rnd: break out prng from xutils

We only need it in curvetun, this makes it easier to maintain.

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>

7 files changed, 58 insertions, 46 deletions

diff --git a/curve.c b/curve.c
index 1b05f0c..2b390b1 100644
--- a/curve.c
+++ b/curve.c
@@ -21,6 +21,7 @@
 #include "curve.h"
 #include "xutils.h"
 #include "xio.h"
+#include "rnd.h"
 #include "die.h"
 #include "str.h"
 #include "curvetun.h"
diff --git a/curve.h b/curve.h
index 85c6e61..8750b70 100644
--- a/curve.h
+++ b/curve.h
@@ -13,6 +13,7 @@
 #include "locking.h"
 #include "built_in.h"
 #include "xio.h"
+#include "rnd.h"
 #include "crypto_box_curve25519xsalsa20poly1305.h"
 
 struct tai {
diff --git a/curvetun/Makefile b/curvetun/Makefile
index 44025ac..ce91dc2 100644
--- a/curvetun/Makefile
+++ b/curvetun/Makefile
@@ -10,6 +10,7 @@ curvetun-objs =	xmalloc.o \
 		corking.o \
 		trie.o \
 		hash.o \
+		rnd.o \
 		curve.o \
 		cpusched.o \
 		ct_usermgmt.o \
diff --git a/rnd.c b/rnd.c
new file mode 100644
index 0000000..ad32175
--- /dev/null
+++ b/rnd.c
@@ -0,0 +1,49 @@
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+#include "rnd.h"
+
+static int fd_rnd = -1;
+
+static void randombytes(unsigned char *x, unsigned long long xlen)
+{
+	int ret;
+
+	if (fd_rnd == -1) {
+		for (;;) {
+			fd_rnd = open("/dev/urandom", O_RDONLY);
+			if (fd_rnd != -1)
+				break;
+			sleep(1);
+		}
+	}
+
+	while (xlen > 0) {
+		if (xlen < 1048576)
+			ret = xlen;
+		else
+			ret = 1048576;
+
+		ret = read(fd_rnd, x, ret);
+		if (ret < 1) {
+			sleep(1);
+			continue;
+		}
+
+		x += ret;
+		xlen -= ret;
+	}
+}
+
+/* Note: it's not really secure, but the name only suggests it's better to use
+ * than rand(3) when transferring bytes over the network in non-security
+ * critical structure members. secrand() is only used to fill up salts actually.
+ */
+int secrand(void)
+{
+	int ret;
+	randombytes((void *) &ret, sizeof(ret));
+	return ret;
+}
diff --git a/rnd.h b/rnd.h
new file mode 100644
index 0000000..3d36d8e
--- /dev/null
+++ b/rnd.h
@@ -0,0 +1,6 @@
+#ifndef RND_H
+#define RND_H
+
+extern int secrand(void);
+
+#endif /* RND_H */
diff --git a/xio.c b/xio.c
index 991ff7f..da17206 100644
--- a/xio.c
+++ b/xio.c
@@ -158,51 +158,6 @@ ssize_t write_exact(int fd, void *buf, size_t len, int mayexit)
 	return num;
 }
 
-static int fd_rnd = -1;
-
-static void randombytes(unsigned char *x, unsigned long long xlen)
-{
-	int ret;
-
-	if (fd_rnd == -1) {
-		for (;;) {
-			fd_rnd = open("/dev/urandom", O_RDONLY);
-			if (fd_rnd != -1)
-				break;
-			sleep(1);
-		}
-	}
-
-	while (xlen > 0) {
-		if (xlen < 1048576)
-			ret = xlen;
-		else
-			ret = 1048576;
-
-		ret = read(fd_rnd, x, ret);
-		if (ret < 1) {
-			sleep(1);
-			continue;
-		}
-
-		x += ret;
-		xlen -= ret;
-	}
-}
-
-/* Note: it's not really secure, but the name only suggests it's better to use
- * than rand(3) when transferring bytes over the network in non-security
- * critical structure members. secrand() is only used to fill up salts actually.
- */
-int secrand(void)
-{
-	int ret;
-
-	randombytes((void *) &ret, sizeof(ret));
-
-	return ret;
-}
-
 static char const *priov[] = {
 	[LOG_EMERG]	=	"EMERG:",
 	[LOG_ALERT]	=	"ALERT:",
diff --git a/xio.h b/xio.h
index fe8e1e2..b02e7a9 100644
--- a/xio.h
+++ b/xio.h
@@ -16,7 +16,6 @@ extern ssize_t read_or_die(int fd, void *buf, size_t count);
 extern ssize_t write_or_die(int fd, const void *buf, size_t count);
 extern ssize_t read_exact(int fd, void *buf, size_t len, int mayexit);
 extern ssize_t write_exact(int fd, void *buf, size_t len, int mayexit);
-extern int secrand(void);
 extern void to_std_log(FILE **fp);
 
 #endif /* XIO_H */