#
be1d1982 |
| 31-Jul-2022 |
tb <tb@openbsd.org> |
fix indent
|
#
d9204e62 |
| 31-Jul-2022 |
djm <djm@openbsd.org> |
Randomise the rekey interval a little. Previously, the chacha20 instance would be rekeyed every 1.6MB. This makes it happen at a random point somewhere in the 1-2MB range.
Feedback deraadt@ visa@, o
Randomise the rekey interval a little. Previously, the chacha20 instance would be rekeyed every 1.6MB. This makes it happen at a random point somewhere in the 1-2MB range.
Feedback deraadt@ visa@, ok tb@ visa@
show more ...
|
#
822b16c6 |
| 28-Feb-2022 |
dtucker <dtucker@openbsd.org> |
Remove unused ivbits argument from chacha_keysetup to match other instances in the tree. ok deraadt@
|
#
1bdfaae3 |
| 24-Mar-2019 |
deraadt <deraadt@openbsd.org> |
In the incredibly unbelievable circumstance where _rs_init() fails to allocate pages, don't call abort() because of corefile data leakage concerns, but simply _exit(). The reasoning is _rs_init() wi
In the incredibly unbelievable circumstance where _rs_init() fails to allocate pages, don't call abort() because of corefile data leakage concerns, but simply _exit(). The reasoning is _rs_init() will only fail if someone finds a way to apply specific pressure against this failure point, for the purpose of leaking information into a core which they can read. We don't need a corefile in this instance to debug that. So take this "lever" away from whoever in the future wants to do that.
show more ...
|
#
0d943ef0 |
| 13-Sep-2015 |
guenther <guenther@openbsd.org> |
Wrap <stdlib.h> so that calls go direct and the symbols not in the C standard are all weak. Apply __{BEGIN,END}_HIDDEN_DECLS to gdtoa{,imp}.h, hiding the arch-specific __strtorx, __ULtox_D2A, __strto
Wrap <stdlib.h> so that calls go direct and the symbols not in the C standard are all weak. Apply __{BEGIN,END}_HIDDEN_DECLS to gdtoa{,imp}.h, hiding the arch-specific __strtorx, __ULtox_D2A, __strtorQ, __ULtoQ_D2A symbols.
show more ...
|
#
9d355e46 |
| 10-Sep-2015 |
bcook <bcook@openbsd.org> |
Add support for building arc4random with MSVC.
By default, MSVC's stdlib.h defines min(), so we need to spell out something less common to avoid picking it up.
ok deraadt@ beck@ miod@
|
#
aea60bee |
| 16-Jan-2015 |
deraadt <deraadt@openbsd.org> |
Move to the <limits.h> universe. review by millert, binary checking process with doug, concept with guenther
|
#
08735ac4 |
| 15-Jan-2015 |
deraadt <deraadt@openbsd.org> |
back in september I did the large abstraction refactoring to allow these other systems to fit into the same mold, so add copyright
|
#
323bb523 |
| 21-Jul-2014 |
deraadt <deraadt@openbsd.org> |
missing newline
|
#
d976644e |
| 20-Jul-2014 |
bcook <bcook@openbsd.org> |
Move more OS-specific functionality to arc4random.h headers.
Move <sys/mman.h> and raise(SIGKILL) calls to OS-specific headers. On OpenBSD, move thread_private.h as well to arc4random.h. On Windows,
Move more OS-specific functionality to arc4random.h headers.
Move <sys/mman.h> and raise(SIGKILL) calls to OS-specific headers. On OpenBSD, move thread_private.h as well to arc4random.h. On Windows, use TerminateProcess on getentropy failure.
ok deraadt@
show more ...
|
#
40e6dbbd |
| 19-Jul-2014 |
deraadt <deraadt@openbsd.org> |
Change _rs_allocate so it can combine the two regions (rs and rsx) into one if a system has an awesome getentropy(). In that case it is valid to totally throw away the rsx state in the child. If th
Change _rs_allocate so it can combine the two regions (rs and rsx) into one if a system has an awesome getentropy(). In that case it is valid to totally throw away the rsx state in the child. If the getentropy() is not very good and has a lazy reseed operation, this combining is a bad idea, and the reseed should probably continue to use the "something old, something new" mix. _rs_allocate() can accomodate either method, but not on the fly. ok matthew
show more ...
|
#
2ef411b6 |
| 18-Jul-2014 |
deraadt <deraadt@openbsd.org> |
Seperate arc4random's os-dependent parts into static inline functions, making it much easier for libressl -portable to fill in the gaps. ok bcook beck
|
#
29a8d8f8 |
| 17-Jul-2014 |
deraadt <deraadt@openbsd.org> |
"Race-free because we're running single-threaded in a new address space, and once allocated rs is never deallocated." document the forkhandler to save reviewers time, with matthew
|
#
f32ced12 |
| 16-Jul-2014 |
deraadt <deraadt@openbsd.org> |
#ifdef wrap the _rs_forkhandler
|
#
98694cd0 |
| 16-Jul-2014 |
bcook <bcook@openbsd.org> |
added handler for an atfork hook from kettenis@
ok deraadt@ beck@ kettenis@
|
#
d2556a96 |
| 13-Jul-2014 |
beck <beck@openbsd.org> |
While we thought this would make portable life easier it actually makes it much harder. ok bcook@ kettenis@
|
#
205b4a08 |
| 12-Jul-2014 |
deraadt <deraadt@openbsd.org> |
Wrap "thread_private.h" with #ifdef __OpenBSD__ so that other systems can copy this file (plus chacha_private.h) directly and reuse it trivially. Well, as long as they have a getentropy() as well..
Wrap "thread_private.h" with #ifdef __OpenBSD__ so that other systems can copy this file (plus chacha_private.h) directly and reuse it trivially. Well, as long as they have a getentropy() as well.. ok beck
show more ...
|
#
fc506807 |
| 12-Jul-2014 |
deraadt <deraadt@openbsd.org> |
Split arc4random_uniform into it's own file, to assist other projects now using this as upstream code. The particular problem is systems that contain older arc4random derivations lacking arc4random_
Split arc4random_uniform into it's own file, to assist other projects now using this as upstream code. The particular problem is systems that contain older arc4random derivations lacking arc4random_uniform(). ok tedu miod
show more ...
|
#
2cc388ba |
| 09-Jul-2014 |
bcook <bcook@openbsd.org> |
changes to improve portability
ok beck@ deraadt@ jsing@ guenther@
|
#
98a6c07d |
| 27-Jun-2014 |
deraadt <deraadt@openbsd.org> |
re-init and init code paths are now more shared, so the getpid()-based portable code path must handle that; with brent cook
|
#
25c2b03a |
| 26-Jun-2014 |
deraadt <deraadt@openbsd.org> |
Add back an #ifndef MAP_INHERIT_ZERO chunk to support the old getpid() mechanism, to aid in portability to other systems as requested. ok matthew
|
#
99cf665f |
| 25-Jun-2014 |
deraadt <deraadt@openbsd.org> |
document why we explicit_bzero
|
#
51205cb4 |
| 20-Jun-2014 |
matthew <matthew@openbsd.org> |
arc4random: hard fail with raise(SIGKILL) if getentropy() returns -1
Allow other non-zero return values in case we change our mind to return an ssize_t byte count instead of simple success/fail.
ok
arc4random: hard fail with raise(SIGKILL) if getentropy() returns -1
Allow other non-zero return values in case we change our mind to return an ssize_t byte count instead of simple success/fail.
ok deraadt, djm
show more ...
|
#
6e3588f2 |
| 19-Jun-2014 |
matthew <matthew@openbsd.org> |
Move rs_chacha and rs_buf into the same memory page and don't mark it MAP_INHERIT_ZERO anymore. This restores arc4random's previous behavior where fork children would mix in some randomness from the
Move rs_chacha and rs_buf into the same memory page and don't mark it MAP_INHERIT_ZERO anymore. This restores arc4random's previous behavior where fork children would mix in some randomness from the parent process.
New behavior noticed by deraadt ok deraadt, tedu
show more ...
|
#
4caf194b |
| 17-Jun-2014 |
matthew <matthew@openbsd.org> |
Use MAP_INHERIT_ZERO in arc4random(3)
Now instead of calling getpid() each time a user invokes arc4random(), we're able to rely on the kernel zero'ing out the RNG state if the process forks.
ok der
Use MAP_INHERIT_ZERO in arc4random(3)
Now instead of calling getpid() each time a user invokes arc4random(), we're able to rely on the kernel zero'ing out the RNG state if the process forks.
ok deraadt, djm
show more ...
|