Fix PRNG seeding to resist guessing
We seed it with value of time(). It's the traditional way, but it
provides only a few bits of effective entropy when an attacker has a
rough idea when the program started.
Instead, seed with a kernel random number. If we can't get one, fall
back to a hash of gettimeofday() and getpid(). This should happen
only on old systems or Windows. Far worse than a kernel random
number, but far better than using time().
Note that fairland used to seed with time() + getpid() until commit
331aac2a (v4.2.20) dropped the getpid(), claiming it didn't improve
the randomness. Perhaps it didn't under Windows then, but it
certainly did elsewhere, so it was a regression.
This commit is contained in:
parent
39c26f4238
commit
9102ecce54
4 changed files with 68 additions and 2 deletions
|
|
@ -39,5 +39,6 @@ extern int roll0(int);
|
|||
extern int roll(int);
|
||||
extern int roundavg(double);
|
||||
extern void seed_prng(unsigned);
|
||||
extern unsigned pick_seed(void);
|
||||
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue