0aeb93b9fc
The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@
27 lines
451 B
C
27 lines
451 B
C
#ifndef LIBCRYPTOCOMPAT_ARC4RANDOM_H
|
|
#define LIBCRYPTOCOMPAT_ARC4RANDOM_H
|
|
|
|
#include <sys/param.h>
|
|
|
|
#if defined(__FreeBSD__)
|
|
#include "arc4random_freebsd.h"
|
|
|
|
#elif defined(__linux__)
|
|
#include "arc4random_linux.h"
|
|
|
|
#elif defined(__APPLE__)
|
|
#include "arc4random_osx.h"
|
|
|
|
#elif defined(__sun)
|
|
#include "arc4random_solaris.h"
|
|
|
|
#elif defined(__WIN32)
|
|
#include "arc4random_win.h"
|
|
|
|
#else
|
|
#error "No arc4random hooks defined for this platform."
|
|
|
|
#endif
|
|
|
|
#endif
|