Module Name: src Committed By: msaitoh Date: Fri Mar 29 00:46:59 UTC 2013
Modified Files: src/sys/kern [netbsd-6-0]: subr_cprng.c Log Message: Pull up following revision(s) (requested by tls in ticket #859): sys/kern/subr_cprng.c: revision 1.16 Re-fix 'fix' for SA-2013-003. Because the original fix evaluated a flag backwards, in low-entropy conditions there was a time interval in which /dev/urandom could still output bits on an unacceptably short key. Output from /dev/random was *NOT* impacted. Eliminate the flag in question -- it's safest to always fill the requested key buffer with output from the entropy-pool, even if we let the caller know we couldn't provide bytes with the full entropy it requested. Advisory will be updated soon with a full worst-case analysis of the /dev/urandom output path in the presence of either variant of the SA-2013-003 bug. Fortunately, because a large amount of other input is mixed in before users can obtain any output, it doesn't look as dangerous in practice as I'd feared it might be. To generate a diff of this commit: cvs rdiff -u -r1.5.2.3.4.1 -r1.5.2.3.4.2 src/sys/kern/subr_cprng.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.