[PATCH ustream-ssl v2] ustream-mbedtls: Use getrandom() instead of /dev/urandom

Mon Feb 20 02:15:29 PST 2023

On Sun, 19 Feb 2023 21:11:12 +0100
Hauke Mehrtens <hauke at hauke-m.de> wrote:

> Instead of keeping a file descriptor open just use the getrandom syscall
> to get random data. This is supported by the musl, glibc and Linux for
> some time now.
> 
> This also improves the error handling in case this function returns not
> as many bytes as expected.
> 
> Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de>
Reviewed-by: Torsten Duwe <duwe at lst.de>

> ---
>  ustream-mbedtls.c | 25 ++++++-------------------
>  1 file changed, 6 insertions(+), 19 deletions(-)
> 
> changes since v1:
> * rename _urandom to _random
> 
> diff --git a/ustream-mbedtls.c b/ustream-mbedtls.c
> index e79e37b..7fc7874 100644
> --- a/ustream-mbedtls.c
> +++ b/ustream-mbedtls.c
> @@ -17,6 +17,7 @@
>   */
>  
>  #include <sys/types.h>
> +#include <sys/random.h>
>  #include <fcntl.h>
>  #include <unistd.h>
>  #include <stdlib.h>
> @@ -25,8 +26,6 @@
>  #include "ustream-ssl.h"
>  #include "ustream-internal.h"
>  
> -static int urandom_fd = -1;
> -
>  static int s_ustream_read(void *ctx, unsigned char *buf, size_t len)
>  {
>  	struct ustream *s = ctx;
> @@ -66,21 +65,12 @@ __hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustr
>  	mbedtls_ssl_set_bio(ssl, conn, s_ustream_write, s_ustream_read, NULL);
>  }
>  
> -static bool urandom_init(void)
> +static int _random(void *ctx, unsigned char *out, size_t len)
>  {
> -	if (urandom_fd > -1)
> -		return true;
> +	ssize_t ret;
>  
> -	urandom_fd = open("/dev/urandom", O_RDONLY);
> -	if (urandom_fd < 0)
> -		return false;
> -
> -	return true;
> -}
> -
> -static int _urandom(void *ctx, unsigned char *out, size_t len)
> -{
> -	if (read(urandom_fd, out, len) < 0)
> +	ret = getrandom(out, len, 0);
> +	if (ret < 0 || (size_t)ret != len)
>  		return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
>  
>  	return 0;
> @@ -134,9 +124,6 @@ __ustream_ssl_context_new(bool server)
>  	mbedtls_ssl_config *conf;
>  	int ep;
>  
> -	if (!urandom_init())
> -		return NULL;
> -
>  	ctx = calloc(1, sizeof(*ctx));
>  	if (!ctx)
>  		return NULL;
> @@ -159,7 +146,7 @@ __ustream_ssl_context_new(bool server)
>  
>  	mbedtls_ssl_config_defaults(conf, ep, MBEDTLS_SSL_TRANSPORT_STREAM,
>  				    MBEDTLS_SSL_PRESET_DEFAULT);
> -	mbedtls_ssl_conf_rng(conf, _urandom, NULL);
> +	mbedtls_ssl_conf_rng(conf, _random, NULL);
>  
>  	if (server) {
>  		mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_NONE);