On Fri, May 29, 2020 at 03:51:52PM -0400, Remco Rijnders wrote:
When mutt is not
configured with either of these two libraries, it will now use a built in
PRNG function (the LFSR113 algorithm by Pierre L'Ecuyer) to generate high
quality pseudo random numbers.
fair enough, but you still should try to use a higher-entropy seed.
+u_int32_t mutt_random32 (void)
+{
+#ifdef USE_SSL_OPENSSL
+ #include <openssl/rand.h>
+
*don't* ever #include headers (which you have no contol over) from
within a function!
also, the # should be always on the first column, and indentation would
happen after it:
#if one
# if two
# include <foo.h>
# else
...
(modern compilers don't care, but some editors will still highlight the
"mistake".)
+ if (RAND_bytes(random.randombytes, sizeof(random.randombytes)) != 1) {
+#elif USE_SSL_GNUTLS
+ #include <gnutls/crypto.h>
+
+ if (gnutls_rnd(GNUTLS_RND_NONCE, random.randombytes,
sizeof(random.randombytes)) < 0) {
a tab snuck in here. repeats in a few places. enable whitespace
visualization in your editor. ;)
+/* Initialize the four seeds for the PRNG algorithm, only needed when
+running without OpenSSL or GnuTLS support. */
+void mutt_srandom(void)
+{
+#ifndef USE_SSL
consider #if'ing out the entire function (applies to some others as
well) - maybe the call could be even in the #else branch of some
pre-existing USE_SSL conditional?
