05cd988dce
There are many situations in which having access to a cryptographically secure pseudorandom number generator (CSPRNG) is helpful. In the future, we'll encounter one of these when dealing with temporary files. To make this possible, let's add a function which reads from a system CSPRNG and returns some bytes. We know that all systems will have such an interface. A CSPRNG is required for a secure TLS or SSH implementation and a Git implementation which provided neither would be of little practical use. In addition, POSIX is set to standardize getentropy(2) in the next version, so in the (potentially distant) future we can rely on that. For systems which lack one of the other interfaces, we provide the ability to use OpenSSL's CSPRNG. OpenSSL is highly portable and functions on practically every known OS, and we know it will have access to some source of cryptographically secure randomness. We also provide support for the arc4random in libbsd for folks who would prefer to use that. Because this is a security sensitive interface, we take some precautions. We either succeed by filling the buffer completely as we requested, or we fail. We don't return partial data because the caller will almost never find that to be a useful behavior. Specify a makefile knob which users can use to specify one or more suitable CSPRNGs, and turn the multiple string options into a set of defines, since we cannot match on strings in the preprocessor. We allow multiple options to make the job of handling this in autoconf easier. The order of options is important here. On systems with arc4random, which is most of the BSDs, we use that, since, except on MirBSD and macOS, it uses ChaCha20, which is extremely fast, and sits entirely in userspace, avoiding a system call. We then prefer getrandom over getentropy, because the former has been available longer on Linux, and then OpenSSL. Finally, if none of those are available, we use /dev/urandom, because most Unix-like operating systems provide that API. We prefer options that don't involve device files when possible because those work in some restricted environments where device files may not be available. Set the configuration variables appropriately for Linux and the BSDs, including macOS, as well as Windows and NonStop. We specifically only consider versions which receive publicly available security support here. For the same reason, we don't specify getrandom(2) on Linux, because CentOS 7 doesn't support it in glibc (although its kernel does) and we don't want to resort to making syscalls. Finally, add a test helper to allow this to be tested by hand and in tests. We don't add any tests, since invoking the CSPRNG is not likely to produce interesting, reproducible results. Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
84 lines
3.7 KiB
C
84 lines
3.7 KiB
C
#ifndef TEST_TOOL_H
|
|
#define TEST_TOOL_H
|
|
|
|
#define USE_THE_INDEX_COMPATIBILITY_MACROS
|
|
#include "git-compat-util.h"
|
|
|
|
int cmd__advise_if_enabled(int argc, const char **argv);
|
|
int cmd__bitmap(int argc, const char **argv);
|
|
int cmd__bloom(int argc, const char **argv);
|
|
int cmd__chmtime(int argc, const char **argv);
|
|
int cmd__config(int argc, const char **argv);
|
|
int cmd__crontab(int argc, const char **argv);
|
|
int cmd__csprng(int argc, const char **argv);
|
|
int cmd__ctype(int argc, const char **argv);
|
|
int cmd__date(int argc, const char **argv);
|
|
int cmd__delta(int argc, const char **argv);
|
|
int cmd__dir_iterator(int argc, const char **argv);
|
|
int cmd__drop_caches(int argc, const char **argv);
|
|
int cmd__dump_cache_tree(int argc, const char **argv);
|
|
int cmd__dump_fsmonitor(int argc, const char **argv);
|
|
int cmd__dump_split_index(int argc, const char **argv);
|
|
int cmd__dump_untracked_cache(int argc, const char **argv);
|
|
int cmd__dump_reftable(int argc, const char **argv);
|
|
int cmd__example_decorate(int argc, const char **argv);
|
|
int cmd__fast_rebase(int argc, const char **argv);
|
|
int cmd__genrandom(int argc, const char **argv);
|
|
int cmd__genzeros(int argc, const char **argv);
|
|
int cmd__getcwd(int argc, const char **argv);
|
|
int cmd__hashmap(int argc, const char **argv);
|
|
int cmd__hash_speed(int argc, const char **argv);
|
|
int cmd__index_version(int argc, const char **argv);
|
|
int cmd__json_writer(int argc, const char **argv);
|
|
int cmd__lazy_init_name_hash(int argc, const char **argv);
|
|
int cmd__match_trees(int argc, const char **argv);
|
|
int cmd__mergesort(int argc, const char **argv);
|
|
int cmd__mktemp(int argc, const char **argv);
|
|
int cmd__oidmap(int argc, const char **argv);
|
|
int cmd__oidtree(int argc, const char **argv);
|
|
int cmd__online_cpus(int argc, const char **argv);
|
|
int cmd__parse_options(int argc, const char **argv);
|
|
int cmd__parse_pathspec_file(int argc, const char** argv);
|
|
int cmd__partial_clone(int argc, const char **argv);
|
|
int cmd__path_utils(int argc, const char **argv);
|
|
int cmd__pcre2_config(int argc, const char **argv);
|
|
int cmd__pkt_line(int argc, const char **argv);
|
|
int cmd__prio_queue(int argc, const char **argv);
|
|
int cmd__proc_receive(int argc, const char **argv);
|
|
int cmd__progress(int argc, const char **argv);
|
|
int cmd__reach(int argc, const char **argv);
|
|
int cmd__read_cache(int argc, const char **argv);
|
|
int cmd__read_graph(int argc, const char **argv);
|
|
int cmd__read_midx(int argc, const char **argv);
|
|
int cmd__ref_store(int argc, const char **argv);
|
|
int cmd__reftable(int argc, const char **argv);
|
|
int cmd__regex(int argc, const char **argv);
|
|
int cmd__repository(int argc, const char **argv);
|
|
int cmd__revision_walking(int argc, const char **argv);
|
|
int cmd__run_command(int argc, const char **argv);
|
|
int cmd__scrap_cache_tree(int argc, const char **argv);
|
|
int cmd__serve_v2(int argc, const char **argv);
|
|
int cmd__sha1(int argc, const char **argv);
|
|
int cmd__oid_array(int argc, const char **argv);
|
|
int cmd__sha256(int argc, const char **argv);
|
|
int cmd__sigchain(int argc, const char **argv);
|
|
int cmd__simple_ipc(int argc, const char **argv);
|
|
int cmd__strcmp_offset(int argc, const char **argv);
|
|
int cmd__string_list(int argc, const char **argv);
|
|
int cmd__submodule_config(int argc, const char **argv);
|
|
int cmd__submodule_nested_repo_config(int argc, const char **argv);
|
|
int cmd__subprocess(int argc, const char **argv);
|
|
int cmd__trace2(int argc, const char **argv);
|
|
int cmd__userdiff(int argc, const char **argv);
|
|
int cmd__urlmatch_normalization(int argc, const char **argv);
|
|
int cmd__xml_encode(int argc, const char **argv);
|
|
int cmd__wildmatch(int argc, const char **argv);
|
|
#ifdef GIT_WINDOWS_NATIVE
|
|
int cmd__windows_named_pipe(int argc, const char **argv);
|
|
#endif
|
|
int cmd__write_cache(int argc, const char **argv);
|
|
|
|
int cmd_hash_impl(int ac, const char **av, int algo);
|
|
|
|
#endif
|