You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@apr.apache.org by Stefan Sperling <st...@apache.org> on 2017/10/26 10:56:13 UTC
[PATCH] arc4random support
This patch adds support for using the arc4random API as an entropy source.
The arc4random API originates from OpenBSD where it supersedes random(3),
rand(3), and files in the /dev filesystem: http://man.openbsd.org/arc4random
The arc4random_buf() function maps 1:1 onto apr_generate_random_bytes().
This patch was written by Christian Weisgerber, who asked me to push
this work upstream on his behalf.
Index: configure.in
===================================================================
--- configure.in (revision 1813380)
+++ configure.in (working copy)
@@ -2453,6 +2453,8 @@ else
fi
dnl ----------------------------- Checking for /dev/random
+AC_CHECK_FUNCS(arc4random_buf)
+
AC_MSG_CHECKING(for entropy source)
why_no_rand=""
@@ -2471,6 +2473,13 @@ AC_ARG_WITH(egd,
])
if test "$rand" != "1"; then
+ if test "$ac_cv_func_arc4random_buf" = yes; then
+ AC_MSG_RESULT(arc4random)
+ rand="1"
+ fi
+fi
+
+if test "$rand" != "1"; then
AC_ARG_WITH(devrandom,
[ --with-devrandom[[=DEV]] use /dev/random or compatible [[searches by default]]],
[ apr_devrandom="$withval" ], [ apr_devrandom="yes" ])
Index: misc/unix/rand.c
===================================================================
--- misc/unix/rand.c (revision 1813380)
+++ misc/unix/rand.c (working copy)
@@ -87,8 +87,12 @@ APR_DECLARE(apr_status_t) apr_os_uuid_get(unsigned
APR_DECLARE(apr_status_t) apr_generate_random_bytes(unsigned char *buf,
apr_size_t length)
{
-#ifdef DEV_RANDOM
+#ifdef HAVE_ARC4RANDOM
+ arc4random_buf(buf, length);
+
+#elif defined(DEV_RANDOM)
+
int fd = -1;
/* On BSD/OS 4.1, /dev/random gives out 8 bytes at a time, then
Re: [PATCH] arc4random support
Posted by Yann Ylavic <yl...@gmail.com>.
On Fri, Nov 3, 2017 at 2:02 PM, Yann Ylavic <yl...@gmail.com> wrote:
>
> the patch looks very reasonable, thanks.
Committed to trunk in http://svn.apache.org/r1814239
Regards,
Yann.
Re: [PATCH] arc4random support
Posted by Yann Ylavic <yl...@gmail.com>.
Hi Stefan,
the patch looks very reasonable, thanks.
I plan to do something similar for the new linux' getrandom() syscall,
so probably will commit both changes soon.
Regards,
Yann.
On Fri, Nov 3, 2017 at 1:53 PM, Stefan Sperling <st...@apache.org> wrote:
> Bump. Is this patch worth considering for APR?
>
> On Thu, Oct 26, 2017 at 12:56:13PM +0200, Stefan Sperling wrote:
>> This patch adds support for using the arc4random API as an entropy source.
>>
>> The arc4random API originates from OpenBSD where it supersedes random(3),
>> rand(3), and files in the /dev filesystem: http://man.openbsd.org/arc4random
>> The arc4random_buf() function maps 1:1 onto apr_generate_random_bytes().
>>
>> This patch was written by Christian Weisgerber, who asked me to push
>> this work upstream on his behalf.
>>
>> Index: configure.in
>> ===================================================================
>> --- configure.in (revision 1813380)
>> +++ configure.in (working copy)
>> @@ -2453,6 +2453,8 @@ else
>> fi
>>
>> dnl ----------------------------- Checking for /dev/random
>> +AC_CHECK_FUNCS(arc4random_buf)
>> +
>> AC_MSG_CHECKING(for entropy source)
>>
>> why_no_rand=""
>> @@ -2471,6 +2473,13 @@ AC_ARG_WITH(egd,
>> ])
>>
>> if test "$rand" != "1"; then
>> + if test "$ac_cv_func_arc4random_buf" = yes; then
>> + AC_MSG_RESULT(arc4random)
>> + rand="1"
>> + fi
>> +fi
>> +
>> +if test "$rand" != "1"; then
>> AC_ARG_WITH(devrandom,
>> [ --with-devrandom[[=DEV]] use /dev/random or compatible [[searches by default]]],
>> [ apr_devrandom="$withval" ], [ apr_devrandom="yes" ])
>> Index: misc/unix/rand.c
>> ===================================================================
>> --- misc/unix/rand.c (revision 1813380)
>> +++ misc/unix/rand.c (working copy)
>> @@ -87,8 +87,12 @@ APR_DECLARE(apr_status_t) apr_os_uuid_get(unsigned
>> APR_DECLARE(apr_status_t) apr_generate_random_bytes(unsigned char *buf,
>> apr_size_t length)
>> {
>> -#ifdef DEV_RANDOM
>> +#ifdef HAVE_ARC4RANDOM
>>
>> + arc4random_buf(buf, length);
>> +
>> +#elif defined(DEV_RANDOM)
>> +
>> int fd = -1;
>>
>> /* On BSD/OS 4.1, /dev/random gives out 8 bytes at a time, then
Re: [PATCH] arc4random support
Posted by Stefan Sperling <st...@apache.org>.
Bump. Is this patch worth considering for APR?
On Thu, Oct 26, 2017 at 12:56:13PM +0200, Stefan Sperling wrote:
> This patch adds support for using the arc4random API as an entropy source.
>
> The arc4random API originates from OpenBSD where it supersedes random(3),
> rand(3), and files in the /dev filesystem: http://man.openbsd.org/arc4random
> The arc4random_buf() function maps 1:1 onto apr_generate_random_bytes().
>
> This patch was written by Christian Weisgerber, who asked me to push
> this work upstream on his behalf.
>
> Index: configure.in
> ===================================================================
> --- configure.in (revision 1813380)
> +++ configure.in (working copy)
> @@ -2453,6 +2453,8 @@ else
> fi
>
> dnl ----------------------------- Checking for /dev/random
> +AC_CHECK_FUNCS(arc4random_buf)
> +
> AC_MSG_CHECKING(for entropy source)
>
> why_no_rand=""
> @@ -2471,6 +2473,13 @@ AC_ARG_WITH(egd,
> ])
>
> if test "$rand" != "1"; then
> + if test "$ac_cv_func_arc4random_buf" = yes; then
> + AC_MSG_RESULT(arc4random)
> + rand="1"
> + fi
> +fi
> +
> +if test "$rand" != "1"; then
> AC_ARG_WITH(devrandom,
> [ --with-devrandom[[=DEV]] use /dev/random or compatible [[searches by default]]],
> [ apr_devrandom="$withval" ], [ apr_devrandom="yes" ])
> Index: misc/unix/rand.c
> ===================================================================
> --- misc/unix/rand.c (revision 1813380)
> +++ misc/unix/rand.c (working copy)
> @@ -87,8 +87,12 @@ APR_DECLARE(apr_status_t) apr_os_uuid_get(unsigned
> APR_DECLARE(apr_status_t) apr_generate_random_bytes(unsigned char *buf,
> apr_size_t length)
> {
> -#ifdef DEV_RANDOM
> +#ifdef HAVE_ARC4RANDOM
>
> + arc4random_buf(buf, length);
> +
> +#elif defined(DEV_RANDOM)
> +
> int fd = -1;
>
> /* On BSD/OS 4.1, /dev/random gives out 8 bytes at a time, then
Re: [PATCH] arc4random support
Posted by Yann Ylavic <yl...@gmail.com>.
On Wed, Jan 10, 2018 at 3:48 PM, Eric Covener <co...@gmail.com> wrote:
>
> Don't we need to check for HAVE_ARC4RANDOM_BUF rather than HAVE_ARC4RANDOM?
Argh, clearly, thanks for r1820755.
Re: [PATCH] arc4random support
Posted by Eric Covener <co...@gmail.com>.
On Thu, Oct 26, 2017 at 6:56 AM, Stefan Sperling <st...@apache.org> wrote:
> This patch adds support for using the arc4random API as an entropy source.
>
> The arc4random API originates from OpenBSD where it supersedes random(3),
> rand(3), and files in the /dev filesystem: http://man.openbsd.org/arc4random
> The arc4random_buf() function maps 1:1 onto apr_generate_random_bytes().
>
> This patch was written by Christian Weisgerber, who asked me to push
> this work upstream on his behalf.
>
> Index: configure.in
> ===================================================================
> --- configure.in (revision 1813380)
> +++ configure.in (working copy)
> @@ -2453,6 +2453,8 @@ else
> fi
>
> dnl ----------------------------- Checking for /dev/random
> +AC_CHECK_FUNCS(arc4random_buf)
> +
> AC_MSG_CHECKING(for entropy source)
>
> why_no_rand=""
> @@ -2471,6 +2473,13 @@ AC_ARG_WITH(egd,
> ])
>
> if test "$rand" != "1"; then
> + if test "$ac_cv_func_arc4random_buf" = yes; then
> + AC_MSG_RESULT(arc4random)
> + rand="1"
> + fi
> +fi
> +
> +if test "$rand" != "1"; then
> AC_ARG_WITH(devrandom,
> [ --with-devrandom[[=DEV]] use /dev/random or compatible [[searches by default]]],
> [ apr_devrandom="$withval" ], [ apr_devrandom="yes" ])
> Index: misc/unix/rand.c
> ===================================================================
> --- misc/unix/rand.c (revision 1813380)
> +++ misc/unix/rand.c (working copy)
> @@ -87,8 +87,12 @@ APR_DECLARE(apr_status_t) apr_os_uuid_get(unsigned
> APR_DECLARE(apr_status_t) apr_generate_random_bytes(unsigned char *buf,
> apr_size_t length)
> {
> -#ifdef DEV_RANDOM
> +#ifdef HAVE_ARC4RANDOM
>
> + arc4random_buf(buf, length);
> +
> +#elif defined(DEV_RANDOM)
> +
> int fd = -1;
>
> /* On BSD/OS 4.1, /dev/random gives out 8 bytes at a time, then
Don't we need to check for HAVE_ARC4RANDOM_BUF rather than HAVE_ARC4RANDOM?
--
Eric Covener
covener@gmail.com