[dovecot-cvs] dovecot/src/lib randgen.c, 1.12, 1.13 randgen.h, 1.3, 1.4

[cras at dovecot.org]

Update of /var/lib/cvs/dovecot/src/lib
In directory talvi:/tmp/cvs-serv32424/lib

Modified Files:
	randgen.c randgen.h 
Log Message:
Added random_fill_weak() and make random_init() always initialize srand()
with a seed from random_fill().



Index: randgen.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/lib/randgen.c,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -d -r1.12 -r1.13
--- randgen.c	26 Aug 2003 21:18:16 -0000	1.12
+++ randgen.c	6 Jan 2005 19:08:19 -0000	1.13
@@ -3,6 +3,8 @@
 #include "lib.h"
 #include "randgen.h"
 
+#include <stdlib.h>
+
 #ifdef HAVE_DEV_URANDOM
 
 #include "fd-close-on-exec.h"
@@ -29,6 +31,8 @@
 
 void random_init(void)
 {
+	unsigned int seed;
+
 	if (init_refcount++ > 0)
 		return;
 
@@ -42,6 +46,9 @@
 		}
 	}
 
+	random_fill(&seed, sizeof(seed));
+	srand(seed);
+
 	fd_close_on_exec(urandom_fd, TRUE);
 }
 
@@ -80,9 +87,24 @@
 		i_fatal("RAND_pseudo_bytes() failed: %s", ssl_last_error());
 }
 
-void random_init(void) {}
+void random_init(void)
+{
+	unsigned int seed;
+
+	random_fill(&seed, sizeof(seed));
+	srand(seed);
+}
+
 void random_deinit(void) {}
 
 #else
 #  error No random number generator, use eg. OpenSSL.
 #endif
+
+void random_fill_weak(void *buf, size_t size)
+{
+	unsigned char *cbuf = buf;
+
+	for (; size > 0; size--)
+		*cbuf++ = (unsigned char)rand();
+}

Index: randgen.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/lib/randgen.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- randgen.h	8 Sep 2002 13:20:28 -0000	1.3
+++ randgen.h	6 Jan 2005 19:08:19 -0000	1.4
@@ -1,7 +1,12 @@
 #ifndef __RANDGEN_H
 #define __RANDGEN_H
 
+/* Fill given buffer with semi-strong randomness, usually from /dev/urandom. */
 void random_fill(void *buf, size_t size);
+/* Fill given buffer with weak randomness, ie. with rand(). This is better if
+   no real randomness is required, as reading from /dev/urandom usually also
+   consumes /dev/random entropy, which may disturb other processes. */
+void random_fill_weak(void *buf, size_t size);
 
 /* may be called multiple times */
 void random_init(void);