[tor-commits] [tor/master] Fix documentation for crypto_rand*

[nickm at torproject.org]

commit 1cfa2bc859c0a7f27b49b80dc1be4be2acc91ee8
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed Nov 25 12:28:20 2015 -0500

    Fix documentation for crypto_rand*
---
 src/common/crypto.c |   14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 9e27ad3..9669493 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -2364,8 +2364,11 @@ crypto_seed_rng(void)
     return -1;
 }
 
-/** Write <b>n</b> bytes of strong random data to <b>to</b>. Return 0 on
- * success, -1 on failure, with support for mocking for unit tests.
+/** Write <b>n</b> bytes of strong random data to <b>to</b>. Supports mocking
+ * for unit tests.
+ *
+ * This function is not allowed to fail; if it would fail to generate strong
+ * entropy, it must terminate the process instead.
  */
 MOCK_IMPL(void,
 crypto_rand, (char *to, size_t n))
@@ -2373,8 +2376,11 @@ crypto_rand, (char *to, size_t n))
   crypto_rand_unmocked(to, n);
 }
 
-/** Write <b>n</b> bytes of strong random data to <b>to</b>. Return 0 on
- * success, -1 on failure.  Most callers will want crypto_rand instead.
+/** Write <b>n</b> bytes of strong random data to <b>to</b>.  Most callers
+ * will want crypto_rand instead.
+ *
+ * This function is not allowed to fail; if it would fail to generate strong
+ * entropy, it must terminate the process instead.
  */
 void
 crypto_rand_unmocked(char *to, size_t n)