rnd: break out prng from xutils

We only need it in curvetun, this makes it easier to maintain. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
author: Daniel Borkmann <dborkman@redhat.com> 2013-06-04 09:58:23 +0200
committer: Daniel Borkmann <dborkman@redhat.com> 2013-06-04 09:59:09 +0200
commit: 0f1f8ccf43e1296725cfbef482d19c90b15af98c (patch)
tree: abf85cfed8766641119736cceca61f0f8cd7d1fc /rnd.c
parent: 9a1b2fbdc9f319aaf57a79f8e6ce7d5e6a3ecaa6 (diff)
1 files changed, 49 insertions, 0 deletions
diff --git a/rnd.c b/rnd.c
new file mode 100644
index 0000000..ad32175
--- /dev/null
+++ b/rnd.c
@@ -0,0 +1,49 @@
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+#include "rnd.h"
+
+static int fd_rnd = -1;
+
+static void randombytes(unsigned char *x, unsigned long long xlen)
+{
+	int ret;
+
+	if (fd_rnd == -1) {
+		for (;;) {
+			fd_rnd = open("/dev/urandom", O_RDONLY);
+			if (fd_rnd != -1)
+				break;
+			sleep(1);
+		}
+	}
+
+	while (xlen > 0) {
+		if (xlen < 1048576)
+			ret = xlen;
+		else
+			ret = 1048576;
+
+		ret = read(fd_rnd, x, ret);
+		if (ret < 1) {
+			sleep(1);
+			continue;
+		}
+
+		x += ret;
+		xlen -= ret;
+	}
+}
+
+/* Note: it's not really secure, but the name only suggests it's better to use
+ * than rand(3) when transferring bytes over the network in non-security
+ * critical structure members. secrand() is only used to fill up salts actually.
+ */
+int secrand(void)
+{
+	int ret;
+	randombytes((void *) &ret, sizeof(ret));
+	return ret;
+}
author	Daniel Borkmann <dborkman@redhat.com>	2013-06-04 09:58:23 +0200
committer	Daniel Borkmann <dborkman@redhat.com>	2013-06-04 09:59:09 +0200
commit	0f1f8ccf43e1296725cfbef482d19c90b15af98c (patch)
tree	abf85cfed8766641119736cceca61f0f8cd7d1fc /rnd.c
parent	9a1b2fbdc9f319aaf57a79f8e6ce7d5e6a3ecaa6 (diff)