Hello Simon & the mailing list.
This is a series of patches related to randomness in dnsmasq.
It started with me noticing something lookking like entropy reuse
in rand64() and escalated quickly towards replacing SURF random
generator with ChaCha8 while I was working on other patches.
ChaCha8 is faster & smaller than SURF and, I assume, it's equally good
for this use-case.
I'm submitting these patches as a patch train hoping that it eases
review as the patches deal with a one issue at a time.
Leonid Evdokimov (6):
Fix -Wshadow: rand64() was mistakenly using its own counter O_o
Make in128++ branchless in SURF rand()
Use getentropy() if possible to reduce code duplication a bit
Rekey PRNG on fork() to avoid sharing PRNG state and/or leaking it
Reseed with getentropy() ~hourly to avoid low-entropy on boot
Use ChaCha8-based {rand16,rand32,rand64}
Makefile | 1 +
src/charand.c | 193 +++++++++++++++++++++++++++++++++++++++++++
src/charand.h | 42 ++++++++++
src/config.h | 8 ++
src/dnsmasq.c | 16 ++--
src/dnsmasq.h | 11 ++-
src/hash-questions.c | 2 +
src/helper.c | 4 +-
src/util.c | 98 +++++-----------------
9 files changed, 288 insertions(+), 87 deletions(-)
create mode 100644 src/charand.c
create mode 100644 src/charand.h
--
2.34.1
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
