Issue #29157: dev_urandom() now calls py_getentropy()

Prepare the fallback to support getentropy() failure and falls back on reading
from /dev/urandom.

diff --git a/Python/random.c b/Python/random.c
index 0f945a3d0117f4b90a6193a49a127d4dd08d91d9..bb518c7e8c7004d314f40fbc457e4d7f0e0e9a76 100644 (file)
--- a/Python/random.c
+++ b/Python/random.c
@@ -77,13 +77,15 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
     return 0;
 }
 
+#else /* !MS_WINDOWS */
+
 /* Issue #25003: Don't use getentropy() on Solaris (available since
  * Solaris 11.3), it is blocking whereas os.urandom() should not block. */
-#elif defined(HAVE_GETENTROPY) && !defined(sun)
+#if defined(HAVE_GETENTROPY) && !defined(sun)
 #define PY_GETENTROPY 1
 
 /* Fill buffer with size pseudo-random bytes generated by getentropy().
-   Return 0 on success, or raise an exception and return -1 on error.
+   Return 1 on success, or raise an exception and return -1 on error.
 
    If raise is zero, don't raise an exception on error. */
 static int
@@ -112,12 +114,10 @@ py_getentropy(char *buffer, Py_ssize_t size, int raise)
         buffer += len;
         size -= len;
     }
-    return 0;
+    return 1;
 }
 
-#else
-
-#if defined(HAVE_GETRANDOM) || defined(HAVE_GETRANDOM_SYSCALL)
+#elif defined(HAVE_GETRANDOM) || defined(HAVE_GETRANDOM_SYSCALL)
 #define PY_GETRANDOM 1
 
 /* Call getrandom()
@@ -217,7 +217,8 @@ py_getrandom(void *buffer, Py_ssize_t size, int blocking, int raise)
     }
     return 1;
 }
-#endif
+#endif /* defined(HAVE_GETRANDOM) || defined(HAVE_GETRANDOM_SYSCALL) */
+
 
 static struct {
     int fd;
@@ -225,7 +226,6 @@ static struct {
     ino_t st_ino;
 } urandom_cache = { -1 };
 
-
 /* Read 'size' random bytes from py_getrandom(). Fall back on reading from
    /dev/urandom if getrandom() is not available.
 
@@ -236,22 +236,22 @@ dev_urandom(char *buffer, Py_ssize_t size, int blocking, int raise)
 {
     int fd;
     Py_ssize_t n;
-#ifdef PY_GETRANDOM
+#if defined(PY_GETRANDOM) || defined(PY_GETENTROPY)
     int res;
-#endif
-
-    assert(size > 0);
 
-#ifdef PY_GETRANDOM
+#ifdef PY_GETENTROPY
+    res = py_getentropy(buffer, size, raise);
+#else
     res = py_getrandom(buffer, size, blocking, raise);
+#endif
     if (res < 0) {
         return -1;
     }
     if (res == 1) {
         return 0;
     }
-    /* getrandom() failed with ENOSYS or EPERM,
-       fall back on reading /dev/urandom */
+    /* getrandom() or getentropy() function is not available: failed with
+       ENOSYS or EPERM. Fall back on reading from /dev/urandom. */
 #endif
 
 
@@ -349,8 +349,8 @@ dev_urandom_close(void)
         urandom_cache.fd = -1;
     }
 }
+#endif /* !MS_WINDOWS */
 
-#endif
 
 /* Fill buffer with pseudo-random bytes generated by a linear congruent
    generator (LCG):
@@ -395,8 +395,6 @@ pyurandom(void *buffer, Py_ssize_t size, int blocking, int raise)
 
 #ifdef MS_WINDOWS
     return win32_urandom((unsigned char *)buffer, size, raise);
-#elif defined(PY_GETENTROPY)
-    return py_getentropy(buffer, size, raise);
 #else
     return dev_urandom(buffer, size, blocking, raise);
 #endif
@@ -491,8 +489,6 @@ _PyRandom_Fini(void)
         CryptReleaseContext(hCryptProv, 0);
         hCryptProv = 0;
     }
-#elif defined(PY_GETENTROPY)
-    /* nothing to clean */
 #else
     dev_urandom_close();
 #endif