arc4random: hard fail with raise(SIGKILL) if getentropy() returns -1

Allow other non-zero return values in case we change our mind to return an ssize_t byte count instead of simple success/fail. ok deraadt, djm
author: matthew <matthew@openbsd.org> 2014-06-20 00:02:12 +0000
committer: matthew <matthew@openbsd.org> 2014-06-20 00:02:12 +0000
commit: 51205cb42ba4087283955b25c24eb87d3f57df34 (patch)
tree: 31952d7660e25972ec2761002a94cc98e3fb61bb /lib/libc/crypt/arc4random.c
parent: convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoring (diff)
download: wireguard-openbsd-51205cb42ba4087283955b25c24eb87d3f57df34.tar.xz
wireguard-openbsd-51205cb42ba4087283955b25c24eb87d3f57df34.zip
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/libc/crypt/arc4random.c b/lib/libc/crypt/arc4random.c
index 985fa8a0e56..ea05d2a6e95 100644
--- a/lib/libc/crypt/arc4random.c
+++ b/lib/libc/crypt/arc4random.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: arc4random.c,v 1.35 2014/06/19 00:13:22 matthew Exp $	*/
+/*	$OpenBSD: arc4random.c,v 1.36 2014/06/20 00:02:12 matthew Exp $	*/
 
 /*
  * Copyright (c) 1996, David Mazieres <dm@uun.org>
@@ -24,6 +24,7 @@
 
 #include <fcntl.h>
 #include <limits.h>
+#include <signal.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
@@ -91,8 +92,8 @@ _rs_stir(void)
 {
 	u_char rnd[KEYSZ + IVSZ];
 
-	/* XXX */
-	(void) getentropy(rnd, sizeof rnd);
+	if (getentropy(rnd, sizeof rnd) == -1)
+		raise(SIGKILL);
 
 	if (!rs)
 		_rs_init(rnd, sizeof(rnd));
author	matthew <matthew@openbsd.org>	2014-06-20 00:02:12 +0000
committer	matthew <matthew@openbsd.org>	2014-06-20 00:02:12 +0000
commit	51205cb42ba4087283955b25c24eb87d3f57df34 (patch)
tree	31952d7660e25972ec2761002a94cc98e3fb61bb /lib/libc/crypt/arc4random.c
parent	convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoring (diff)
download	wireguard-openbsd-51205cb42ba4087283955b25c24eb87d3f57df34.tar.xz wireguard-openbsd-51205cb42ba4087283955b25c24eb87d3f57df34.zip