enhance seed for random

Patch by: michaelortmann srandom is currently seeded like this: srandom((unsigned int) (now % (getpid() + getppid()))); the part: % (getpid() + getppid())" truncates the range to maxpid+maxppid, which is 128k the patch enhances the seed in 3 ways 1st: the truncation is fixed by replacing the "mod (pid + ppid)" by "xor pid" 2nd: "now" is in seconds and is replaced with tv_sec * tv_usec (milliseconds) 3rd: if the modern getrandom() libc function is available, it is used instead think of getrandom() as /dev/urandom, but without any file descriptor its available under freebsd12+, linux glibc 2.25+, solaris 11.3+ this patch enhances (only) the seed for srandom and doesnt change any other random functions
eggheads · Aug 20, 2018 · 545fe62 · 545fe62 · michaelortmann · Aug 20, 2018
1 parent fabd9ca
commit 545fe62
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 2 deletions.
diff --git a/config.h.in b/config.h.in
@@ -108,6 +108,9 @@
 /* Define to 1 if you have the `getpagesize' function. */
 #undef HAVE_GETPAGESIZE
 
+/* Define to 1 if you have the `getrandom' function. */
+#undef HAVE_GETRANDOM
+
 /* Define to 1 if you have the `getrusage' function. */
 #undef HAVE_GETRUSAGE
 

diff --git a/configure.ac b/configure.ac
@@ -109,7 +109,7 @@ EGG_CHECK_SOCKLEN_T
 AX_CREATE_STDINT_H([eggint.h])
 
 # Checks for functions and their arguments.
-AC_CHECK_FUNCS([clock dprintf fsync getdtablesize getrusage inet_aton isascii mbrlen memcpy memset random rand lrand48 rename setpgid sigaction sigemptyset snprintf strcasecmp strncasecmp uname vsnprintf inet_ntop])
+AC_CHECK_FUNCS([clock dprintf fsync getdtablesize getrandom getrusage inet_aton inet_ntop isascii mbrlen memcpy memset random rand lrand48 rename setpgid sigaction sigemptyset snprintf strcasecmp strncasecmp uname vsnprintf])
 AC_FUNC_SELECT_ARGTYPES
 EGG_FUNC_VPRINTF
 AC_FUNC_STRFTIME

diff --git a/src/main.c b/src/main.c
@@ -79,6 +79,10 @@
 #  include <sys/resource.h>             /* setrlimit() */
 #endif
 
+#ifdef HAVE_GETRANDOM
+#  include <sys/random.h>
+#endif
+
 #ifndef _POSIX_SOURCE
 #  define _POSIX_SOURCE 1               /* Solaris needs this */
 #endif
@@ -1016,6 +1020,19 @@ int mainloop(int toplevel)
   return (eggbusy || tclbusy);
 }
 
+static void init_random(void) {
+  unsigned int seed;
+#ifdef HAVE_GETRANDOM
+  if (getrandom(&seed, sizeof(seed), 0) != sizeof(seed))
+    fatal("ERROR: getrandom()\n", 0);
+#else
+  struct timeval tp;
+  gettimeofday(&tp, NULL);
+  seed = (tp.tv_sec * tp.tv_usec) ^ getpid();
+#endif
+  srandom(seed);
+}
+
 int main(int arg_c, char **arg_v)
 {
   int i, xx;
@@ -1106,7 +1123,7 @@ int main(int arg_c, char **arg_v)
   chanset = NULL;
   egg_memcpy(&nowtm, localtime(&now), sizeof(struct tm));
   lastmin = now / 60;
-  srandom((unsigned int) (now % (getpid() + getppid())));
+  init_random();
   init_mem();
   if (argc > 1)
     do_arg();