--- /dev/null
+#include "Python.h"\r
+#ifdef MS_WINDOWS\r
+#include <windows.h>\r
+#else\r
+#include <fcntl.h>\r
+#endif\r
+\r
+#ifdef Py_DEBUG\r
+int _Py_HashSecret_Initialized = 0;\r
+#else\r
+static int _Py_HashSecret_Initialized = 0;\r
+#endif\r
+\r
+#ifdef MS_WINDOWS\r
+typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTA)(HCRYPTPROV *phProv,\\r
+ LPCSTR pszContainer, LPCSTR pszProvider, DWORD dwProvType,\\r
+ DWORD dwFlags );\r
+typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV hProv, DWORD dwLen,\\r
+ BYTE *pbBuffer );\r
+\r
+static CRYPTGENRANDOM pCryptGenRandom = NULL;\r
+/* This handle is never explicitly released. Instead, the operating\r
+ system will release it when the process terminates. */\r
+static HCRYPTPROV hCryptProv = 0;\r
+\r
+static int\r
+win32_urandom_init(int raise)\r
+{\r
+ HINSTANCE hAdvAPI32 = NULL;\r
+ CRYPTACQUIRECONTEXTA pCryptAcquireContext = NULL;\r
+\r
+ /* Obtain handle to the DLL containing CryptoAPI. This should not fail. */\r
+ hAdvAPI32 = GetModuleHandle("advapi32.dll");\r
+ if(hAdvAPI32 == NULL)\r
+ goto error;\r
+\r
+ /* Obtain pointers to the CryptoAPI functions. This will fail on some early\r
+ versions of Win95. */\r
+ pCryptAcquireContext = (CRYPTACQUIRECONTEXTA)GetProcAddress(\r
+ hAdvAPI32, "CryptAcquireContextA");\r
+ if (pCryptAcquireContext == NULL)\r
+ goto error;\r
+\r
+ pCryptGenRandom = (CRYPTGENRANDOM)GetProcAddress(hAdvAPI32,\r
+ "CryptGenRandom");\r
+ if (pCryptGenRandom == NULL)\r
+ goto error;\r
+\r
+ /* Acquire context */\r
+ if (! pCryptAcquireContext(&hCryptProv, NULL, NULL,\r
+ PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))\r
+ goto error;\r
+\r
+ return 0;\r
+\r
+error:\r
+ if (raise)\r
+ PyErr_SetFromWindowsErr(0);\r
+ else\r
+ Py_FatalError("Failed to initialize Windows random API (CryptoGen)");\r
+ return -1;\r
+}\r
+\r
+/* Fill buffer with size pseudo-random bytes generated by the Windows CryptoGen\r
+ API. Return 0 on success, or -1 on error. */\r
+static int\r
+win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)\r
+{\r
+ Py_ssize_t chunk;\r
+\r
+ if (hCryptProv == 0)\r
+ {\r
+ if (win32_urandom_init(raise) == -1)\r
+ return -1;\r
+ }\r
+\r
+ while (size > 0)\r
+ {\r
+ chunk = size > INT_MAX ? INT_MAX : size;\r
+ if (!pCryptGenRandom(hCryptProv, chunk, buffer))\r
+ {\r
+ /* CryptGenRandom() failed */\r
+ if (raise)\r
+ PyErr_SetFromWindowsErr(0);\r
+ else\r
+ Py_FatalError("Failed to initialized the randomized hash "\r
+ "secret using CryptoGen)");\r
+ return -1;\r
+ }\r
+ buffer += chunk;\r
+ size -= chunk;\r
+ }\r
+ return 0;\r
+}\r
+\r
+#elif HAVE_GETENTROPY\r
+/* Fill buffer with size pseudo-random bytes generated by getentropy().\r
+ Return 0 on success, or raise an exception and return -1 on error.\r
+ If fatal is nonzero, call Py_FatalError() instead of raising an exception\r
+ on error. */\r
+static int\r
+py_getentropy(unsigned char *buffer, Py_ssize_t size, int fatal)\r
+{\r
+ while (size > 0) {\r
+ Py_ssize_t len = size < 256 ? size : 256;\r
+ int res;\r
+\r
+ if (!fatal) {\r
+ Py_BEGIN_ALLOW_THREADS\r
+ res = getentropy(buffer, len);\r
+ Py_END_ALLOW_THREADS\r
+\r
+ if (res < 0) {\r
+ PyErr_SetFromErrno(PyExc_OSError);\r
+ return -1;\r
+ }\r
+ }\r
+ else {\r
+ res = getentropy(buffer, len);\r
+ if (res < 0)\r
+ Py_FatalError("getentropy() failed");\r
+ }\r
+\r
+ buffer += len;\r
+ size -= len;\r
+ }\r
+ return 0;\r
+}\r
+#endif\r
+\r
+#ifdef __VMS\r
+/* Use openssl random routine */\r
+#include <openssl/rand.h>\r
+static int\r
+vms_urandom(unsigned char *buffer, Py_ssize_t size, int raise)\r
+{\r
+ if (RAND_pseudo_bytes(buffer, size) < 0) {\r
+ if (raise) {\r
+ PyErr_Format(PyExc_ValueError,\r
+ "RAND_pseudo_bytes");\r
+ } else {\r
+ Py_FatalError("Failed to initialize the randomized hash "\r
+ "secret using RAND_pseudo_bytes");\r
+ }\r
+ return -1;\r
+ }\r
+ return 0;\r
+}\r
+#endif /* __VMS */\r
+\r
+\r
+#if !defined(MS_WINDOWS) && !defined(__VMS)\r
+\r
+static struct {\r
+ int fd;\r
+ dev_t st_dev;\r
+ ino_t st_ino;\r
+} urandom_cache = { -1 };\r
+\r
+/* Read size bytes from /dev/urandom into buffer.\r
+ Call Py_FatalError() on error. */\r
+static void\r
+dev_urandom_noraise(unsigned char *buffer, Py_ssize_t size)\r
+{\r
+ int fd;\r
+ Py_ssize_t n;\r
+\r
+ assert (0 < size);\r
+\r
+ fd = open("/dev/urandom", O_RDONLY);\r
+ if (fd < 0)\r
+ Py_FatalError("Failed to open /dev/urandom");\r
+\r
+ while (0 < size)\r
+ {\r
+ do {\r
+ n = read(fd, buffer, (size_t)size);\r
+ } while (n < 0 && errno == EINTR);\r
+ if (n <= 0)\r
+ {\r
+ /* stop on error or if read(size) returned 0 */\r
+ Py_FatalError("Failed to read bytes from /dev/urandom");\r
+ break;\r
+ }\r
+ buffer += n;\r
+ size -= (Py_ssize_t)n;\r
+ }\r
+ close(fd);\r
+}\r
+\r
+/* Read size bytes from /dev/urandom into buffer.\r
+ Return 0 on success, raise an exception and return -1 on error. */\r
+static int\r
+dev_urandom_python(char *buffer, Py_ssize_t size)\r
+{\r
+ int fd;\r
+ Py_ssize_t n;\r
+ struct stat st;\r
+ int attr;\r
+\r
+ if (size <= 0)\r
+ return 0;\r
+\r
+ if (urandom_cache.fd >= 0) {\r
+ /* Does the fd point to the same thing as before? (issue #21207) */\r
+ if (fstat(urandom_cache.fd, &st)\r
+ || st.st_dev != urandom_cache.st_dev\r
+ || st.st_ino != urandom_cache.st_ino) {\r
+ /* Something changed: forget the cached fd (but don't close it,\r
+ since it probably points to something important for some\r
+ third-party code). */\r
+ urandom_cache.fd = -1;\r
+ }\r
+ }\r
+ if (urandom_cache.fd >= 0)\r
+ fd = urandom_cache.fd;\r
+ else {\r
+ Py_BEGIN_ALLOW_THREADS\r
+ fd = open("/dev/urandom", O_RDONLY);\r
+ Py_END_ALLOW_THREADS\r
+ if (fd < 0)\r
+ {\r
+ if (errno == ENOENT || errno == ENXIO ||\r
+ errno == ENODEV || errno == EACCES)\r
+ PyErr_SetString(PyExc_NotImplementedError,\r
+ "/dev/urandom (or equivalent) not found");\r
+ else\r
+ PyErr_SetFromErrno(PyExc_OSError);\r
+ return -1;\r
+ }\r
+\r
+ /* try to make the file descriptor non-inheritable, ignore errors */\r
+ attr = fcntl(fd, F_GETFD);\r
+ if (attr >= 0) {\r
+ attr |= FD_CLOEXEC;\r
+ (void)fcntl(fd, F_SETFD, attr);\r
+ }\r
+\r
+ if (urandom_cache.fd >= 0) {\r
+ /* urandom_fd was initialized by another thread while we were\r
+ not holding the GIL, keep it. */\r
+ close(fd);\r
+ fd = urandom_cache.fd;\r
+ }\r
+ else {\r
+ if (fstat(fd, &st)) {\r
+ PyErr_SetFromErrno(PyExc_OSError);\r
+ close(fd);\r
+ return -1;\r
+ }\r
+ else {\r
+ urandom_cache.fd = fd;\r
+ urandom_cache.st_dev = st.st_dev;\r
+ urandom_cache.st_ino = st.st_ino;\r
+ }\r
+ }\r
+ }\r
+\r
+ Py_BEGIN_ALLOW_THREADS\r
+ do {\r
+ do {\r
+ n = read(fd, buffer, (size_t)size);\r
+ } while (n < 0 && errno == EINTR);\r
+ if (n <= 0)\r
+ break;\r
+ buffer += n;\r
+ size -= (Py_ssize_t)n;\r
+ } while (0 < size);\r
+ Py_END_ALLOW_THREADS\r
+\r
+ if (n <= 0)\r
+ {\r
+ /* stop on error or if read(size) returned 0 */\r
+ if (n < 0)\r
+ PyErr_SetFromErrno(PyExc_OSError);\r
+ else\r
+ PyErr_Format(PyExc_RuntimeError,\r
+ "Failed to read %zi bytes from /dev/urandom",\r
+ size);\r
+ return -1;\r
+ }\r
+ return 0;\r
+}\r
+\r
+static void\r
+dev_urandom_close(void)\r
+{\r
+ if (urandom_cache.fd >= 0) {\r
+ close(urandom_cache.fd);\r
+ urandom_cache.fd = -1;\r
+ }\r
+}\r
+\r
+\r
+#endif /* !defined(MS_WINDOWS) && !defined(__VMS) */\r
+\r
+/* Fill buffer with pseudo-random bytes generated by a linear congruent\r
+ generator (LCG):\r
+\r
+ x(n+1) = (x(n) * 214013 + 2531011) % 2^32\r
+\r
+ Use bits 23..16 of x(n) to generate a byte. */\r
+static void\r
+lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)\r
+{\r
+ size_t index;\r
+ unsigned int x;\r
+\r
+ x = x0;\r
+ for (index=0; index < size; index++) {\r
+ x *= 214013;\r
+ x += 2531011;\r
+ /* modulo 2 ^ (8 * sizeof(int)) */\r
+ buffer[index] = (x >> 16) & 0xff;\r
+ }\r
+}\r
+\r
+/* Fill buffer with size pseudo-random bytes from the operating system random\r
+ number generator (RNG). It is suitable for most cryptographic purposes\r
+ except long living private keys for asymmetric encryption.\r
+\r
+ Return 0 on success, raise an exception and return -1 on error. */\r
+int\r
+_PyOS_URandom(void *buffer, Py_ssize_t size)\r
+{\r
+ if (size < 0) {\r
+ PyErr_Format(PyExc_ValueError,\r
+ "negative argument not allowed");\r
+ return -1;\r
+ }\r
+ if (size == 0)\r
+ return 0;\r
+\r
+#ifdef MS_WINDOWS\r
+ return win32_urandom((unsigned char *)buffer, size, 1);\r
+#elif HAVE_GETENTROPY\r
+ return py_getentropy(buffer, size, 0);\r
+#else\r
+# ifdef __VMS\r
+ return vms_urandom((unsigned char *)buffer, size, 1);\r
+# else\r
+ return dev_urandom_python((char*)buffer, size);\r
+# endif\r
+#endif\r
+}\r
+\r
+void\r
+_PyRandom_Init(void)\r
+{\r
+ char *env;\r
+ void *secret = &_Py_HashSecret;\r
+ Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);\r
+\r
+ if (_Py_HashSecret_Initialized)\r
+ return;\r
+ _Py_HashSecret_Initialized = 1;\r
+\r
+ /*\r
+ By default, hash randomization is disabled, and only\r
+ enabled if PYTHONHASHSEED is set to non-empty or if\r
+ "-R" is provided at the command line:\r
+ */\r
+ if (!Py_HashRandomizationFlag) {\r
+ /* Disable the randomized hash: */\r
+ memset(secret, 0, secret_size);\r
+ return;\r
+ }\r
+\r
+ /*\r
+ Hash randomization is enabled. Generate a per-process secret,\r
+ using PYTHONHASHSEED if provided.\r
+ */\r
+\r
+ env = Py_GETENV("PYTHONHASHSEED");\r
+ if (env && *env != '\0' && strcmp(env, "random") != 0) {\r
+ char *endptr = env;\r
+ unsigned long seed;\r
+ seed = strtoul(env, &endptr, 10);\r
+ if (*endptr != '\0'\r
+ || seed > 4294967295UL\r
+ || (errno == ERANGE && seed == ULONG_MAX))\r
+ {\r
+ Py_FatalError("PYTHONHASHSEED must be \"random\" or an integer "\r
+ "in range [0; 4294967295]");\r
+ }\r
+ if (seed == 0) {\r
+ /* disable the randomized hash */\r
+ memset(secret, 0, secret_size);\r
+ }\r
+ else {\r
+ lcg_urandom(seed, (unsigned char*)secret, secret_size);\r
+ }\r
+ }\r
+ else {\r
+#ifdef MS_WINDOWS\r
+ (void)win32_urandom((unsigned char *)secret, secret_size, 0);\r
+#elif __VMS\r
+ vms_urandom((unsigned char *)secret, secret_size, 0);\r
+#elif HAVE_GETENTROPY\r
+ (void)py_getentropy(secret, secret_size, 1);\r
+#else\r
+ dev_urandom_noraise(secret, secret_size);\r
+#endif\r
+ }\r
+}\r
+\r
+void\r
+_PyRandom_Fini(void)\r
+{\r
+#ifdef MS_WINDOWS\r
+ if (hCryptProv) {\r
+ CryptReleaseContext(hCryptProv, 0);\r
+ hCryptProv = 0;\r
+ }\r
+#elif HAVE_GETENTROPY\r
+ /* nothing to clean */\r
+#else\r
+ dev_urandom_close();\r
+#endif\r
+}\r