Skip to content
Snippets Groups Projects
New look
Closed (moved) [PATCH] replace getentropy() with arc4random_buf()
  • View options

    • [PATCH] replace getentropy() with arc4random_buf()

  • View options
    • Closed (moved) Issue created by Trac

    This patch will probably raise a few eyebrows.

    Mark Kettenis (senior openbsd dev) sent a mail to another developer concerning getentropy():

    Noticed the following commit:

    CVSROOT: /cvs Module name: ports Changes by: robert@cvs.openbsd.org 2016/01/02 06:57:12

    Modified files: mail/zarafa/zarafa: Makefile mail/zarafa/zarafa/patches: patch-common_platform_linux_cpp patch-configure_ac

    Log message: use getentropy(2) instead of directly opening /dev/urandom; this unbreaks zarafa-webapp running with chroot'd php

    This really looks like a case where you should be calling arc4random_buf(3) instead of getentropy(2). In fact calling getentropy(2) is almost always the wrong approach.

    OpenBSD subsequently amended the man page for getentropy() to clarify this:

    http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2?query=getentropy&sec=2

    getentropy() is not intended for regular code; please use the arc4random(3) family of functions instead.

    Attached is a patch that replaces getentropy() with arc4random_buf(). Feedback welcomed.

    Trac:
    Username: logan

    Linked items ... 0

    • Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first
    Loading Loading Loading Loading Loading Loading Loading Loading Loading Loading