This simple patch dramatically reduces the number of fopen()s and
fclose()s used when getting random numbers from nbase_rnd.c by keeping
the rng device open.
Before:
# strace nmap -p- localhost 2>&1 | grep 'open("/dev/[au]*random"' | wc
512 3584 31744
After:
# strace ./nmap -p- localhost 2>&1 | grep 'open("/dev/[au]*random"' | wc
2 14 124
I don't have /dev/arandom but I do have /dev/urandom, so that's why
there's 2 open()s after the patch on my box. And if somebody only has
/dev/random, even more open()s would be used because it's the third to
be attempted.
The amount of close()s would be comparably large, but there was no real
way for me to (easily) count them this way because these devices aren't
the only things opening.
I'm no expert on the random number generators, but as far as I can tell
the reopening of the devices (or lack thereof) doesn't affect the
randomness of them.
It's a diff against 4.21ALPHA1
Thanks,
Kris Katterjohn
--- x/nbase/nbase_rnd.c 2006-08-29 00:42:46.000000000 -0500
+++ y/nbase/nbase_rnd.c 2006-12-15 11:06:02.000000000 -0600
@@ -114,14 +114,14 @@ int get_random_bytes(void *buf, int numb
int tmp;
int res;
struct timeval tv;
- FILE *fp = NULL;
+ static FILE *fp;
unsigned int i;
short *iptr;
if (numbytes < 0 || numbytes > 0xFFFF) return -1;
if (bytesleft == 0) {
- fp = fopen("/dev/arandom", "r");
+ if (!fp) fp = fopen("/dev/arandom", "r");
if (!fp) fp = fopen("/dev/urandom", "r");
if (!fp) fp = fopen("/dev/random", "r");
if (fp) {
@@ -149,7 +149,7 @@ int get_random_bytes(void *buf, int numb
}
bytesleft = (sizeof(bytebuf) / sizeof(short)) * sizeof(short);
/* ^^^^^^^^^^^^^^^not as meaningless as it looks */
- } else fclose(fp);
+ }
}
if (numbytes <= bytesleft) { /* we can cover it */
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Dec 15 2006
Intro
