Nmap Development mailing list archives

[PATCH] No need to seed the RNG with srand() in nbase/nbase_rnd.c

From: Kris Katterjohn <kjak () ispwest com>
Date: Mon, 21 Aug 2006 13:41:00 -0500

The "normal" random number generator is seeded with srand() in main() in
main.cc so it doesn't need to be done again in nbase/nbase_rnd.c (unless
I'm missing something?). They both seed it the same way.

There are two patches here to choose from, one that just removes the
gettimeofday() and srand() calls and one that removes the whole
'badrandomwarning' if().

The only reason I can see keeping the whole if() is to keep the
commented-out warning. Even though I can't see the point in keeping it,
I just sent both patches just in case.

They are diffs against 4.20ALPHA4.

Thanks,
Kris Katterjohn

--- x/nbase/nbase_rnd.c 2006-07-04 16:17:00.000000000 -0500
+++ y/nbase/nbase_rnd.c 2006-08-21 13:36:13.000000000 -0500
@@ -109,11 +109,9 @@
 
 int get_random_bytes(void *buf, int numbytes) {
   static char bytebuf[2048];
-  static char badrandomwarning = 0;
   static int bytesleft = 0;
   int tmp;
   int res;
-  struct timeval tv;
   FILE *fp = NULL;
   unsigned int i;
   short *iptr;
@@ -134,15 +132,6 @@ int get_random_bytes(void *buf, int numb
       bytesleft = sizeof(bytebuf);
     }
     if (!fp) {  
-      if (badrandomwarning == 0) {
-       badrandomwarning++;
-       /*      error("WARNING: your system apparently does not offer /dev/urandom or /dev/random.  Reverting to less 
secure version."); */
-       
-       /* Seed our random generator */
-       gettimeofday(&tv, NULL);
-       srand((tv.tv_sec ^ tv.tv_usec) ^ getpid());
-      }
-      
       for(i=0; i < sizeof(bytebuf) / sizeof(short); i++) {
        iptr = (short *) ((char *)bytebuf + i * sizeof(short));
        *iptr = rand();

--- x/nbase/nbase_rnd.c 2006-07-04 16:17:00.000000000 -0500
+++ y/nbase/nbase_rnd.c 2006-08-21 13:38:57.000000000 -0500
@@ -113,7 +113,6 @@ int get_random_bytes(void *buf, int numb
   static int bytesleft = 0;
   int tmp;
   int res;
-  struct timeval tv;
   FILE *fp = NULL;
   unsigned int i;
   short *iptr;
@@ -137,10 +136,6 @@ int get_random_bytes(void *buf, int numb
       if (badrandomwarning == 0) {
        badrandomwarning++;
        /*      error("WARNING: your system apparently does not offer /dev/urandom or /dev/random.  Reverting to less 
secure version."); */
-       
-       /* Seed our random generator */
-       gettimeofday(&tv, NULL);
-       srand((tv.tv_sec ^ tv.tv_usec) ^ getpid());
       }
       
       for(i=0; i < sizeof(bytebuf) / sizeof(short); i++) {


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

[PATCH] No need to seed the RNG with srand() in nbase/nbase_rnd.c Kris Katterjohn (Aug 21)
- Re: [PATCH] No need to seed the RNG with srand() in nbase/nbase_rnd.c Fyodor (Aug 21)
  - Re: [PATCH] No need to seed the RNG with srand() in nbase/nbase_rnd.c Kris Katterjohn (Aug 21)