Nmap Development mailing list archives
[PATCH] No need to seed the RNG with srand() in nbase/nbase_rnd.c
From: Kris Katterjohn <kjak () ispwest com>
Date: Mon, 21 Aug 2006 13:41:00 -0500
The "normal" random number generator is seeded with srand() in main() in main.cc so it doesn't need to be done again in nbase/nbase_rnd.c (unless I'm missing something?). They both seed it the same way. There are two patches here to choose from, one that just removes the gettimeofday() and srand() calls and one that removes the whole 'badrandomwarning' if(). The only reason I can see keeping the whole if() is to keep the commented-out warning. Even though I can't see the point in keeping it, I just sent both patches just in case. They are diffs against 4.20ALPHA4. Thanks, Kris Katterjohn
--- x/nbase/nbase_rnd.c 2006-07-04 16:17:00.000000000 -0500 +++ y/nbase/nbase_rnd.c 2006-08-21 13:36:13.000000000 -0500 @@ -109,11 +109,9 @@ int get_random_bytes(void *buf, int numbytes) { static char bytebuf[2048]; - static char badrandomwarning = 0; static int bytesleft = 0; int tmp; int res; - struct timeval tv; FILE *fp = NULL; unsigned int i; short *iptr; @@ -134,15 +132,6 @@ int get_random_bytes(void *buf, int numb bytesleft = sizeof(bytebuf); } if (!fp) { - if (badrandomwarning == 0) { - badrandomwarning++; - /* error("WARNING: your system apparently does not offer /dev/urandom or /dev/random. Reverting to less secure version."); */ - - /* Seed our random generator */ - gettimeofday(&tv, NULL); - srand((tv.tv_sec ^ tv.tv_usec) ^ getpid()); - } - for(i=0; i < sizeof(bytebuf) / sizeof(short); i++) { iptr = (short *) ((char *)bytebuf + i * sizeof(short)); *iptr = rand();
--- x/nbase/nbase_rnd.c 2006-07-04 16:17:00.000000000 -0500 +++ y/nbase/nbase_rnd.c 2006-08-21 13:38:57.000000000 -0500 @@ -113,7 +113,6 @@ int get_random_bytes(void *buf, int numb static int bytesleft = 0; int tmp; int res; - struct timeval tv; FILE *fp = NULL; unsigned int i; short *iptr; @@ -137,10 +136,6 @@ int get_random_bytes(void *buf, int numb if (badrandomwarning == 0) { badrandomwarning++; /* error("WARNING: your system apparently does not offer /dev/urandom or /dev/random. Reverting to less secure version."); */ - - /* Seed our random generator */ - gettimeofday(&tv, NULL); - srand((tv.tv_sec ^ tv.tv_usec) ^ getpid()); } for(i=0; i < sizeof(bytebuf) / sizeof(short); i++) {
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH] No need to seed the RNG with srand() in nbase/nbase_rnd.c Kris Katterjohn (Aug 21)
- Re: [PATCH] No need to seed the RNG with srand() in nbase/nbase_rnd.c Fyodor (Aug 21)
- Re: [PATCH] No need to seed the RNG with srand() in nbase/nbase_rnd.c Kris Katterjohn (Aug 21)
- Re: [PATCH] No need to seed the RNG with srand() in nbase/nbase_rnd.c Fyodor (Aug 21)