||||
|
|
|
@ -192,5 +192,8 @@ asm(
|
|||
/* Pseudorandom numbers */
|
||||
|
||||
u32 random_u32(void);
|
||||
int random_bytes(char *buf, size_t size);
|
||||
void random_close(void);
|
||||
void random_init(void);
|
||||
|
||||
#endif
|
||||
|
|
|
@ -867,6 +867,7 @@ main(int argc, char **argv)
|
|||
parse_args(argc, argv);
|
||||
log_switch(1, NULL, NULL);
|
||||
|
||||
random_init();
|
||||
net_init();
|
||||
resource_init();
|
||||
timer_init();
|
||||
|
|
|
@ -7,6 +7,21 @@
|
|||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <fcntl.h>
|
||||
#include <unistd.h>
|
||||
#include <errno.h>
|
||||
|
||||
#include "sysdep/config.h"
|
||||
|
||||
#ifdef HAVE_SYS_STAT_H
|
||||
# include <sys/stat.h>
|
||||
#endif
|
||||
#ifdef HAVE_LINUX_RANDOM_H
|
||||
# include <linux/random.h>
|
||||
#endif
|
||||
#if defined(HAVE_SYS_RANDOM_H) && (defined(HAVE_GETRANDOM) || defined(HAVE_GETENTROPY))
|
||||
# include <sys/random.h>
|
||||
#endif
|
||||
|
||||
#include "nest/bird.h"
|
||||
|
||||
|
@ -19,3 +34,76 @@ random_u32(void)
|
|||
rand_high = random();
|
||||
return (rand_low & 0xffff) | ((rand_high & 0xffff) << 16);
|
||||
}
|
||||
|
||||
void
|
||||
random_init()
|
||||
{
|
||||
char buf;
|
||||
/* get a single random byte to trip any errors early */
|
||||
random_bytes(&buf, sizeof(buf));
|
||||
}
|
||||
|
||||
#if defined(HAVE_GETRANDOM) || defined(HAVE_GENTROPY)
|
||||
int
|
||||
random_bytes(char *buf, size_t size)
|
||||
{
|
||||
int n;
|
||||
int flags = 0;
|
||||
while (0 < size) {
|
||||
#if defined(HAVE_GETRANDOM)
|
||||
n = getrandom(buf, size, flags);
|
||||
#else
|
||||
n = getentropy(buf, size);
|
||||
#endif
|
||||
if (n < 0) {
|
||||
if (errno == EINTR)
|
||||
continue;
|
||||
die("Couldn't get random bytes: %m");
|
||||
}
|
||||
buf += n;
|
||||
size -= n;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void random_close(void) {}
|
||||
|
||||
#else
|
||||
|
||||
static int urandom_fd = -1;
|
||||
int random_bytes(char *buf, size_t size)
|
||||
{
|
||||
int n;
|
||||
|
||||
if (urandom_fd < 0)
|
||||
{
|
||||
urandom_fd = open("/dev/urandom", O_RDONLY);
|
||||
if (urandom_fd < 0)
|
||||
die("Couldn't open /dev/urandom: %m");
|
||||
}
|
||||
|
||||
do
|
||||
{
|
||||
n = read(urandom_fd, buf, size);
|
||||
if (n <= 0) {
|
||||
if (errno == EINTR)
|
||||
continue;
|
||||
die("Couldn't read from /dev/urandom: %m");
|
||||
}
|
||||
buf += n;
|
||||
size -= n;
|
||||
} while (size > 0);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
void
|
||||
random_close(void)
|
||||
{
|
||||
if (urandom_fd >= 0) {
|
||||
close(urandom_fd);
|
||||
urandom_fd = -1;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
|
Loading…
Reference in a new issue