From cedd99f3c6f690bf4474bf3c6ce5f49ffc3a94ab Mon Sep 17 00:00:00 2001
From: Pawel Krawczyk <pawel.krawczyk@hush.com>
Date: Wed, 26 Nov 2014 12:03:07 +0000
Subject: add -Wall

---
 configure.ac | 1 +
 1 file changed, 1 insertion(+)

diff --git a/configure.ac b/configure.ac
index 8f82e3d..f155cfa 100644
--- a/configure.ac
+++ b/configure.ac
@@ -57,6 +57,7 @@ AX_CHECK_COMPILE_FLAG(["-Wl,-z,now"], [AX_APPEND_FLAG(["-Wl,-z,now"],[CFLAGS])],
 AX_CHECK_COMPILE_FLAG(["-fPIE"], [AX_APPEND_FLAG(["-fPIE"],[CFLAGS])], [])
 AX_CHECK_COMPILE_FLAG(["-pie"], [AX_APPEND_FLAG(["-pie"],[CFLAGS])], [])
 AX_APPEND_FLAG(["-O3"],[CFLAGS])
+AX_APPEND_FLAG(["-Wall"],[CFLAGS])
 AX_APPEND_FLAG(["-D_FORTIFY_SOURCE=2"],[CFLAGS])
 
 dnl --------------------------------------------------------------------
-- 
cgit v1.2.3


From dd76c5b7ec14656f6839dd2a38f1e96ff21b9819 Mon Sep 17 00:00:00 2001
From: Pawel Krawczyk <pawel.krawczyk@hush.com>
Date: Wed, 26 Nov 2014 12:03:20 +0000
Subject: rewrite the PRNG logic to use urandom on srand() only and then return
 random() on subsequent calls

---
 libtac/lib/magic.c | 43 +++++++++++++++----------------------------
 1 file changed, 15 insertions(+), 28 deletions(-)

diff --git a/libtac/lib/magic.c b/libtac/lib/magic.c
index 9785314..faf70f0 100644
--- a/libtac/lib/magic.c
+++ b/libtac/lib/magic.c
@@ -28,8 +28,7 @@
 
 #include "magic.h"
 
-static int rfd = -1;	/* fd for /dev/urandom */
-static int magic_inited = 0;
+static int magic_initialised = 0;
 
 /*
  * magic_init - Initialize the magic number generator.
@@ -45,26 +44,24 @@ magic_init()
     long seed;
     struct timeval t;
 
-    if (magic_inited)
+    if (magic_initialised)
         return;
 
-    magic_inited = 1;
-
-    /*
-        try using /dev/urandom
-        also check that it's a character device
-        If it doesn't exist, fallback to other method
-    */
-
+    // try to initialise seed from urandom
     if (!lstat("/dev/urandom", &statbuf) && S_ISCHR(statbuf.st_mode)) {
-        rfd = open("/dev/urandom", O_RDONLY);
-        if (rfd >= 0)
-            return;
-    } 
+        int rfd = open("/dev/urandom", O_RDONLY);
+        if(rfd > 0) {
+            int nb_read = read(rfd, &seed, sizeof(seed));
+        }
+    }
 
+    // add the deterministic data in case urandom failed
     gettimeofday(&t, NULL);
-    seed = gethostid() ^ t.tv_sec ^ t.tv_usec ^ getpid();
+    seed ^= gethostid() ^ t.tv_sec ^ t.tv_usec ^ getpid();
+
+    // finally seed the PRNG
     srandom(seed);
+    magic_initialised = 1;
 }
 
 /*
@@ -73,19 +70,9 @@ magic_init()
 u_int32_t
 magic()
 {
-    magic_init();
-
-    if(rfd > -1) {
-        u_int32_t ret;
-        int nb_read = read(rfd, &ret, sizeof(ret));
-        close(rfd);
+    if(!magic_initialised)
+        magic_init();
 
-        if (nb_read < sizeof(ret)) {
-            /* on read() error fallback to other method */
-            return (u_int32_t)random();
-        }
-        return ret;
-    }
     return (u_int32_t)random();
 }
 
-- 
cgit v1.2.3


From d7210be00481f722a58042b5da8a46b78222bb39 Mon Sep 17 00:00:00 2001
From: Pawel Krawczyk <pawel.krawczyk@hush.com>
Date: Wed, 26 Nov 2014 16:48:17 +0000
Subject: close rfd

---
 libtac/lib/magic.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libtac/lib/magic.c b/libtac/lib/magic.c
index faf70f0..5e27596 100644
--- a/libtac/lib/magic.c
+++ b/libtac/lib/magic.c
@@ -52,6 +52,7 @@ magic_init()
         int rfd = open("/dev/urandom", O_RDONLY);
         if(rfd > 0) {
             int nb_read = read(rfd, &seed, sizeof(seed));
+            close(rfd);
         }
     }
 
-- 
cgit v1.2.3