On Tue, Apr 02, 2013, Xin LI wrote:
Author: delphij
Date: Tue Apr 2 23:41:20 2013
New Revision: 249035
URL: http://svnweb.freebsd.org/changeset/base/249035
Log:
Replace access to /dev/random with the kernel pseudo-random number
source sysctl(KERN_ARND) and remove the fallback code.
On 04.04.2013 9:24, Xin Li wrote:
True, but keep mind that neither random(3) nor rand(3) is intended to
satisfy cryptographically secure needs, and I don't see a reason why
kernel arc4 can not be improved.
Danger level here is not to get something cryptographically less secure,
but even much
On Wed, Apr 03, 2013 at 06:04:37PM +1100, Bruce Evans wrote:
Modified: head/lib/libc/stdlib/rand.c
==
--- head/lib/libc/stdlib/rand.c Tue Apr 2 21:34:38 2013
(r249034)
+++ head/lib/libc/stdlib/rand.c
On Tue, 2 Apr 2013, Xin LI wrote:
Log:
Replace access to /dev/random with the kernel pseudo-random number
source sysctl(KERN_ARND) and remove the fallback code.
Obtained from: OpenBSD
Reviewed by: secteam
Really?
Modified: head/lib/libc/stdlib/rand.3
On 03.04.2013 11:04, Bruce Evans wrote:
+mib[0] = CTL_KERN;
+mib[1] = KERN_ARND;
+sysctl(mib, 2, (void *)next, len, NULL, 0);
}
The sysctl() is certain to fail on old kernels (like open of /dev/random
on even older kernels), but there is no longer any error checking or
On Wed, Apr 03, 2013 at 06:04:37PM +1100, Bruce Evans wrote:
On Tue, 2 Apr 2013, Xin LI wrote:
void
sranddev()
{
- int fd, done;
+ int mib[2];
+ size_t len;
- done = 0;
- fd = _open(/dev/random, O_RDONLY | O_CLOEXEC, 0);
- if (fd = 0) {
- if (_read(fd,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 4/3/13 12:31 AM, Andrey Chernov wrote:
On 03.04.2013 11:04, Bruce Evans wrote:
+mib[0] = CTL_KERN; +mib[1] = KERN_ARND; +
sysctl(mib, 2, (void *)next, len, NULL, 0); }
The sysctl() is certain to fail on old kernels (like open of
Author: delphij
Date: Tue Apr 2 23:41:20 2013
New Revision: 249035
URL: http://svnweb.freebsd.org/changeset/base/249035
Log:
Replace access to /dev/random with the kernel pseudo-random number
source sysctl(KERN_ARND) and remove the fallback code.
Obtained from:OpenBSD
Reviewed