1 files changed, 129 insertions, 80 deletions

diff --git a/Python/random.c b/Python/random.c
index 337be86087..af3d0bd0d5 100644
--- a/Python/random.c
+++ b/Python/random.c
@@ -3,6 +3,9 @@
 #include <windows.h>
 #else
 #include <fcntl.h>
+#ifdef HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
 #endif
 
 #ifdef Py_DEBUG
@@ -12,43 +15,14 @@ static int _Py_HashSecret_Initialized = 0;
 #endif
 
 #ifdef MS_WINDOWS
-typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTA)(HCRYPTPROV *phProv,\
-              LPCSTR pszContainer, LPCSTR pszProvider, DWORD dwProvType,\
-              DWORD dwFlags );
-typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV hProv, DWORD dwLen,\
-              BYTE *pbBuffer );
-
-static CRYPTGENRANDOM pCryptGenRandom = NULL;
-/* This handle is never explicitly released. Instead, the operating
-   system will release it when the process terminates. */
 static HCRYPTPROV hCryptProv = 0;
 
 static int
 win32_urandom_init(int raise)
 {
-    HINSTANCE hAdvAPI32 = NULL;
-    CRYPTACQUIRECONTEXTA pCryptAcquireContext = NULL;
-
-    /* Obtain handle to the DLL containing CryptoAPI. This should not fail. */
-    hAdvAPI32 = GetModuleHandle("advapi32.dll");
-    if(hAdvAPI32 == NULL)
-        goto error;
-
-    /* Obtain pointers to the CryptoAPI functions. This will fail on some early
-       versions of Win95. */
-    pCryptAcquireContext = (CRYPTACQUIRECONTEXTA)GetProcAddress(
-                               hAdvAPI32, "CryptAcquireContextA");
-    if (pCryptAcquireContext == NULL)
-        goto error;
-
-    pCryptGenRandom = (CRYPTGENRANDOM)GetProcAddress(hAdvAPI32,
-                                                     "CryptGenRandom");
-    if (pCryptGenRandom == NULL)
-        goto error;
-
     /* Acquire context */
-    if (! pCryptAcquireContext(&hCryptProv, NULL, NULL,
-                               PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
+    if (!CryptAcquireContext(&hCryptProv, NULL, NULL,
+                             PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
         goto error;
 
     return 0;
@@ -62,7 +36,7 @@ error:
 }
 
 /* Fill buffer with size pseudo-random bytes generated by the Windows CryptoGen
-   API. Return 0 on success, or -1 on error. */
+   API. Return 0 on success, or raise an exception and return -1 on error. */
 static int
 win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
 {
@@ -77,7 +51,7 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
     while (size > 0)
     {
         chunk = size > INT_MAX ? INT_MAX : size;
-        if (!pCryptGenRandom(hCryptProv, chunk, buffer))
+        if (!CryptGenRandom(hCryptProv, (DWORD)chunk, buffer))
         {
             /* CryptGenRandom() failed */
             if (raise)
@@ -92,43 +66,64 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
     }
     return 0;
 }
-#endif /* MS_WINDOWS */
 
+/* Issue #25003: Don' use getentropy() on Solaris (available since
+ * Solaris 11.3), it is blocking whereas os.urandom() should not block. */
+#elif defined(HAVE_GETENTROPY) && !defined(sun)
+#define PY_GETENTROPY 1
+
+/* Fill buffer with size pseudo-random bytes generated by getentropy().
+   Return 0 on success, or raise an exception and return -1 on error.
 
-#ifdef __VMS
-/* Use openssl random routine */
-#include <openssl/rand.h>
+   If fatal is nonzero, call Py_FatalError() instead of raising an exception
+   on error. */
 static int
-vms_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
+py_getentropy(unsigned char *buffer, Py_ssize_t size, int fatal)
 {
-    if (RAND_pseudo_bytes(buffer, size) < 0) {
-        if (raise) {
-            PyErr_Format(PyExc_ValueError,
-                         "RAND_pseudo_bytes");
-        } else {
-            Py_FatalError("Failed to initialize the randomized hash "
-                          "secret using RAND_pseudo_bytes");
+    while (size > 0) {
+        Py_ssize_t len = Py_MIN(size, 256);
+        int res;
+
+        if (!fatal) {
+            Py_BEGIN_ALLOW_THREADS
+            res = getentropy(buffer, len);
+            Py_END_ALLOW_THREADS
+
+            if (res < 0) {
+                PyErr_SetFromErrno(PyExc_OSError);
+                return -1;
+            }
         }
-        return -1;
+        else {
+            res = getentropy(buffer, len);
+            if (res < 0)
+                Py_FatalError("getentropy() failed");
+        }
+
+        buffer += len;
+        size -= len;
     }
     return 0;
 }
-#endif /* __VMS */
 
-
-#if !defined(MS_WINDOWS) && !defined(__VMS)
+#else
+static struct {
+    int fd;
+    dev_t st_dev;
+    ino_t st_ino;
+} urandom_cache = { -1 };
 
 /* Read size bytes from /dev/urandom into buffer.
    Call Py_FatalError() on error. */
 static void
-dev_urandom_noraise(char *buffer, Py_ssize_t size)
+dev_urandom_noraise(unsigned char *buffer, Py_ssize_t size)
 {
     int fd;
     Py_ssize_t n;
 
     assert (0 < size);
 
-    fd = open("/dev/urandom", O_RDONLY);
+    fd = _Py_open("/dev/urandom", O_RDONLY);
     if (fd < 0)
         Py_FatalError("Failed to open /dev/urandom");
 
@@ -156,22 +151,56 @@ dev_urandom_python(char *buffer, Py_ssize_t size)
 {
     int fd;
     Py_ssize_t n;
+    struct stat st;
 
     if (size <= 0)
         return 0;
 
-    Py_BEGIN_ALLOW_THREADS
-    fd = open("/dev/urandom", O_RDONLY);
-    Py_END_ALLOW_THREADS
-    if (fd < 0)
-    {
-        if (errno == ENOENT || errno == ENXIO ||
-            errno == ENODEV || errno == EACCES)
-            PyErr_SetString(PyExc_NotImplementedError,
-                            "/dev/urandom (or equivalent) not found");
-        else
-            PyErr_SetFromErrno(PyExc_OSError);
-        return -1;
+    if (urandom_cache.fd >= 0) {
+        /* Does the fd point to the same thing as before? (issue #21207) */
+        if (fstat(urandom_cache.fd, &st)
+            || st.st_dev != urandom_cache.st_dev
+            || st.st_ino != urandom_cache.st_ino) {
+            /* Something changed: forget the cached fd (but don't close it,
+               since it probably points to something important for some
+               third-party code). */
+            urandom_cache.fd = -1;
+        }
+    }
+    if (urandom_cache.fd >= 0)
+        fd = urandom_cache.fd;
+    else {
+        Py_BEGIN_ALLOW_THREADS
+        fd = _Py_open("/dev/urandom", O_RDONLY);
+        Py_END_ALLOW_THREADS
+        if (fd < 0)
+        {
+            if (errno == ENOENT || errno == ENXIO ||
+                errno == ENODEV || errno == EACCES)
+                PyErr_SetString(PyExc_NotImplementedError,
+                                "/dev/urandom (or equivalent) not found");
+            else
+                PyErr_SetFromErrno(PyExc_OSError);
+            return -1;
+        }
+        if (urandom_cache.fd >= 0) {
+            /* urandom_fd was initialized by another thread while we were
+               not holding the GIL, keep it. */
+            close(fd);
+            fd = urandom_cache.fd;
+        }
+        else {
+            if (fstat(fd, &st)) {
+                PyErr_SetFromErrno(PyExc_OSError);
+                close(fd);
+                return -1;
+            }
+            else {
+                urandom_cache.fd = fd;
+                urandom_cache.st_dev = st.st_dev;
+                urandom_cache.st_ino = st.st_ino;
+            }
+        }
     }
 
     Py_BEGIN_ALLOW_THREADS
@@ -195,13 +224,21 @@ dev_urandom_python(char *buffer, Py_ssize_t size)
             PyErr_Format(PyExc_RuntimeError,
                          "Failed to read %zi bytes from /dev/urandom",
                          size);
-        close(fd);
         return -1;
     }
-    close(fd);
     return 0;
 }
-#endif /* !defined(MS_WINDOWS) && !defined(__VMS) */
+
+static void
+dev_urandom_close(void)
+{
+    if (urandom_cache.fd >= 0) {
+        close(urandom_cache.fd);
+        urandom_cache.fd = -1;
+    }
+}
+
+#endif /* HAVE_GETENTROPY */
 
 /* Fill buffer with pseudo-random bytes generated by a linear congruent
    generator (LCG):
@@ -225,7 +262,7 @@ lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)
 }
 
 /* Fill buffer with size pseudo-random bytes from the operating system random
-   number generator (RNG). It is suitable for for most cryptographic purposes
+   number generator (RNG). It is suitable for most cryptographic purposes
    except long living private keys for asymmetric encryption.
 
    Return 0 on success, raise an exception and return -1 on error. */
@@ -242,12 +279,10 @@ _PyOS_URandom(void *buffer, Py_ssize_t size)
 
 #ifdef MS_WINDOWS
     return win32_urandom((unsigned char *)buffer, size, 1);
+#elif defined(PY_GETENTROPY)
+    return py_getentropy(buffer, size, 0);
 #else
-# ifdef __VMS
-    return vms_urandom((unsigned char *)buffer, size, 1);
-# else
     return dev_urandom_python((char*)buffer, size);
-# endif
 #endif
 }
 
@@ -255,8 +290,9 @@ void
 _PyRandom_Init(void)
 {
     char *env;
-    void *secret = &_Py_HashSecret;
+    unsigned char *secret = (unsigned char *)&_Py_HashSecret.uc;
     Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);
+    assert(secret_size == sizeof(_Py_HashSecret.uc));
 
     if (_Py_HashSecret_Initialized)
         return;
@@ -284,18 +320,31 @@ _PyRandom_Init(void)
             memset(secret, 0, secret_size);
         }
         else {
-            lcg_urandom(seed, (unsigned char*)secret, secret_size);
+            lcg_urandom(seed, secret, secret_size);
         }
     }
     else {
 #ifdef MS_WINDOWS
-        (void)win32_urandom((unsigned char *)secret, secret_size, 0);
-#else /* #ifdef MS_WINDOWS */
-# ifdef __VMS
-        vms_urandom((unsigned char *)secret, secret_size, 0);
-# else
-        dev_urandom_noraise((char*)secret, secret_size);
-# endif
+        (void)win32_urandom(secret, secret_size, 0);
+#elif defined(PY_GETENTROPY)
+        (void)py_getentropy(secret, secret_size, 1);
+#else
+        dev_urandom_noraise(secret, secret_size);
 #endif
     }
 }
+
+void
+_PyRandom_Fini(void)
+{
+#ifdef MS_WINDOWS
+    if (hCryptProv) {
+        CryptReleaseContext(hCryptProv, 0);
+        hCryptProv = 0;
+    }
+#elif defined(PY_GETENTROPY)
+    /* nothing to clean */
+#else
+    dev_urandom_close();
+#endif
+}