diff options
| author | Tobias Stoeckmann <tobias@stoeckmann.org> | 2024-01-04 19:02:30 +0100 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@strace.io> | 2024-01-05 23:36:44 +0000 |
| commit | d0a4ed1cb5e28af841378369b2505282eed087a0 (patch) | |
| tree | a452ed3a8315977ed589fc60ac80e901da24f98b /libpam | |
| parent | b6faf3c6cbf2f27a1976e462e2ea6fa09f1aad3d (diff) | |
| download | pam-d0a4ed1cb5e28af841378369b2505282eed087a0.tar.gz pam-d0a4ed1cb5e28af841378369b2505282eed087a0.tar.bz2 pam-d0a4ed1cb5e28af841378369b2505282eed087a0.zip | |
libpam: use getrandom if possible
Use getrandom to retrieve random numbers for delay calculation.
If it fails or is not available, keep using current algorithm.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Diffstat (limited to 'libpam')
| -rw-r--r-- | libpam/pam_delay.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/libpam/pam_delay.c b/libpam/pam_delay.c index 67b7d73b..357ae276 100644 --- a/libpam/pam_delay.c +++ b/libpam/pam_delay.c @@ -18,6 +18,10 @@ #include <unistd.h> #include <time.h> +#ifdef HAVE_SYS_RANDOM_H +#include <sys/random.h> +#endif + /* ********************************************************************** * initialize the time as unset, this is set on the return from the * authenticating pair of the libpam pam_XXX calls. @@ -52,11 +56,20 @@ void _pam_start_timer(pam_handle_t *pamh) * in C'. It is *not* a cryptographically strong generator, but it is * probably "good enough" for our purposes here. * - * /dev/random might be a better place to look for some numbers... + * If getrandom is available, retrieve random number from there. */ static unsigned int _pam_rand(unsigned int seed) { +#ifdef HAVE_GETRANDOM + unsigned int value; + + if (getrandom(&value, sizeof(value), GRND_NONBLOCK) == + (ssize_t) sizeof(value)) { + return value; + } +#endif + #define N1 1664525 #define N2 1013904223 return N1*seed + N2; |