summaryrefslogtreecommitdiffstats
path: root/lib/libc
diff options
context:
space:
mode:
authorderaadt <deraadt@openbsd.org>2014-06-14 18:01:41 +0000
committerderaadt <deraadt@openbsd.org>2014-06-14 18:01:41 +0000
commitbbb6b66290d3b0c5ae0b26b00388ff2e0602cd5a (patch)
tree38ec3fa3223e43a8a6038ddfc9da3156745dbc2c /lib/libc
parentFix memory leaks in bootblock handling. (diff)
downloadwireguard-openbsd-bbb6b66290d3b0c5ae0b26b00388ff2e0602cd5a.tar.xz
wireguard-openbsd-bbb6b66290d3b0c5ae0b26b00388ff2e0602cd5a.zip
Change return value of getentropy() to int 0 for success. Maximum
buffersize is enforced strictly, this supplies sufficient entropy payload to act as seed material. Discourage general use of this API, but lock down this function name as the go-to for userland PRNG seeding. Improve documentation. ok miod matthew
Diffstat (limited to 'lib/libc')
-rw-r--r--lib/libc/sys/getentropy.236
1 files changed, 27 insertions, 9 deletions
diff --git a/lib/libc/sys/getentropy.2 b/lib/libc/sys/getentropy.2
index e3dca2e8724..1ef728ac041 100644
--- a/lib/libc/sys/getentropy.2
+++ b/lib/libc/sys/getentropy.2
@@ -1,4 +1,4 @@
-.\" $OpenBSD: getentropy.2,v 1.2 2014/06/13 15:16:46 deraadt Exp $
+.\" $OpenBSD: getentropy.2,v 1.3 2014/06/14 18:01:42 deraadt Exp $
.\"
.\" Copyright (c) 2014 Theo de Raadt
.\"
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: June 13 2014 $
+.Dd $Mdocdate: June 14 2014 $
.Dt GETENTROPY 2
.Os
.Sh NAME
@@ -22,24 +22,42 @@
.Nd get entropy
.Sh SYNOPSIS
.Fd #include <unistd.h>
-.Ft ssize_t
+.Ft int
.Fn getentropy "char *buf" "size_t buflen"
.Sh DESCRIPTION
.Nm
-returns a buffer of high-quality seed-grade entropy.
-.Pp
-This is typically used to seed a process-context generator
-like
+fills a buffer with high-quality seed-grade entropy, which can
+be used as input for process-context random
+generators like
.Xr arc4random 3 .
+.Pp
+The maximum buffer size permitted is 256 bytes.
+If
+.Va buflen
+exceeds this, an error of
+.Er EIO
+will be indicated.
+.Pp
+.Nm
+is not intended for regular code; please use the
+.Xr arc4random 3
+family of functions instead.
+.Sh RETURN VALUES
+Upon successful completion, a value of 0 is returned.
+Otherwise, a value of \-1 is returned and
+.Va errno
+is set to indicate the error.
.Sh ERRORS
-.Fn getlogin
+.Fn getentropy
will succeed unless:
.Bl -tag -width Er
.It Bq Er EFAULT
The
-.Fa name
+.Fa buf
parameter points to an
invalid address.
+.It Bq Er EIO
+Too many bytes requested, or some other fatal error occured.
.El
.Sh SEE ALSO
.Xr arc4random 3