Attachment #3608 for bug #3467

Lines 17-23 INSTALL=@INSTALL@ Link Here

(-)a/openbsd-compat/Makefile.in (-3 / +4 lines)
17	LDFLAGS=-L. @LDFLAGS@	17	LDFLAGS=-L. @LDFLAGS@
18	LDFLAGS_NOPIE=-L. -Lopenbsd-compat/ @LDFLAGS_NOPIE@	18	LDFLAGS_NOPIE=-L. -Lopenbsd-compat/ @LDFLAGS_NOPIE@
19		19
20	OPENBSD=base64.o \	20	OPENBSD=arc4random.o \
		21	arc4random_uniform.o \
		22	base64.o \
21	basename.o \	23	basename.o \
22	bcrypt_pbkdf.o \	24	bcrypt_pbkdf.o \
23	bindresvport.o \	25	bindresvport.o \
Lines 64-71 OPENBSD=base64.o \ Link Here
64	timingsafe_bcmp.o \	66	timingsafe_bcmp.o \
65	vis.o	67	vis.o
66		68
67	COMPAT= arc4random.o \	69	COMPAT= bsd-asprintf.o \
68	bsd-asprintf.o \
69	bsd-closefrom.o \	70	bsd-closefrom.o \
70	bsd-cygwin_util.o \	71	bsd-cygwin_util.o \
71	bsd-err.o \	72	bsd-err.o \




}
#endif /* !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM) */

#ifndef HAVE_ARC4RANDOM_UNIFORM
/*
 * Calculate a uniformly distributed random number less than upper_bound
 * avoiding "modulo bias".
 *
 * Uniformity is achieved by generating new random numbers until the one
 * returned is outside the range [0, 2**32 % upper_bound).  This
 * guarantees the selected random number will be inside
 * [2**32 % upper_bound, 2**32) which maps back to [0, upper_bound)
 * after reduction modulo upper_bound.
 */
u_int32_t
arc4random_uniform(u_int32_t upper_bound)
{
	u_int32_t r, min;

	if (upper_bound < 2)
		return 0;

	/* 2**32 % x == (2**32 - x) % x */
	min = -upper_bound % upper_bound;

	/*
	 * This could theoretically loop forever but each retry has
	 * p > 0.5 (worst case, usually far better) of selecting a
	 * number inside the range we need, so it should rarely need
	 * to re-roll.
	 */
	for (;;) {
		r = arc4random();
		if (r >= min)
			break;
	}

	return r % upper_bound;
}
#endif /* !HAVE_ARC4RANDOM_UNIFORM */

#if 0
/*-------- Test code for i386 --------*/
#include <stdio.h>




/* OPENBSD ORIGINAL: lib/libc/crypt/arc4random_uniform.c */

/*	$OpenBSD: arc4random_uniform.c,v 1.3 2019/01/20 02:59:07 bcook Exp $	*/

/*
 * Copyright (c) 2008, Damien Miller <djm@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include "includes.h"

#include <stdint.h>
#ifdef HAVE_STDINT_H
# include <stdlib.h>
#endif

#ifndef HAVE_ARC4RANDOM_UNIFORM
/*
 * Calculate a uniformly distributed random number less than upper_bound
 * avoiding "modulo bias".
 *
 * Uniformity is achieved by generating new random numbers until the one
 * returned is outside the range [0, 2**32 % upper_bound).  This
 * guarantees the selected random number will be inside
 * [2**32 % upper_bound, 2**32) which maps back to [0, upper_bound)
 * after reduction modulo upper_bound.
 */
uint32_t
arc4random_uniform(uint32_t upper_bound)
{
	uint32_t r, min;

	if (upper_bound < 2)
		return 0;

	/* 2**32 % x == (2**32 - x) % x */
	min = -upper_bound % upper_bound;

	/*
	 * This could theoretically loop forever but each retry has
	 * p > 0.5 (worst case, usually far better) of selecting a
	 * number inside the range we need, so it should rarely need
	 * to re-roll.
	 */
	for (;;) {
		r = arc4random();
		if (r >= min)
			break;
	}

	return r % upper_bound;
}
#endif /* !HAVE_ARC4RANDOM_UNIFORM */

Lines 232-238 void arc4random_buf(void *, size_t); Link Here

(-)a/openbsd-compat/openbsd-compat.h (-1 / +1 lines)
232	#endif	232	#endif
233		233
234	#ifndef HAVE_ARC4RANDOM_UNIFORM	234	#ifndef HAVE_ARC4RANDOM_UNIFORM
235	u_int32_t arc4random_uniform(u_int32_t);	235	uint32_t arc4random_uniform(uint32_t);
236	#endif	236	#endif
237		237
238	#ifndef HAVE_ASPRINTF	238	#ifndef HAVE_ASPRINTF

Return to bug 3467

Lines 233-276 arc4random_buf(void *_buf, size_t n) Link Here

(-)a/openbsd-compat/arc4random.c (-38 lines)
233	}	233	}
234	#endif /* !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM) */	234	#endif /* !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM) */
235		235
236	#ifndef HAVE_ARC4RANDOM_UNIFORM
237	/*
238	* Calculate a uniformly distributed random number less than upper_bound
239	* avoiding "modulo bias".
240	*
241	* Uniformity is achieved by generating new random numbers until the one
242	* returned is outside the range [0, 2**32 % upper_bound). This
243	* guarantees the selected random number will be inside
244	* [232 % upper_bound, 232) which maps back to [0, upper_bound)
245	* after reduction modulo upper_bound.
246	*/
247	u_int32_t
248	arc4random_uniform(u_int32_t upper_bound)
249	{
250	u_int32_t r, min;
251
252	if (upper_bound < 2)
253	return 0;
254
255	/* 232 % x == (232 - x) % x */
256	min = -upper_bound % upper_bound;
257
258	/*
259	* This could theoretically loop forever but each retry has
260	* p > 0.5 (worst case, usually far better) of selecting a
261	* number inside the range we need, so it should rarely need
262	* to re-roll.
263	*/
264	for (;;) {
265	r = arc4random();
266	if (r >= min)
267	break;
268	}
269
270	return r % upper_bound;
271	}
272	#endif /* !HAVE_ARC4RANDOM_UNIFORM */
273
274	#if 0	236	#if 0
275	/-------- Test code for i386 --------/	237	/-------- Test code for i386 --------/
276	#include <stdio.h>	238	#include <stdio.h>

Line 0 Link Here

(-)a/openbsd-compat/arc4random_uniform.c (+64 lines)
	1	/* OPENBSD ORIGINAL: lib/libc/crypt/arc4random_uniform.c */
	2
	3	/* $OpenBSD: arc4random_uniform.c,v 1.3 2019/01/20 02:59:07 bcook Exp $ */
	4
	5	/*
	6	* Copyright (c) 2008, Damien Miller <djm@openbsd.org>
	7	*
	8	* Permission to use, copy, modify, and distribute this software for any
	9	* purpose with or without fee is hereby granted, provided that the above
	10	* copyright notice and this permission notice appear in all copies.
	11	*
	12	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	13	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	14	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	15	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	16	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	17	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	18	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	19	*/
	20
	21	#include "includes.h"
	22
	23	#include <stdint.h>
	24	#ifdef HAVE_STDINT_H
	25	# include <stdlib.h>
	26	#endif
	27
	28	#ifndef HAVE_ARC4RANDOM_UNIFORM
	29	/*
	30	* Calculate a uniformly distributed random number less than upper_bound
	31	* avoiding "modulo bias".
	32	*
	33	* Uniformity is achieved by generating new random numbers until the one
	34	* returned is outside the range [0, 2**32 % upper_bound). This
	35	* guarantees the selected random number will be inside
	36	* [232 % upper_bound, 232) which maps back to [0, upper_bound)
	37	* after reduction modulo upper_bound.
	38	*/
	39	uint32_t
	40	arc4random_uniform(uint32_t upper_bound)
	41	{
	42	uint32_t r, min;
	43
	44	if (upper_bound < 2)
	45	return 0;
	46
	47	/* 232 % x == (232 - x) % x */
	48	min = -upper_bound % upper_bound;
	49
	50	/*
	51	* This could theoretically loop forever but each retry has
	52	* p > 0.5 (worst case, usually far better) of selecting a
	53	* number inside the range we need, so it should rarely need
	54	* to re-roll.
	55	*/
	56	for (;;) {
	57	r = arc4random();
	58	if (r >= min)
	59	break;
	60	}
	61
	62	return r % upper_bound;
	63	}
	64	#endif /* !HAVE_ARC4RANDOM_UNIFORM */