[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Nmh-workers] Use arc4random_buf() if available

From: Pascal Stumpf
Subject: [Nmh-workers] Use arc4random_buf() if available
Date: Sat, 14 Dec 2013 01:41:00 +0100

rand()/srand() are not cryptographically secure PRNGs.  Some systems
have the much better suited arc4random() family of functions; there's no
reason to not use it if it is available.  Make m_rand() just a wrapper
around arc4random_buf() in that case.  (There's no need to ever seed it

As a bonus, silences some warnings on OpenBSD.

diff --git a/configure.ac b/configure.ac
index ce4b46d..5f6b556 100644
--- a/configure.ac
+++ b/configure.ac
@@ -363,7 +363,7 @@ AC_CHECK_HEADER([sys/ptem.h], AC_DEFINE(WINSIZE_IN_PTEM,1,
 dnl ---------------
 dnl ---------------
-AC_CHECK_FUNCS([wcwidth mbtowc writev lstat nl_langinfo getutxent])
+AC_CHECK_FUNCS([wcwidth mbtowc writev lstat nl_langinfo getutxent arc4random])
 dnl Check for multibyte character set support
 AS_IF([test "x$ac_cv_header_wchar_h" = "xyes" -a \
diff --git a/sbr/m_rand.c b/sbr/m_rand.c
index 4d24888..8544cfb 100644
--- a/sbr/m_rand.c
+++ b/sbr/m_rand.c
@@ -6,16 +6,21 @@
  * complete copyright information.
-#include <stdlib.h>  /* for abs(), srand(), rand() */
+#include <stdlib.h>  /* for abs(), srand(), rand(), arc4random() */
 #include <stdio.h>   /* for fopen(), fread(), fclose() */
 #include <unistd.h>  /* for getpid() */
 #include <time.h>    /* for time() */
+#include <config.h>
 static int seeded = 0;
 m_rand (unsigned char *buf, size_t n) {
   if (! seeded) {
     FILE *devurandom;
     unsigned int seed;
@@ -46,6 +51,9 @@ m_rand (unsigned char *buf, size_t n) {
       *buf++ = *rndp++;
+  arc4random_buf(buf, n);
   return 0;

reply via email to

[Prev in Thread] Current Thread [Next in Thread]