cuberite/libevent
1
0
Fork 0
mirror of https://github.com/cuberite/libevent.git synced 2025-09-13 06:16:10 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/patches-2.0'

Browse Source
This commit is contained in:
Nick Mathewson 2013-06-10 10:47:28 -04:00
commit 0b05aa6591
2 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
arc4random.c
View File

@ -287,6 +287,7 @@ arc4_seed_proc_sys_kernel_random_uuid(void)
} }
memset(entropy, 0, sizeof(entropy)); memset(entropy, 0, sizeof(entropy));
memset(buf, 0, sizeof(buf)); memset(buf, 0, sizeof(buf));
arc4_seeded_ok = 1;
return 0; return 0;
} }
#endif #endif
@ -388,6 +389,7 @@ arc4_stir(void)
*/ */
for (i = 0; i < 12*256; i++) for (i = 0; i < 12*256; i++)
(void)arc4_getbyte(); (void)arc4_getbyte();
arc4_count = BYTES_BEFORE_RESEED; arc4_count = BYTES_BEFORE_RESEED;
return 0; return 0;

9
include/event2/util.h
View File

@ -677,9 +677,12 @@ const char *evutil_gai_strerror(int err);
/** Generate n bytes of secure pseudorandom data, and store them in buf. /** Generate n bytes of secure pseudorandom data, and store them in buf.
* *
* By default, Libevent uses an ARC4-based random number generator, seeded * Current versions of Libevent use an ARC4-based random number generator,
* using the platform's entropy source (/dev/urandom on Unix-like systems; * seeded using the platform's entropy source (/dev/urandom on Unix-like
* CryptGenRandom on Windows). * systems; CryptGenRandom on Windows). This is not actually as secure as it
* should be: ARC4 is a pretty lousy cipher, and the current implementation
* provides only rudimentary prediction- and backtracking-resistance. Don't
* use this for serious cryptographic applications.
*/ */
void evutil_secure_rng_get_bytes(void *buf, size_t n); void evutil_secure_rng_get_bytes(void *buf, size_t n);