Saves comitters' daily life by avoid #include-ing everything from
internal.h to make each file do so instead. This would significantly
speed up incremental builds.
We take the following inclusion order in this changeset:
1. "ruby/config.h", where _GNU_SOURCE is defined (must be the very
first thing among everything).
2. RUBY_EXTCONF_H if any.
3. Standard C headers, sorted alphabetically.
4. Other system headers, maybe guarded by #ifdef
5. Everything else, sorted alphabetically.
Exceptions are those win32-related headers, which tend not be self-
containing (headers have inclusion order dependencies).
With these macros implemented we can write codes just like we can assume
the compiler being clang. MSC_VERSION_SINCE is defined to implement
those macros, but turned out to be handy for other places. The -fdeclspec
compiler flag is necessary for clang to properly handle __has_declspec().
Integer overflow for unsigned types are fully defined in C. They
are not always problematic (but not always OK). These functions
in this changeset intentionally utilizes that behaviour.
Blacklist from UBSAN checks for better output.
See also: https://travis-ci.org/ruby/ruby/jobs/451624829
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65589 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
An instruction is leaf if it has no rb_funcall inside. In order to
check this property, we introduce stack canary which is a random
number collected at runtime. Stack top is always filled with this
number and checked for stack smashing operations, when VM_CHECK_MODE.
[GH-1947]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64677 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_bytes_syscall): check if the version macro is
defined, for very old Mac OS X development tools.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64633 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Some old implementaions of arc4random_buf(3) were ARC4 based, or
unsafe when forked, or both. Resort to /dev/urandom for those
known problematic cases. Fix [Bug #15039]
Patch from Thomas Hurst <tom@hur.st>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64625 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_bytes_syscall): use SecRandomCopyBytes in
Security framework on macOS 10.7 or later.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64596 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (rand_range): moved call of domain_error(), not to
raise an exception in range_values().
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64169 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* configure.ac: clock_gettime or gettimeofday must exist.
* process.c (rb_clock_gettime): prefer clock_gettime over
gettimeofday, as the latter is obsolete in SUSv4.
* random.c (fill_random_seed): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63663 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_seed): do not need to be secure, to get
rid of blocking at the start-up time.
[ruby-core:87462] [Bug #14837]
* random.c (random_raw_seed): expected to be a cryptographically
secure, as documented.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63624 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c: [DOC] improve language and RDoc markup in Random.bytes docs;
also adjust call-seq style of Random.bytes and Random#bytes.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63154 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (InitVM_Random): extend Random itself by Formatter
module, as well as the `bytes` method used by the module.
[Feature #4938]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62595 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (random_s_bytes): new method Random.bytes, which is
equivalent to Random::DEFAULT.bytes. [Feature #4938]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62497 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
getrandom(2) and read(2) (from /dev/urandom) may return a random buffer
whose length is shorter than required. This change makes sure that they
get enough buffer by using a loop.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61292 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Early failure looks better in this case. Refs [Bugs #13885].
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59858 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (get_rnd, try_get_rnd): ensure initialized to get rid
of crash in forked processes. [ruby-core:82100] [Bug #13753]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59368 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (InitVM_Random): rename Random.raw_seed to
Random.urandom. A quick search seems there are no practical use
of this method than securerandom.rb so I think it's OK to rename
but if there are users of it, this hunk is subject to revert.
* test/ruby/test_rand.rb (TestRand#test_urandom): test for it.
* lib/securerandom.rb (SecureRandom.gen_random): Prefer OS-
provided CSPRNG if available. Otherwise falls back to OpenSSL.
Current preference is:
1. CSPRNG routine that the OS has; one of
- getrandom(2),
- arc4random(3), or
- CryptGenRandom()
2. /dev/urandom device
3. OpenSSL's RAND_bytes(3)
If none of above random number generators are available, you
cannot use this module. An exception is raised that case.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57384 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
glibc still does not define the SYS_getrandom alias for
__NR_getrandom in the Linux kernel. However, installing
up-to-date Linux kernel headers (linux-libc-dev >= 3.17 package
on Debian) will get the __NR_getrandom syscall number defined
properly without relying on glibc.
This allows users with a modern kernel+headers to use the getrandom
syscall without waiting on glibc support.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@57307 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (seed_keys_t, init_seed): pack seed for rb_hash_start and
rb_memhash, and fill them at once.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56990 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* *.c: rename rb_funcall2 to rb_funcallv, except for extensions
which are/will be/may be gems. [Fix GH-1406]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55773 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (int_pair_to_real_inclusive): get rid of VC6 compile
error C2520: conversion from unsigned __int64 to double not
implemented.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55534 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (random_ulong_limited): suppress a shift count warning
when unsigned long is 32bits.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55006 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (make_seed_value): append leading-zero-guard and get
rid of making a local copy of the seed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54997 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_seed): move the seed size to an argument.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54995 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (obj_random_bytes): base on bytes method instead of
rand method, not to call toplevel rand method.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54968 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (rand_init): random_seed() always returns an Integer,
no conversion for it.
* random.c (random_init, rb_f_srand): convert the given seed to an
Integer.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54962 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (random_int32): split the cases of rb_random_t and
other objects.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54937 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_bytes_syscall): turned into a static
function, to be inlined probably, so that it is unavailable if
it is a preprocessor macro.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54932 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (rand_range, rand_random): use rb_check_to_int instead
of rb_check_to_integer with the same conversion method.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54930 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c: use rb_check_arity instead of rb_scan_args for simple
optional arguments.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54929 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (sipseed): separate type of keys to reduce use of the
magic number.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54928 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (Init_Random_default): since seed is marked by
random_mark, no needs to mark itself as a global variable.
allocate Random instance before making the seed value, to get
rid of the potential risk of GC during the allocation.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54927 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (rand_init): since seed is the return value, no needs
to be volatile to prevent from GC.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54926 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (struct MT, next_state): use uint32_t for the state
vector.
* random.c (init_by_array, rand_init): ditto for initializing
keys.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54920 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_bytes_syscall): use arc4random_buf if
available.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@54912 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
NULL checking is finished Before call of memsize functions.
See r52979.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52986 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_seed): fix the size to be filled, not the
size of element, but the whole size of array.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52891 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
construction bits to Init_RandomSeed2. Random::DEFAULT
and Ruby internal hashes are no longer shared their seed.
* random.c (Init_RandomSeed2): ditto. And, kill evil
rb_obj_reveal() stuff.
* random.c (init_hashseed): add MT argument.
* random.c: (init_siphash): ditto.
* test/ruby/test_rand.rb (TestRand#test_default_seed): new
test for Random::DEFAULT::seed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52815 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
mean the result might not have an enough cryptic strength and
easy predictable. That's no good for SecureRandom.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52808 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* common.mk: add a rule for explicit.o.
* configure.in: detect explicit_bzero and memset_s.
* include/ruby/missing.h: add explicit_bzero.
* random.c (init_randomseed): use explicit_bzero() instead of
memset(). memset could be eliminated by compiler optimization.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52806 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
It is meaningless. If SYS_getrandom(GRND_NONBLOCK) return
EAGAIN, we eventually call fill_random_bytes_urandom() and
it block such as SYS_getrandom() without GRND_NONBLOCK.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52180 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_bytes_syscall): get rid of blocking when
no entropy is available. based on the patch by mame in
[ruby-core:70114]. [Bug #11395]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51374 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This follows the behavior of fill_random_bytes_urandom and fixes
the following failures I encountered on my old machine:
1) Error:
TestSecureRandom#test_s_random_bytes_without_openssl:
NotImplementedError: No random device
$RUBYDIR/lib/securerandom.rb:66:in `gen_random'
$RUBYDIR/lib/securerandom.rb:94:in `random_bytes'
$RUBYDIR/test/test_securerandom.rb:12:in `test_s_random_bytes'
$RUBYDIR/test/test_securerandom.rb:97:in `block in test_s_random_bytes_without_openssl'
$RUBYDIR/lib/tmpdir.rb:88:in `mktmpdir'
$RUBYDIR/test/test_securerandom.rb:85:in `test_s_random_bytes_without_openssl'
2) Error:
TestSecureRandom#test_s_urlsafe_base64:
NotImplementedError: No random device
$RUBYDIR/lib/securerandom.rb:66:in `gen_random'
$RUBYDIR/lib/securerandom.rb:94:in `random_bytes'
$RUBYDIR/lib/securerandom.rb:164:in `urlsafe_base64'
$RUBYDIR/test/test_securerandom.rb:131:in `block in test_s_urlsafe_base64'
$RUBYDIR/test/test_securerandom.rb:130:in `times'
$RUBYDIR/test/test_securerandom.rb:130:in `test_s_urlsafe_base64'
3) Error:
TestSecureRandom#test_uuid:
NotImplementedError: No random device
$RUBYDIR/lib/securerandom.rb:66:in `gen_random'
$RUBYDIR/lib/securerandom.rb:94:in `random_bytes'
$RUBYDIR/lib/securerandom.rb:230:in `uuid'
$RUBYDIR/test/test_securerandom.rb:160:in `test_uuid'
* random.c (fill_random_bytes_syscall): return -1 for error
* random.c (fill_random_bytes): try urandom on syscall failure
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51183 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_bytes_syscall): try getrandom system call
on Linux if supported by the kernel.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51182 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_bytes): separate into functions by system
call and by direct read of urandom device.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51181 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_bytes): separate non-raced and raced
conditions, on Windows.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@51024 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_bytes): release the handle in the static
variable, not a local variable.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50019 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* include/ruby/ruby.h (rb_data_object_alloc_warning): enable only
if __builtin_choose_expr works with __builtin_constant_p so that
warnings will be suppressed if klass is 0.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49978 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* include/ruby/ruby.h (rb_data_object_alloc_warning): enable only
if __builtin_choose_expr works with __builtin_constant_p so that
warnings will be suppressed if klass is 0.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49977 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
if the requested size is 0. AIX returns -1 for 0-byte read from
/dev/urandom, while other UNIX returns 0. With this change,
Random.raw_seed(0) consistently retuns "" in any UNIX.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49844 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (fill_random_bytes): use ATOMIC_SIZE_CAS to suppress a
strict-aliasing warning by gcc 4.9 for mingw.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49601 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (rand_random_number): raise ArgumentError for invalid
argument like as SecureRandom.random_number.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49599 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* random.c (rand_random_number): allow negative argument as it is
allowed by SecureRandom.random_number.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@49597 b2dd03c8-39d4-4d8f-98ff-823fe69b080e