From dcdb60e4b3ad529fb2acd8d36f6ce9c7370b6c6f Mon Sep 17 00:00:00 2001 From: Victor Stinner Date: Fri, 6 Jan 2017 11:16:20 +0100 Subject: [PATCH] Issue #29157: dev_urandom() now calls py_getentropy() Prepare the fallback to support getentropy() failure and falls back on reading from /dev/urandom. --- Python/random.c | 36 ++++++++++++++++-------------------- 1 file changed, 16 insertions(+), 20 deletions(-) diff --git a/Python/random.c b/Python/random.c index 0f945a3d01..bb518c7e8c 100644 --- a/Python/random.c +++ b/Python/random.c @@ -77,13 +77,15 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise) return 0; } +#else /* !MS_WINDOWS */ + /* Issue #25003: Don't use getentropy() on Solaris (available since * Solaris 11.3), it is blocking whereas os.urandom() should not block. */ -#elif defined(HAVE_GETENTROPY) && !defined(sun) +#if defined(HAVE_GETENTROPY) && !defined(sun) #define PY_GETENTROPY 1 /* Fill buffer with size pseudo-random bytes generated by getentropy(). - Return 0 on success, or raise an exception and return -1 on error. + Return 1 on success, or raise an exception and return -1 on error. If raise is zero, don't raise an exception on error. */ static int @@ -112,12 +114,10 @@ py_getentropy(char *buffer, Py_ssize_t size, int raise) buffer += len; size -= len; } - return 0; + return 1; } -#else - -#if defined(HAVE_GETRANDOM) || defined(HAVE_GETRANDOM_SYSCALL) +#elif defined(HAVE_GETRANDOM) || defined(HAVE_GETRANDOM_SYSCALL) #define PY_GETRANDOM 1 /* Call getrandom() @@ -217,7 +217,8 @@ py_getrandom(void *buffer, Py_ssize_t size, int blocking, int raise) } return 1; } -#endif +#endif /* defined(HAVE_GETRANDOM) || defined(HAVE_GETRANDOM_SYSCALL) */ + static struct { int fd; @@ -225,7 +226,6 @@ static struct { ino_t st_ino; } urandom_cache = { -1 }; - /* Read 'size' random bytes from py_getrandom(). Fall back on reading from /dev/urandom if getrandom() is not available. @@ -236,22 +236,22 @@ dev_urandom(char *buffer, Py_ssize_t size, int blocking, int raise) { int fd; Py_ssize_t n; -#ifdef PY_GETRANDOM +#if defined(PY_GETRANDOM) || defined(PY_GETENTROPY) int res; -#endif - - assert(size > 0); -#ifdef PY_GETRANDOM +#ifdef PY_GETENTROPY + res = py_getentropy(buffer, size, raise); +#else res = py_getrandom(buffer, size, blocking, raise); +#endif if (res < 0) { return -1; } if (res == 1) { return 0; } - /* getrandom() failed with ENOSYS or EPERM, - fall back on reading /dev/urandom */ + /* getrandom() or getentropy() function is not available: failed with + ENOSYS or EPERM. Fall back on reading from /dev/urandom. */ #endif @@ -349,8 +349,8 @@ dev_urandom_close(void) urandom_cache.fd = -1; } } +#endif /* !MS_WINDOWS */ -#endif /* Fill buffer with pseudo-random bytes generated by a linear congruent generator (LCG): @@ -395,8 +395,6 @@ pyurandom(void *buffer, Py_ssize_t size, int blocking, int raise) #ifdef MS_WINDOWS return win32_urandom((unsigned char *)buffer, size, raise); -#elif defined(PY_GETENTROPY) - return py_getentropy(buffer, size, raise); #else return dev_urandom(buffer, size, blocking, raise); #endif @@ -491,8 +489,6 @@ _PyRandom_Fini(void) CryptReleaseContext(hCryptProv, 0); hCryptProv = 0; } -#elif defined(PY_GETENTROPY) - /* nothing to clean */ #else dev_urandom_close(); #endif -- 2.40.0