diff options
author | 2014-06-14 18:01:41 +0000 | |
---|---|---|
committer | 2014-06-14 18:01:41 +0000 | |
commit | bbb6b66290d3b0c5ae0b26b00388ff2e0602cd5a (patch) | |
tree | 38ec3fa3223e43a8a6038ddfc9da3156745dbc2c /lib/libc | |
parent | Fix memory leaks in bootblock handling. (diff) | |
download | wireguard-openbsd-bbb6b66290d3b0c5ae0b26b00388ff2e0602cd5a.tar.xz wireguard-openbsd-bbb6b66290d3b0c5ae0b26b00388ff2e0602cd5a.zip |
Change return value of getentropy() to int 0 for success. Maximum
buffersize is enforced strictly, this supplies sufficient entropy
payload to act as seed material. Discourage general use of this
API, but lock down this function name as the go-to for userland
PRNG seeding. Improve documentation.
ok miod matthew
Diffstat (limited to 'lib/libc')
-rw-r--r-- | lib/libc/sys/getentropy.2 | 36 |
1 files changed, 27 insertions, 9 deletions
diff --git a/lib/libc/sys/getentropy.2 b/lib/libc/sys/getentropy.2 index e3dca2e8724..1ef728ac041 100644 --- a/lib/libc/sys/getentropy.2 +++ b/lib/libc/sys/getentropy.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: getentropy.2,v 1.2 2014/06/13 15:16:46 deraadt Exp $ +.\" $OpenBSD: getentropy.2,v 1.3 2014/06/14 18:01:42 deraadt Exp $ .\" .\" Copyright (c) 2014 Theo de Raadt .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: June 13 2014 $ +.Dd $Mdocdate: June 14 2014 $ .Dt GETENTROPY 2 .Os .Sh NAME @@ -22,24 +22,42 @@ .Nd get entropy .Sh SYNOPSIS .Fd #include <unistd.h> -.Ft ssize_t +.Ft int .Fn getentropy "char *buf" "size_t buflen" .Sh DESCRIPTION .Nm -returns a buffer of high-quality seed-grade entropy. -.Pp -This is typically used to seed a process-context generator -like +fills a buffer with high-quality seed-grade entropy, which can +be used as input for process-context random +generators like .Xr arc4random 3 . +.Pp +The maximum buffer size permitted is 256 bytes. +If +.Va buflen +exceeds this, an error of +.Er EIO +will be indicated. +.Pp +.Nm +is not intended for regular code; please use the +.Xr arc4random 3 +family of functions instead. +.Sh RETURN VALUES +Upon successful completion, a value of 0 is returned. +Otherwise, a value of \-1 is returned and +.Va errno +is set to indicate the error. .Sh ERRORS -.Fn getlogin +.Fn getentropy will succeed unless: .Bl -tag -width Er .It Bq Er EFAULT The -.Fa name +.Fa buf parameter points to an invalid address. +.It Bq Er EIO +Too many bytes requested, or some other fatal error occured. .El .Sh SEE ALSO .Xr arc4random 3 |