From a1933bd1847951b959016f59ee744d1b18a00142 Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Fri, 14 Oct 2016 17:07:56 +0000 Subject: Clean up and modernize librandom. Correct random number generation has historically been suprisingly painful to achieve. There was no standard, every system behaved in a subtly different way, and there were a few userland initiatives to get decent randomness, all incompatible of course. The situation is a bit better now, we're heading towards some standardization. The arc4random() series of functions is a good API, and available on a lot of systems - unfortunately not Linux, but on Linux the new getrandom() makes using /dev/random obsolete. So I removed the old crap in librandom, dropped EGD support, dropped dynamic backend selection, made a single API series (random_* instead of goodrandom_* and badrandom_*), added an arc4random backend and a getrandom backend, and defaulted to /dev/urandom backed up by SURF in the worst case. This should be much smaller and logical. However, it's a major API break, so the skarnet.org stack will be changed to adapt. --- src/libunixonacid/atomic_rm_rf_tmp.c | 2 +- src/libunixonacid/dd_commit.c | 4 ++-- src/libunixonacid/dd_open_write.c | 2 +- src/libunixonacid/mkdir_unique.c | 2 +- src/libunixonacid/openwritenclose_devino_tmp.c | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) (limited to 'src/libunixonacid') diff --git a/src/libunixonacid/atomic_rm_rf_tmp.c b/src/libunixonacid/atomic_rm_rf_tmp.c index 8be5189..5bba785 100644 --- a/src/libunixonacid/atomic_rm_rf_tmp.c +++ b/src/libunixonacid/atomic_rm_rf_tmp.c @@ -16,7 +16,7 @@ int atomic_rm_rf_tmp (char const *filename, stralloc *tmp) start = tmp->len ; for (;;) { - if (random_sauniquename(tmp, 64) < 0) goto err ; + if (!random_sauniquename(tmp, 64)) goto err ; if (!stralloc_0(tmp)) goto err ; if (!rename(filename, tmp->s + tmpbase)) break ; if (errno != EEXIST && errno != ENOTEMPTY) goto err ; diff --git a/src/libunixonacid/dd_commit.c b/src/libunixonacid/dd_commit.c index 2555d1e..f4a7b06 100644 --- a/src/libunixonacid/dd_commit.c +++ b/src/libunixonacid/dd_commit.c @@ -30,7 +30,7 @@ int dd_commit (dirdescriptor_t *dd) unsigned int lnkbnbase = dd->new.len ; if (errno != EINVAL) goto fail ; if (!stralloc_cats(&dd->new, lnkbn)) goto fail ; - if (random_sauniquename(&dd->new, 8) < 0) goto fail ; + if (!random_sauniquename(&dd->new, 8)) goto fail ; if (!stralloc_0(&dd->new)) goto fail ; if (rename(dd->lnkfn, dd->new.s + oldbase) < 0) goto fail ; /* /!\ race condition right here: there's no lnkfn in the fs */ @@ -45,7 +45,7 @@ int dd_commit (dirdescriptor_t *dd) if (!stralloc_0(&dd->new)) goto fail ; newlnkbase = dd->new.len ; if (!stralloc_catb(&dd->new, dd->lnkfn, len)) goto fail ; - if (random_sauniquename(&dd->new, 8) < 0) goto fail ; + if (!random_sauniquename(&dd->new, 8)) goto fail ; if (!stralloc_0(&dd->new)) goto fail ; if (symlink(dd->new.s, dd->new.s + newlnkbase) < 0) goto fail ; if (rename(dd->new.s + newlnkbase, dd->lnkfn) < 0) diff --git a/src/libunixonacid/dd_open_write.c b/src/libunixonacid/dd_open_write.c index f579c73..90518cb 100644 --- a/src/libunixonacid/dd_open_write.c +++ b/src/libunixonacid/dd_open_write.c @@ -14,7 +14,7 @@ int dd_open_write (dirdescriptor_t *dd, char const *lnkfn, unsigned int mode) dirdescriptor_t d = DIRDESCRIPTOR_ZERO ; d.lnkfn = lnkfn ; if (!stralloc_cats(&d.new, lnkfn)) return 0 ; - if (random_sauniquename(&d.new, 8) < 0) goto fail ; + if (!random_sauniquename(&d.new, 8)) goto fail ; if (!stralloc_0(&d.new)) goto fail ; if (mkdir(d.new.s, mode) < 0) goto fail ; d.fd = open_read(d.new.s) ; diff --git a/src/libunixonacid/mkdir_unique.c b/src/libunixonacid/mkdir_unique.c index efc74cc..1eee4c6 100644 --- a/src/libunixonacid/mkdir_unique.c +++ b/src/libunixonacid/mkdir_unique.c @@ -11,7 +11,7 @@ int mkdir_unique (stralloc *sa, char const *fn, unsigned int mode) int wasnull = !sa->s ; if (!stralloc_cats(sa, fn)) return 0 ; if (!stralloc_cats(sa, "/mkdir_unique:")) goto fail ; - if (random_sauniquename(sa, 64) < 0) goto fail ; + if (!random_sauniquename(sa, 64)) goto fail ; if (!stralloc_0(sa)) goto fail ; if (mkdir(sa->s + base, mode) < 0) goto fail ; sa->len-- ; diff --git a/src/libunixonacid/openwritenclose_devino_tmp.c b/src/libunixonacid/openwritenclose_devino_tmp.c index 343da65..0fe032c 100644 --- a/src/libunixonacid/openwritenclose_devino_tmp.c +++ b/src/libunixonacid/openwritenclose_devino_tmp.c @@ -14,7 +14,7 @@ int openwritenclose_devino_tmp (char const *fn, char const *s, unsigned int len, uint64 tmpdev, tmpino ; unsigned int base = tmp->len ; if (!stralloc_cats(tmp, fn)) return 0 ; - if (random_sauniquename(tmp, 8) < 0) goto fail ; + if (!random_sauniquename(tmp, 8)) goto fail ; if (!stralloc_0(tmp)) goto fail ; if (!openwritenclose_unsafe_devino_sync(tmp->s + base, s, len, &tmpdev, &tmpino)) goto fail ; if (rename(tmp->s + base, fn) < 0) -- cgit v1.2.3