From 5cd15ffdceace3a077d4719ef7c1704336d602e1 Mon Sep 17 00:00:00 2001
From: Sebastian Falbesoner <sebastian.falbesoner@gmail.com>
Date: Wed, 2 Feb 2022 15:35:26 +0100
Subject: random: use arc4random on OpenBSD

Following best practices on OpenBSD. The getentropy(2) man page states:
"getentropy() is not intended for regular code;
 please use the arc4random(3) family of functions instead."
---
 src/random.cpp | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

(limited to 'src/random.cpp')

diff --git a/src/random.cpp b/src/random.cpp
index 5dae80fe31..fa53a0f7b9 100644
--- a/src/random.cpp
+++ b/src/random.cpp
@@ -305,16 +305,14 @@ void GetOSRand(unsigned char *ent32)
             RandFailure();
         }
     }
-#elif defined(HAVE_GETENTROPY) && defined(__OpenBSD__)
-    /* On OpenBSD this can return up to 256 bytes of entropy, will return an
-     * error if more are requested.
-     * The call cannot return less than the requested number of bytes.
-       getentropy is explicitly limited to openbsd here, as a similar (but not
-       the same) function may exist on other platforms via glibc.
+#elif defined(__OpenBSD__)
+    /* OpenBSD. From the arc4random(3) man page:
+       "Use of these functions is encouraged for almost all random number
+        consumption because the other interfaces are deficient in either
+        quality, portability, standardization, or availability."
+       The function call is always successful.
      */
-    if (getentropy(ent32, NUM_OS_RANDOM_BYTES) != 0) {
-        RandFailure();
-    }
+    arc4random_buf(ent32, NUM_OS_RANDOM_BYTES);
     // Silence a compiler warning about unused function.
     (void)GetDevURandom;
 #elif defined(HAVE_GETENTROPY_RAND) && defined(MAC_OSX)
-- 
cgit v1.2.3