aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2022-12-28 00:11:00 +0100
committerHauke Mehrtens <hauke@hauke-m.de>2023-01-28 22:26:06 +0100
commitd1893f1c889b991746f6546b98f009b4125d5046 (patch)
tree4328a3edc6ef5c4217da052ead834f44516d4ecf
parent39e4f03fd335d5b5d1259d74fc3f00ad09e7796c (diff)
downloadupstream-d1893f1c889b991746f6546b98f009b4125d5046.tar.gz
upstream-d1893f1c889b991746f6546b98f009b4125d5046.tar.bz2
upstream-d1893f1c889b991746f6546b98f009b4125d5046.zip
px5g-mbedtls: Use getrandom()
Instead of accessing /dev/urandom use the getrandom syscall. This way we do not have to keep the file open all the time. This also fixes a compile error with glibc: -------- px5g-mbedtls.c: In function '_urandom': px5g-mbedtls.c:48:9: error: ignoring return value of 'read' declared with attribute 'warn_unused_result' [-Werror=unused-result] 48 | read(urandom_fd, out, len); | ^~~~~~~~~~~~~~~~~~~~~~~~~~ cc1: all warnings being treated as errors -------- Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
-rw-r--r--package/utils/px5g-mbedtls/px5g-mbedtls.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/package/utils/px5g-mbedtls/px5g-mbedtls.c b/package/utils/px5g-mbedtls/px5g-mbedtls.c
index 0b72154509..4e0a73ab0a 100644
--- a/package/utils/px5g-mbedtls/px5g-mbedtls.c
+++ b/package/utils/px5g-mbedtls/px5g-mbedtls.c
@@ -20,6 +20,7 @@
*/
#include <sys/types.h>
+#include <sys/random.h>
#include <stdio.h>
#include <stdlib.h>
@@ -31,6 +32,7 @@
#include <stdbool.h>
#include <mbedtls/bignum.h>
+#include <mbedtls/entropy.h>
#include <mbedtls/x509_crt.h>
#include <mbedtls/ecp.h>
#include <mbedtls/rsa.h>
@@ -40,12 +42,16 @@
#define PX5G_COPY "Copyright (c) 2009 Steven Barth <steven@midlink.org>"
#define PX5G_LICENSE "Licensed under the GNU Lesser General Public License v2.1"
-static int urandom_fd;
static char buf[16384];
static int _urandom(void *ctx, unsigned char *out, size_t len)
{
- read(urandom_fd, out, len);
+ ssize_t ret;
+
+ ret = getrandom(out, len, 0);
+ if (ret < 0 || (size_t)ret != len)
+ return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
+
return 0;
}
@@ -306,8 +312,6 @@ int selfsigned(char **arg)
int main(int argc, char *argv[])
{
- urandom_fd = open("/dev/urandom", O_RDONLY);
-
if (!argv[1]) {
//Usage
} else if (!strcmp(argv[1], "eckey")) {