Bugzilla – Attachment 3608 Details for
Bug 3467
[upstream] arc4random: make rekey interval less predictable
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Split arc4random_uniform out into its own file.
openssh-arc4random_uniform.patch (text/plain), 4.52 KB, created by
Darren Tucker
on 2022-08-05 13:48:59 AEST
(
hide
)
Description:
Split arc4random_uniform out into its own file.
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2022-08-05 13:48:59 AEST
Size:
4.52 KB
patch
obsolete
>diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in >index cebe4fe4..016f493e 100644 >--- a/openbsd-compat/Makefile.in >+++ b/openbsd-compat/Makefile.in >@@ -17,7 +17,9 @@ INSTALL=@INSTALL@ > LDFLAGS=-L. @LDFLAGS@ > LDFLAGS_NOPIE=-L. -Lopenbsd-compat/ @LDFLAGS_NOPIE@ > >-OPENBSD=base64.o \ >+OPENBSD=arc4random.o \ >+ arc4random_uniform.o \ >+ base64.o \ > basename.o \ > bcrypt_pbkdf.o \ > bindresvport.o \ >@@ -64,8 +66,7 @@ OPENBSD=base64.o \ > timingsafe_bcmp.o \ > vis.o > >-COMPAT= arc4random.o \ >- bsd-asprintf.o \ >+COMPAT= bsd-asprintf.o \ > bsd-closefrom.o \ > bsd-cygwin_util.o \ > bsd-err.o \ >diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c >index f43b5c7c..c218a441 100644 >--- a/openbsd-compat/arc4random.c >+++ b/openbsd-compat/arc4random.c >@@ -233,44 +233,6 @@ arc4random_buf(void *_buf, size_t n) > } > #endif /* !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM) */ > >-#ifndef HAVE_ARC4RANDOM_UNIFORM >-/* >- * Calculate a uniformly distributed random number less than upper_bound >- * avoiding "modulo bias". >- * >- * Uniformity is achieved by generating new random numbers until the one >- * returned is outside the range [0, 2**32 % upper_bound). This >- * guarantees the selected random number will be inside >- * [2**32 % upper_bound, 2**32) which maps back to [0, upper_bound) >- * after reduction modulo upper_bound. >- */ >-u_int32_t >-arc4random_uniform(u_int32_t upper_bound) >-{ >- u_int32_t r, min; >- >- if (upper_bound < 2) >- return 0; >- >- /* 2**32 % x == (2**32 - x) % x */ >- min = -upper_bound % upper_bound; >- >- /* >- * This could theoretically loop forever but each retry has >- * p > 0.5 (worst case, usually far better) of selecting a >- * number inside the range we need, so it should rarely need >- * to re-roll. >- */ >- for (;;) { >- r = arc4random(); >- if (r >= min) >- break; >- } >- >- return r % upper_bound; >-} >-#endif /* !HAVE_ARC4RANDOM_UNIFORM */ >- > #if 0 > /*-------- Test code for i386 --------*/ > #include <stdio.h> >diff --git a/openbsd-compat/arc4random_uniform.c b/openbsd-compat/arc4random_uniform.c >new file mode 100644 >index 00000000..1dfec8f6 >--- /dev/null >+++ b/openbsd-compat/arc4random_uniform.c >@@ -0,0 +1,64 @@ >+/* OPENBSD ORIGINAL: lib/libc/crypt/arc4random_uniform.c */ >+ >+/* $OpenBSD: arc4random_uniform.c,v 1.3 2019/01/20 02:59:07 bcook Exp $ */ >+ >+/* >+ * Copyright (c) 2008, Damien Miller <djm@openbsd.org> >+ * >+ * Permission to use, copy, modify, and distribute this software for any >+ * purpose with or without fee is hereby granted, provided that the above >+ * copyright notice and this permission notice appear in all copies. >+ * >+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES >+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF >+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR >+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES >+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN >+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF >+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. >+ */ >+ >+#include "includes.h" >+ >+#include <stdint.h> >+#ifdef HAVE_STDINT_H >+# include <stdlib.h> >+#endif >+ >+#ifndef HAVE_ARC4RANDOM_UNIFORM >+/* >+ * Calculate a uniformly distributed random number less than upper_bound >+ * avoiding "modulo bias". >+ * >+ * Uniformity is achieved by generating new random numbers until the one >+ * returned is outside the range [0, 2**32 % upper_bound). This >+ * guarantees the selected random number will be inside >+ * [2**32 % upper_bound, 2**32) which maps back to [0, upper_bound) >+ * after reduction modulo upper_bound. >+ */ >+uint32_t >+arc4random_uniform(uint32_t upper_bound) >+{ >+ uint32_t r, min; >+ >+ if (upper_bound < 2) >+ return 0; >+ >+ /* 2**32 % x == (2**32 - x) % x */ >+ min = -upper_bound % upper_bound; >+ >+ /* >+ * This could theoretically loop forever but each retry has >+ * p > 0.5 (worst case, usually far better) of selecting a >+ * number inside the range we need, so it should rarely need >+ * to re-roll. >+ */ >+ for (;;) { >+ r = arc4random(); >+ if (r >= min) >+ break; >+ } >+ >+ return r % upper_bound; >+} >+#endif /* !HAVE_ARC4RANDOM_UNIFORM */ >diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h >index 93efff2f..1835a9a5 100644 >--- a/openbsd-compat/openbsd-compat.h >+++ b/openbsd-compat/openbsd-compat.h >@@ -232,7 +232,7 @@ void arc4random_buf(void *, size_t); > #endif > > #ifndef HAVE_ARC4RANDOM_UNIFORM >-u_int32_t arc4random_uniform(u_int32_t); >+uint32_t arc4random_uniform(uint32_t); > #endif > > #ifndef HAVE_ASPRINTF
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3608">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
djm
:
ok+
Actions:
View
|
Diff
Attachments on
bug 3467
:
3605
|
3606
|
3607
| 3608 |
3609