Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
C
cpython
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
cpython
Commits
27c269a1
Commit
27c269a1
authored
Dec 26, 2014
by
Benjamin Peterson
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
use getentropy when available (backport of 75ede5bec8db) (closes #23115)
parent
a71cfc5c
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
51 additions
and
7 deletions
+51
-7
Lib/test/test_os.py
Lib/test/test_os.py
+7
-0
Misc/NEWS
Misc/NEWS
+3
-0
Python/random.c
Python/random.c
+35
-6
configure
configure
+2
-1
configure.ac
configure.ac
+1
-0
pyconfig.h.in
pyconfig.h.in
+3
-0
No files found.
Lib/test/test_os.py
View file @
27c269a1
...
@@ -9,6 +9,7 @@ import warnings
...
@@ -9,6 +9,7 @@ import warnings
import
sys
import
sys
import
signal
import
signal
import
subprocess
import
subprocess
import
sysconfig
import
time
import
time
try
:
try
:
import
resource
import
resource
...
@@ -567,6 +568,12 @@ class URandomTests (unittest.TestCase):
...
@@ -567,6 +568,12 @@ class URandomTests (unittest.TestCase):
data2
=
self
.
get_urandom_subprocess
(
16
)
data2
=
self
.
get_urandom_subprocess
(
16
)
self
.
assertNotEqual
(
data1
,
data2
)
self
.
assertNotEqual
(
data1
,
data2
)
HAVE_GETENTROPY
=
(
sysconfig
.
get_config_var
(
'HAVE_GETENTROPY'
)
==
1
)
@
unittest
.
skipIf
(
HAVE_GETENTROPY
,
"getentropy() does not use a file descriptor"
)
class
URandomFDTests
(
unittest
.
TestCase
):
@
unittest
.
skipUnless
(
resource
,
"test requires the resource module"
)
@
unittest
.
skipUnless
(
resource
,
"test requires the resource module"
)
def
test_urandom_failure
(
self
):
def
test_urandom_failure
(
self
):
# Check urandom() failing when it is not able to open /dev/random.
# Check urandom() failing when it is not able to open /dev/random.
...
...
Misc/NEWS
View file @
27c269a1
...
@@ -18,6 +18,9 @@ Library
...
@@ -18,6 +18,9 @@ Library
- Issue #23112: Fix SimpleHTTPServer to correctly carry the query string and
- Issue #23112: Fix SimpleHTTPServer to correctly carry the query string and
fragment when it redirects to add a trailing slash.
fragment when it redirects to add a trailing slash.
- Issue #22585: On OpenBSD 5.6 and newer, os.urandom() now calls getentropy(),
instead of reading /dev/urandom, to get pseudo-random bytes.
- Issue #23093: In the io, module allow more operations to work on detached
- Issue #23093: In the io, module allow more operations to work on detached
streams.
streams.
...
...
Python/random.c
View file @
27c269a1
...
@@ -92,8 +92,33 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
...
@@ -92,8 +92,33 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
}
}
return
0
;
return
0
;
}
}
#endif
/* MS_WINDOWS */
#elif HAVE_GETENTROPY
/* Fill buffer with size pseudo-random bytes generated by getentropy().
Return 0 on success, or raise an exception and return -1 on error.
If fatal is nonzero, call Py_FatalError() instead of raising an exception
on error. */
static
int
py_getentropy
(
unsigned
char
*
buffer
,
Py_ssize_t
size
,
int
fatal
)
{
while
(
size
>
0
)
{
Py_ssize_t
len
=
Py_MIN
(
size
,
256
);
int
res
=
getentropy
(
buffer
,
len
);
if
(
res
<
0
)
{
if
(
fatal
)
{
Py_FatalError
(
"getentropy() failed"
);
}
else
{
PyErr_SetFromErrno
(
PyExc_OSError
);
return
-
1
;
}
}
buffer
+=
len
;
size
-=
len
;
}
return
0
;
}
#endif
#ifdef __VMS
#ifdef __VMS
/* Use openssl random routine */
/* Use openssl random routine */
...
@@ -291,6 +316,8 @@ _PyOS_URandom(void *buffer, Py_ssize_t size)
...
@@ -291,6 +316,8 @@ _PyOS_URandom(void *buffer, Py_ssize_t size)
#ifdef MS_WINDOWS
#ifdef MS_WINDOWS
return
win32_urandom
((
unsigned
char
*
)
buffer
,
size
,
1
);
return
win32_urandom
((
unsigned
char
*
)
buffer
,
size
,
1
);
#elif HAVE_GETENTROPY
return
py_getentropy
(
buffer
,
size
,
0
);
#else
#else
# ifdef __VMS
# ifdef __VMS
return
vms_urandom
((
unsigned
char
*
)
buffer
,
size
,
1
);
return
vms_urandom
((
unsigned
char
*
)
buffer
,
size
,
1
);
...
@@ -350,12 +377,12 @@ _PyRandom_Init(void)
...
@@ -350,12 +377,12 @@ _PyRandom_Init(void)
else
{
else
{
#ifdef MS_WINDOWS
#ifdef MS_WINDOWS
(
void
)
win32_urandom
((
unsigned
char
*
)
secret
,
secret_size
,
0
);
(
void
)
win32_urandom
((
unsigned
char
*
)
secret
,
secret_size
,
0
);
#else
/* #ifdef MS_WINDOWS */
#elif __VMS
# ifdef __VMS
vms_urandom
((
unsigned
char
*
)
secret
,
secret_size
,
0
);
vms_urandom
((
unsigned
char
*
)
secret
,
secret_size
,
0
);
# else
#elif HAVE_GETENTROPY
dev_urandom_noraise
((
unsigned
char
*
)
secret
,
secret_size
);
(
void
)
py_getentropy
(
secret
,
secret_size
,
1
);
# endif
#else
dev_urandom_noraise
(
secret
,
secret_size
);
#endif
#endif
}
}
}
}
...
@@ -368,6 +395,8 @@ _PyRandom_Fini(void)
...
@@ -368,6 +395,8 @@ _PyRandom_Fini(void)
CryptReleaseContext
(
hCryptProv
,
0
);
CryptReleaseContext
(
hCryptProv
,
0
);
hCryptProv
=
0
;
hCryptProv
=
0
;
}
}
#elif HAVE_GETENTROPY
/* nothing to clean */
#else
#else
dev_urandom_close
();
dev_urandom_close
();
#endif
#endif
...
...
configure
View file @
27c269a1
...
@@ -10196,7 +10196,8 @@ $as_echo "MACHDEP_OBJS" >&6; }
...
@@ -10196,7 +10196,8 @@ $as_echo "MACHDEP_OBJS" >&6; }
# checks for library functions
# checks for library functions
for
ac_func
in
alarm setitimer getitimer bind_textdomain_codeset
chown
\
for
ac_func
in
alarm setitimer getitimer bind_textdomain_codeset
chown
\
clock confstr ctermid execv fchmod fchown fork fpathconf ftime ftruncate
\
clock confstr ctermid execv fchmod fchown fork fpathconf ftime ftruncate
\
gai_strerror getgroups getlogin getloadavg getpeername getpgid getpid
\
gai_strerror getentropy getgroups getlogin getloadavg getpeername getpgid
\
getpid
\
getpriority getresuid getresgid getpwent getspnam getspent getsid getwd
\
getpriority getresuid getresgid getpwent getspnam getspent getsid getwd
\
initgroups
kill
killpg lchmod lchown lstat
mkfifo mknod
mktime mmap
\
initgroups
kill
killpg lchmod lchown lstat
mkfifo mknod
mktime mmap
\
mremap
nice
pathconf pause plock poll pthread_init
\
mremap
nice
pathconf pause plock poll pthread_init
\
...
...
configure.ac
View file @
27c269a1
...
@@ -2913,6 +2913,7 @@ AC_MSG_RESULT(MACHDEP_OBJS)
...
@@ -2913,6 +2913,7 @@ AC_MSG_RESULT(MACHDEP_OBJS)
AC_CHECK_FUNCS(alarm setitimer getitimer bind_textdomain_codeset chown \
AC_CHECK_FUNCS(alarm setitimer getitimer bind_textdomain_codeset chown \
clock confstr ctermid execv fchmod fchown fork fpathconf ftime ftruncate \
clock confstr ctermid execv fchmod fchown fork fpathconf ftime ftruncate \
gai_strerror getgroups getlogin getloadavg getpeername getpgid getpid \
gai_strerror getgroups getlogin getloadavg getpeername getpgid getpid \
getentropy \
getpriority getresuid getresgid getpwent getspnam getspent getsid getwd \
getpriority getresuid getresgid getpwent getspnam getspent getsid getwd \
initgroups kill killpg lchmod lchown lstat mkfifo mknod mktime mmap \
initgroups kill killpg lchmod lchown lstat mkfifo mknod mktime mmap \
mremap nice pathconf pause plock poll pthread_init \
mremap nice pathconf pause plock poll pthread_init \
...
...
pyconfig.h.in
View file @
27c269a1
...
@@ -280,6 +280,9 @@
...
@@ -280,6 +280,9 @@
/* Define this if you have flockfile(), getc_unlocked(), and funlockfile() */
/* Define this if you have flockfile(), getc_unlocked(), and funlockfile() */
#undef HAVE_GETC_UNLOCKED
#undef HAVE_GETC_UNLOCKED
/* Define to 1 if you have the `getentropy' function. */
#undef HAVE_GETENTROPY
/* Define to 1 if you have the `getgroups' function. */
/* Define to 1 if you have the `getgroups' function. */
#undef HAVE_GETGROUPS
#undef HAVE_GETGROUPS
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment