From af551f6dd038dec067320e888fe8329391df501d Mon Sep 17 00:00:00 2001 From: David Carlier Date: Sun, 15 Jan 2023 12:48:39 +0000 Subject: [PATCH 1/2] random netbsd 10 update finally supporting getrandom syscall properly. --- ext/random/random.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/ext/random/random.c b/ext/random/random.c index cfa32ee0ba14..ffacf03ede8b 100644 --- a/ext/random/random.c +++ b/ext/random/random.c @@ -50,7 +50,8 @@ #if HAVE_SYS_PARAM_H # include -# if (__FreeBSD__ && __FreeBSD_version > 1200000) || (__DragonFly__ && __DragonFly_version >= 500700) || defined(__sun) +# if (__FreeBSD__ && __FreeBSD_version > 1200000) || (__DragonFly__ && __DragonFly_version >= 500700) || \ + defined(__sun) || (defined(__NetBSD__) && __NetBSD_Version__ >= 1000000000) # include # endif #endif @@ -503,12 +504,14 @@ PHPAPI int php_random_bytes(void *bytes, size_t size, bool should_throw) } return FAILURE; } -#elif HAVE_DECL_ARC4RANDOM_BUF && ((defined(__OpenBSD__) && OpenBSD >= 201405) || (defined(__NetBSD__) && __NetBSD_Version__ >= 700000001) || defined(__APPLE__) || defined(__GLIBC__)) +#elif HAVE_DECL_ARC4RANDOM_BUF && ((defined(__OpenBSD__) && OpenBSD >= 201405) || (defined(__NetBSD__) && __NetBSD_Version__ >= 700000001 && __NetBSD_Version__ < 1000000000) || \ + defined(__APPLE__) || defined(__GLIBC__)) arc4random_buf(bytes, size); #else size_t read_bytes = 0; ssize_t n; -# if (defined(__linux__) && defined(SYS_getrandom)) || (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || (defined(__DragonFly__) && __DragonFly_version >= 500700) || defined(__sun) +# if (defined(__linux__) && defined(SYS_getrandom)) || (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || (defined(__DragonFly__) && __DragonFly_version >= 500700) || \ + defined(__sun) || (defined(__NetBSD__) && __NetBSD_Version__ >= 1000000000) /* Linux getrandom(2) syscall or FreeBSD/DragonFlyBSD getrandom(2) function*/ /* Keep reading until we get enough entropy */ while (read_bytes < size) { From 5ca6628dfcf7932bd7babd14689ba8576fdd2f60 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Mon, 16 Jan 2023 19:58:23 +0000 Subject: [PATCH 2/2] adding code doc --- ext/random/random.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/ext/random/random.c b/ext/random/random.c index ffacf03ede8b..b2711a90f6ea 100644 --- a/ext/random/random.c +++ b/ext/random/random.c @@ -506,14 +506,26 @@ PHPAPI int php_random_bytes(void *bytes, size_t size, bool should_throw) } #elif HAVE_DECL_ARC4RANDOM_BUF && ((defined(__OpenBSD__) && OpenBSD >= 201405) || (defined(__NetBSD__) && __NetBSD_Version__ >= 700000001 && __NetBSD_Version__ < 1000000000) || \ defined(__APPLE__) || defined(__GLIBC__)) + /* + * OpenBSD until there is a valid equivalent + * or NetBSD before the 10.x release + * falls back to arc4random_buf + * giving a decent output, the main benefit + * is being (relatively) failsafe. + * Older macOs releases fall also into this + * category for reasons explained above. + */ arc4random_buf(bytes, size); #else size_t read_bytes = 0; ssize_t n; # if (defined(__linux__) && defined(SYS_getrandom)) || (defined(__FreeBSD__) && __FreeBSD_version >= 1200000) || (defined(__DragonFly__) && __DragonFly_version >= 500700) || \ defined(__sun) || (defined(__NetBSD__) && __NetBSD_Version__ >= 1000000000) - /* Linux getrandom(2) syscall or FreeBSD/DragonFlyBSD getrandom(2) function*/ - /* Keep reading until we get enough entropy */ + /* Linux getrandom(2) syscall or FreeBSD/DragonFlyBSD/NetBSD getrandom(2) function + * Being a syscall, implemented in the kernel, getrandom offers higher quality output + * compared to the arc4random api albeit a fallback to /dev/urandom is considered. + * Keep reading until we get enough entropy + */ while (read_bytes < size) { errno = 0;