diff options
| author | laanwj <126646+laanwj@users.noreply.github.com> | 2022-02-10 10:00:46 +0100 |
|---|---|---|
| committer | laanwj <126646+laanwj@users.noreply.github.com> | 2022-02-10 10:00:51 +0100 |
| commit | a7e80449c0811b361cdaea39b6bab78ca5fbf668 (patch) | |
| tree | 10c1c2e4e6b640fbc65c93090553f9bf532c860f /configure.ac | |
| parent | 243a9c39250dee95b6fe62ac5ae2f8e3eafecf1b (diff) | |
| parent | 0c49e52b22be1baa8d51670e4f3c437fd3c0baa7 (diff) | |
| download | bitcoin-a7e80449c0811b361cdaea39b6bab78ca5fbf668.tar.xz | |
Merge bitcoin/bitcoin#24238: random: use arc4random on OpenBSD
0c49e52b22be1baa8d51670e4f3c437fd3c0baa7 build: remove unneeded getentropy detection (HAVE_GETENTROPY) (Sebastian Falbesoner)
5cd15ffdceace3a077d4719ef7c1704336d602e1 random: use arc4random on OpenBSD (Sebastian Falbesoner)
Pull request description:
Inspired by a discussion on obtaining randomness on various OSes in a secp256k1 PR (https://github.com/bitcoin-core/secp256k1/pull/748#discussion_r524605472, see also https://bitcoincore.reviews/libsecp256k1-748), I think it makes sense to follow best practices and use `arc4random_buf` rather than `getentropy` on OpenBSD in our random module.
The [getentropy(2) man page](https://man.openbsd.org/getentropy.2) states:
```
getentropy() is not intended for regular code; please use the
arc4random(3) family of functions instead.
```
The [arc4random(3) man page](https://man.openbsd.org/arc4random.3) states:
```
Use of these functions is encouraged for almost all random number
consumption because the other interfaces are deficient in either quality,
portability, standardization, or availability.
```
On the linked PR discussion worries about using RC4 internally has been expressed (see https://security.stackexchange.com/questions/85601/is-arc4random-secure-enough/172905#172905), but this would only affect users of OpenBSD <5.5, using a version that was released more than 8 years ago.
ACKs for top commit:
laanwj:
Tested ACK 0c49e52b22be1baa8d51670e4f3c437fd3c0baa7
Tree-SHA512: b5ed3d0718962c5a3839db9a28f93d08a0ac93094cc664f83bc4cf1cfad25049e6240b7b81fe06b71e6a3a0ca24a2c337eab088abec5470ad014e10c04fdb216
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 7 |
1 files changed, 0 insertions, 7 deletions
diff --git a/configure.ac b/configure.ac index 078e113e95..6b172959f4 100644 --- a/configure.ac +++ b/configure.ac @@ -1112,13 +1112,6 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <unistd.h> [ AC_MSG_RESULT([no])] ) -AC_MSG_CHECKING([for getentropy]) -AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <unistd.h>]], - [[ getentropy(nullptr, 32) ]])], - [ AC_MSG_RESULT([yes]); AC_DEFINE([HAVE_GETENTROPY], [1], [Define this symbol if the BSD getentropy system call is available]) ], - [ AC_MSG_RESULT([no])] -) - AC_MSG_CHECKING([for getentropy via random.h]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <unistd.h> #include <sys/random.h>]], |