#255 Use getrandom() for random numbers
Merged 4 years ago by rharwood. Opened 4 years ago by simo.
simo/gssproxy getrandom  into  master

file modified
+7 -3
@@ -9,6 +9,7 @@ 

  #include <pthread.h>

  #include <sys/epoll.h>

  #include <fcntl.h>

+ #include <sys/random.h>

  #include <sys/timerfd.h>

  

  #define FRAGMENT_BIT (1 << 31)
@@ -41,7 +42,9 @@ 

  static void gpm_init_once(void)

  {

      pthread_mutexattr_t attr;

-     unsigned int seedp;

+     char *buf = (char *)&gpm_global_ctx.next_xid;

+     size_t len = sizeof(gpm_global_ctx.next_xid);

+     size_t ret = 0;

  

      pthread_mutexattr_init(&attr);

      pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE);
@@ -52,8 +55,9 @@ 

      gpm_global_ctx.epollfd = -1;

      gpm_global_ctx.timerfd = -1;

  

-     seedp = time(NULL) + getpid() + pthread_self();

-     gpm_global_ctx.next_xid = rand_r(&seedp);

+     while(ret < len) {

+         ret += getrandom(buf + ret, len - ret, 0);

+     }

  

      pthread_mutexattr_destroy(&attr);

  

Although this place id not cryptgraphically relevant, there is no point
in not using a proper random value. This happens only once so it is not
a performance issue.

Fixes #254

(Note: I assume musl has support for getrandom, but I have no way to test, if not it's a musl problem)

rebased onto b36c181

4 years ago

I'm not aware of anyone using gssproxy with musl, but getrandom is a syscall, so it'd be easy to add to musl if it's missing. (Tangent: in krb5 I use the syscall() version due to kernels supporting it before glibc did, but we don't care about that here.)

While I'd love it if this weren't a performance issue, the fact is we keep getting bugs about gssproxy blocking system start due to not having enough entropy. Since this is the same entropy conditions we operate under there, it won't change anything, but if it were new, it would.

Commit 23c5215 fixes this pull-request

Pull-Request has been merged by rharwood

4 years ago