On 6/19/22 12:37, enh via Toybox wrote: > BSD has <sys/random.h> first, but has getentropy() in there. glibc > has getentropy() in addition to getrandom(), but they keep it in > <unistd.h> instead. Since both went in in glibc 2.25 I don't think > this will matter in practice, but if this does cause trouble, we > can have separate getentropy() and getrandom() implementations for > the BSDs versus glibc.
Hmmm... git annotate says https://github.com/bminor/glibc/commit/ccb8b7f7d48 from december 27, 2016. No wait, that was inside an #ifdef STALLMAN_FTAGHN which changed to something realistic in commit https://github.com/bminor/glibc/commit/a851999f61a four days later. Five and a half years, meaning maybe five in distros. Not the full seven, but I'll wait for somebody to complain I guess? > This does mean that the only valid values for `flags` are now 0 or > WARN_ONLY, but that was already effectively true anyway because > GRND_NONBLOCK != O_NONBLOCK so the fallback path was already broken. Everything should always be reading from /dev/urandom not /dev/random these days. Anything else is a denial of service attack waiting to happen. (Either the pool is properly initialized or it isn't.) Rob _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
