srutils: use better random function

random() is known to be weak. Therefore, using /dev/urandom is better, but only available on Linux. closes https://github.com/rsyslog/rsyslog/issues/1937
2025-12-19 16:10:43 +01:00 · 2017-11-25 18:13:26 +01:00 · 2017-11-25 18:13:26 +01:00 · bcc5c317a0
commit bcc5c317a0
parent 949ba291d4
1 changed files with 41 additions and 2 deletions
--- a/runtime/srutils.c
+++ b/runtime/srutils.c
@ -42,6 +42,7 @@
 #include <sys/wait.h>
 #include <ctype.h>
 #include <inttypes.h>
+#include <fcntl.h>
 #include "srUtils.h"
 #include "obj.h"
 #include "errmsg.h"
@ -691,7 +692,7 @@ containsGlobWildcard(char *str)
 	return 0;
 }

-void seedRandomNumber(void)
+static void seedRandomInsecureNumber(void)
 {
 	struct timespec t;
 	timeoutComp(&t, 0);
@ -699,10 +700,48 @@ void seedRandomNumber(void)
 	srandom((unsigned int) x);
 }

-long int randomNumber(void)
+static long int randomInsecureNumber(void)
 {
 	return random();
 }

+#ifdef OS_LINUX
+static int fdURandom = -1;
+void seedRandomNumber(void)
+{
+	fdURandom = open("/dev/urandom", O_RDONLY);
+	if(fdURandom == -1) {
+		LogError(errno, RS_RET_IO_ERROR, "failed to seed random number generation,"
+			" will use fallback (open urandom failed)");
+		seedRandomInsecureNumber();
+	}
+}
+
+long int randomNumber(void)
+{
+	long int ret;
+	if(fdURandom >= 0) {
+		if(read(fdURandom, &ret, sizeof(long int)) == -1) {
+			LogError(errno, RS_RET_IO_ERROR, "failed to generate random number, will"
+				" use fallback (read urandom failed)");
+			ret = randomInsecureNumber();
+		}
+	} else {
+		ret = randomInsecureNumber();
+	}
+	return ret;
+}
+#else
+void seedRandomNumber(void)
+{
+	seedRandomInsecureNumber();
+}
+
+long int randomNumber(void)
+{
+	return randomInsecureNumber();
+}
+#endif
+
 /* vim:set ai:
 */