NetBSD Problem Report #45952

From www@NetBSD.org  Wed Feb  8 18:39:15 2012
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	by www.NetBSD.org (Postfix) with ESMTP id 2927E63D742
	for <gnats-bugs@gnats.NetBSD.org>; Wed,  8 Feb 2012 18:39:15 +0000 (UTC)
Message-Id: <20120208183914.940FE63BD87@www.NetBSD.org>
Date: Wed,  8 Feb 2012 18:39:14 +0000 (UTC)
From: paul_koning@dell.com
Reply-To: paul_koning@dell.com
To: gnats-bugs@NetBSD.org
Subject: arc4random does not automatically reseed
X-Send-Pr-Version: www-1.0

>Number:         45952
>Category:       lib
>Synopsis:       arc4random does not automatically reseed
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Feb 08 18:40:00 +0000 2012
>Closed-Date:    Mon Jul 21 08:19:35 +0000 2014
>Last-Modified:  Mon Jul 21 08:19:35 +0000 2014
>Originator:     Paul Koning
>Release:        V5.0
>Organization:
Dell
>Environment:
n/a
>Description:
arc4random.3 says that "arc4random() reseeds itself periodically from the kernel strong random number generator".

That is not true, as can be seen easily by inspection of arc4random.c.  Instead, the seeding from /dev/urandom is done ONLY at initialization time, never at any other time unless arc4_stir() is called explicitly.

The documented behavior seems to be the better option, so I think of this as a software bug rather than a doc bug.
>How-To-Repeat:
man 3 arc4random
>Fix:

>Release-Note:

>Audit-Trail:
From: "Roy Marples" <roy@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/45952 CVS commit: src/lib/libc/gen
Date: Sat, 7 Jun 2014 20:55:47 +0000

 Module Name:	src
 Committed By:	roy
 Date:		Sat Jun  7 20:55:47 UTC 2014

 Modified Files:
 	src/lib/libc/gen: arc4random.c

 Log Message:
 Re-stir after forking, fixes PR lib/25367.
 Re-stir after consuming 1600000 bytes, fixes PR lib/45952.


 To generate a diff of this commit:
 cvs rdiff -u -r1.21 -r1.22 src/lib/libc/gen/arc4random.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Mon, 21 Jul 2014 08:19:35 +0000
State-Changed-Why:
fixed, thanks


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.