On Fri, Aug 03, 2012 at 05:26:58PM -0600, Eric Blake wrote:
All callers used the same initialization seed (well, the new viratomictest forgot to look at getpid()); so we might as well make this value automatic. And while it may feel like we are giving up functionality, I documented how to get it back in the unlikely case that you actually need to debug with a fixed pseudo-random sequence. I left that crippled by default, so that a stray environment variable doesn't cause a lack of randomness to become a security issue.
* src/util/virrandom.c (virRandomInitialize): Rename... (virRandomOnceInit): ...and make static, with one-shot call. Document how to do fixed-seed debugging. * src/util/virrandom.h (virRandomInitialize): Drop prototype. * src/libvirt_private.syms (virrandom.h): Don't export it. * src/libvirt.c (virInitialize): Adjust caller. * src/lxc/lxc_controller.c (main): Likewise. * src/security/virt-aa-helper.c (main): Likewise. * src/util/iohelper.c (main): Likewise. * tests/seclabeltest.c (main): Likewise. * tests/testutils.c (virtTestMain): Likewise. * tests/viratomictest.c (mymain): Likewise. --- src/libvirt.c | 3 +-- src/libvirt_private.syms | 1 - src/lxc/lxc_controller.c | 5 ++--- src/security/virt-aa-helper.c | 3 --- src/util/iohelper.c | 5 ++--- src/util/virrandom.c | 25 ++++++++++++++++++++++++- src/util/virrandom.h | 1 - tests/seclabeltest.c | 3 +-- tests/testutils.c | 3 +-- tests/viratomictest.c | 2 -- 10 files changed, 31 insertions(+), 20 deletions(-)
ACK Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|