diff options
| author | Junio C Hamano <gitster@pobox.com> | 2025-01-21 08:44:53 -0800 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2025-01-21 08:44:53 -0800 |
| commit | cb441e1ec3f3cf475d9037a4ce74e8fccd6be7d8 (patch) | |
| tree | 235fe13d72cc2897e498dbdd5d7a9ab0ad7c5415 /wrapper.h | |
| parent | 57ebdd5af4031ddd0e012e68c5e423fd0671ed8c (diff) | |
| parent | 0b4f8afef6b744d5aa92883c5a6c1985be67cc7c (diff) | |
| download | git-cb441e1ec3f3cf475d9037a4ce74e8fccd6be7d8.tar.xz | |
Merge branch 'ps/reftable-get-random-fix'
The code to compute "unique" name used git_rand() which can fail or
get stuck; the callsite does not require cryptographic security.
Introduce the "insecure" mode and use it appropriately.
* ps/reftable-get-random-fix:
reftable/stack: accept insecure random bytes
wrapper: allow generating insecure random bytes
Diffstat (limited to 'wrapper.h')
| -rw-r--r-- | wrapper.h | 16 |
1 files changed, 12 insertions, 4 deletions
@@ -127,18 +127,26 @@ int open_nofollow(const char *path, int flags); void sleep_millisec(int millisec); +enum { + /* + * Accept insecure bytes, which some CSPRNG implementations may return + * in case the entropy pool has been exhausted. + */ + CSPRNG_BYTES_INSECURE = (1 << 0), +}; + /* * Generate len bytes from the system cryptographically secure PRNG. * Returns 0 on success and -1 on error, setting errno. The inability to - * satisfy the full request is an error. + * satisfy the full request is an error. Accepts CSPRNG flags. */ -int csprng_bytes(void *buf, size_t len); +int csprng_bytes(void *buf, size_t len, unsigned flags); /* * Returns a random uint32_t, uniformly distributed across all possible - * values. + * values. Accepts CSPRNG flags. */ -uint32_t git_rand(void); +uint32_t git_rand(unsigned flags); /* Provide log2 of the given `size_t`. */ static inline unsigned log2u(uintmax_t sz) |