git.openwrt.org Git - project/odhcpd.git/commit

author	David Härdeman <[email protected]>
	Mon, 20 Oct 2025 20:57:52 +0000 (22:57 +0200)
committer	Álvaro Fernández Rojas <[email protected]>
	Wed, 22 Oct 2025 07:08:59 +0000 (09:08 +0200)
commit	e1e60601ffeb8ef68c82bc349ab16a9633715da5
tree	438ce560fe0ad03076375e5f245af43c7d5a4e14	tree \| snapshot
parent	c2eb4b59f107f1e2e0285e4d2d50235e95c90922	commit \| diff

odhcpd: improve odhcpd_urandom()

First, note that not a single caller checks the return value - which is
quite reasonable. What are they supposed to do with a failure?

Second, none of the callers do anything that's *really*
security-sensitive, the closest we have is the force reconf nonce, and
that is blorted out over the network, so it's really a best-effort kind
of thing.

Third, odhcpd_urandom() currently doesn't check if it e.g. got
interrupted by a signal.

So, simplify and modernize this a bit by using getrandom(), which allows
us to skip one fd, and which avoids syscalls by using the vDSO approach
instead. Also, check for things like signal interrupts (don't really
happen on calls for entropy < 256 bytes, but still). And make a
reasonable effort, but not much more.

Signed-off-by: David Härdeman <[email protected]>
Link: https://github.com/openwrt/odhcpd/pull/285
Signed-off-by: Álvaro Fernández Rojas <[email protected]>

src/odhcpd.c		diff \| blob \| history
src/odhcpd.h		diff \| blob \| history