diff options
author | June McEnroe <june@causal.agency> | 2021-09-02 17:44:42 -0400 |
---|---|---|
committer | June McEnroe <june@causal.agency> | 2021-09-02 17:44:42 -0400 |
commit | 2ffea78176d5d761be9f0cecd5ba646aed2945b2 (patch) | |
tree | 635e1b325426207ffa1a1dfc3b401c85b2f42dcb | |
parent | Separate stateSync intro messages (diff) | |
download | pounce-2ffea78176d5d761be9f0cecd5ba646aed2945b2.tar.gz pounce-2ffea78176d5d761be9f0cecd5ba646aed2945b2.zip |
Read from /dev/urandom instead of using getentropy(3)
getentropy(3) is kind of an awkward function. May as well be generic as possible and read some random bytes from /dev/urandom, since for -x we don't really need to worry about being in some execution environment where that's unavailable. I'm also happy to remove that special-case include for macOS since its crypt(3) isn't even usable anyway.
-rw-r--r-- | bounce.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/bounce.c b/bounce.c index d135f97..af7f510 100644 --- a/bounce.c +++ b/bounce.c @@ -51,11 +51,6 @@ #include <sys/capsicum.h> #endif -// For getentropy(2): -#ifdef __APPLE__ -#include <sys/random.h> -#endif - #ifndef SIGINFO #define SIGINFO SIGUSR2 #endif @@ -587,12 +582,13 @@ static void hashPass(void) { #else static void hashPass(void) { byte rand[12]; - int error = getentropy(rand, sizeof(rand)); - if (error) err(EX_OSERR, "getentropy"); - + FILE *file = fopen("/dev/urandom", "r"); + if (!file) err(EX_OSFILE, "/dev/urandom"); + size_t n = fread(rand, sizeof(rand), 1, file); + if (!n) err(EX_IOERR, "/dev/urandom"); + fclose(file); char salt[3 + BASE64_SIZE(sizeof(rand))] = "$6$"; base64(&salt[3], rand, sizeof(rand)); - char *pass = getpass("Password: "); printf("%s\n", crypt(pass, salt)); } |