It reduces binary by ~80 bytes on x86_64 :-)
---
src/config.h | 8 ++++++++
src/util.c | 25 ++++++++++++++++++-------
2 files changed, 26 insertions(+), 7 deletions(-)
diff --git src/config.h src/config.h
index e722e986..b86a53f3 100644
--- src/config.h
+++ src/config.h
@@ -144,6 +144,9 @@ HAVE_LOOP
HAVE_INOTIFY
use the Linux inotify facility to efficiently re-read configuration files.
+HAVE_GETENTROPY
+ use getentropy() call instead of RANDFILE. It is non-standard by widely
available.
+
NO_ID
Don't report *.bind CHAOS info to clients, forward such requests upstream
instead.
NO_TFTP
@@ -187,6 +190,7 @@ RESOLVFILE
#define HAVE_IPSET
#define HAVE_LOOP
#define HAVE_DUMPFILE
+#define HAVE_GETENTROPY
/* Build options which require external libraries.
@@ -362,6 +366,10 @@ HAVE_SOCKADDR_SA_LEN
#undef HAVE_DUMPFILE
#endif
+#ifdef NO_GETENTROPY
+#undef HAVE_GETENTROPY
+#endif
+
#if defined (HAVE_LINUX_NETWORK) && !defined(NO_INOTIFY)
#define HAVE_INOTIFY
#endif
diff --git src/util.c src/util.c
index c27d77c4..71b1dd57 100644
--- src/util.c
+++ src/util.c
@@ -34,6 +34,23 @@
#include <sys/utsname.h>
#endif
+#ifndef HAVE_GETENTROPY
+// Non-standard libc getentropy() might use getrandom() avoiding filesystem
access, that's great
+// for jails and chroots. However, a fallback implemetation is required for
older systems that have
+// no getentropy() in libc. Also, getentropy() might block if the kernel has
not initialized random
+// pool yet. However, dnsmasq is never started that early during the OpenWRT
boot process (at least).
+#define getentropy(a, b) getentropy_fallback(a, b)
+static int getentropy_fallback(void *buffer, size_t length)
+{
+ const int fd = open(RANDFILE, O_RDONLY);
+ if (fd == -1)
+ return -1;
+ const int okay = read_write(fd, buffer, length, 1);
+ close(fd);
+ return okay ? 0 : -1;
+}
+#endif // HAVE_GETENTROPY
+
/* SURF random number generator */
static u32 seed[32];
@@ -43,14 +60,8 @@ static int outleft = 0;
void rand_init()
{
- int fd = open(RANDFILE, O_RDONLY);
-
- if (fd == -1 ||
- !read_write(fd, (unsigned char *)&seed, sizeof(seed), 1) ||
- !read_write(fd, (unsigned char *)&in, sizeof(in), 1))
+ if (getentropy(&seed, sizeof(seed)) + getentropy(&in, sizeof(in)) < 0)
die(_("failed to seed the random number generator: %s"), NULL, EC_MISC);
-
- close(fd);
}
#define ROTATE(x,b) (((x) << (b)) | ((x) >> (32 - (b))))
--
2.34.1
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
