diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/GNUmakefile | 6 | ||||
| -rw-r--r-- | src/openssl.c | 75 |
2 files changed, 50 insertions, 31 deletions
diff --git a/src/GNUmakefile b/src/GNUmakefile index 34d9cd2..e7cb54d 100644 --- a/src/GNUmakefile +++ b/src/GNUmakefile @@ -20,7 +20,7 @@ OS_$(d) = $(shell $(d)/../mk/vendor.os) CC_$(d) = $(shell env CC="$(CC) "$(d)/../mk/vendor.cc) LUAPATH_$(d) = $(shell env CC="$(CC)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" $(<D)/../mk/luapath -krxm3 -I$(DESTDIR)$(includedir) -I/usr/include -I/usr/local/include -P$(DESTDIR)$(bindir) -P$(bindir) -L$(DESTDIR)$(libdir) -L$(libdir) -v$(1) $(2)) -CPPFLAGS_$(d) = $(CPPFLAGS_$(abspath $(@D)/../..)) -DLUA_COMPAT_APIINTCASTS +CPPFLAGS_$(d) = $(CPPFLAGS_$(abspath $(@D)/../..)) -DLUA_COMPAT_APIINTCASTS -DHAVE_CONFIG_H CFLAGS_$(d) = $(CFLAGS_$(abspath $(@D)/../..)) LDFLAGS_$(d) = $(LDFLAGS_$(abspath $(@D)/../..)) SOFLAGS_$(d) = $(SOFLAGS_$(abspath $(@D)/../..)) @@ -41,6 +41,8 @@ endif # # C O M P I L A T I O N R U L E S # +$(d)/config.h: $(abspath $(d)/..)/config.h + $(CP) $< $@ define BUILD_$(d) @@ -49,7 +51,7 @@ define BUILD_$(d) $$(d)/$(1)/openssl.so: $$(d)/$(1)/openssl.o $$(CC) -o $$@ $$^ $$(SOFLAGS_$$(abspath $$(@D)/..)) $$(SOFLAGS) $$(LDFLAGS_$$(abspath $$(@D)/..)) $$(LDFLAGS) -$$(d)/$(1)/openssl.o: $$(d)/openssl.c $$(d)/compat52.h +$$(d)/$(1)/openssl.o: $$(d)/openssl.c $$(d)/compat52.h $$(d)/config.h test "$$(notdir $$(@D))" = "$$(call LUAPATH_$$(<D), $$(notdir $$(@D)), version)" $$(MKDIR) -p $$(@D) $$(CC) $$(CFLAGS_$$(<D)) $$(CFLAGS) $$(call LUAPATH_$$(<D), $$(notdir $$(@D)), cppflags) $$(CPPFLAGS_$$(<D)) $$(CPPFLAGS) -c -o $$@ $$< diff --git a/src/openssl.c b/src/openssl.c index d8eebb5..78dbd65 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -23,6 +23,10 @@ * USE OR OTHER DEALINGS IN THE SOFTWARE. * ========================================================================== */ +#if HAVE_CONFIG_H +#include "config.h" +#endif + #include <limits.h> /* INT_MAX INT_MIN LLONG_MAX LLONG_MIN UCHAR_MAX ULLONG_MAX */ #include <stdint.h> /* uintptr_t */ #include <string.h> /* memset(3) strerror_r(3) */ @@ -79,10 +83,6 @@ #define LIBRESSL_PREREQ(M, m, p) \ (LIBRESSL_VERSION_NUMBER >= (((M) << 28) | ((m) << 20) | ((p) << 12))) -#ifndef HAVE_DLADDR -#define HAVE_DLADDR (!defined _AIX) /* TODO: https://root.cern.ch/drupal/content/aix-and-dladdr */ -#endif - #ifndef HAVE_SSL_CTX_SET_ALPN_PROTOS #define HAVE_SSL_CTX_SET_ALPN_PROTOS OPENSSL_PREREQ(1, 0, 2) #endif @@ -7811,49 +7811,61 @@ static struct randL_state *randL_getstate(lua_State *L) { return lua_touserdata(L, lua_upvalueindex(1)); } /* randL_getstate() */ -#ifndef HAVE_SYS_SYSCTL_H -#define HAVE_SYS_SYSCTL_H (BSD || __GLIBC__) +#if HAVE_SYS_SYSCALL_H +#include <sys/syscall.h> /* SYS_getrandom syscall(2) */ #endif #if HAVE_SYS_SYSCTL_H -#include <sys/sysctl.h> /* CTL_KERN KERN_RANDOM RANDOM_UUID KERN_URND KERN_ARND sysctl(2) */ -#endif - -#ifndef HAVE_RANDOM_UUID -#define HAVE_RANDOM_UUID (HAVE_SYS_SYSCTL_H && defined __linux) /* RANDOM_UUID is an enum, not macro */ -#endif - -#ifndef HAVE_KERN_URND -#define HAVE_KERN_URND (defined KERN_URND) -#endif - -#ifndef HAVE_KERN_ARND -#define HAVE_KERN_ARND (defined KERN_ARND) +#include <sys/sysctl.h> /* CTL_KERN KERN_RANDOM RANDOM_UUID sysctl(2) */ #endif static int randL_stir(struct randL_state *st, unsigned rqstd) { unsigned count = 0; int error; unsigned char data[256]; -#if HAVE_RANDOM_UUID || HAVE_KERN_URND || HAVE_KERN_ARND -#if HAVE_RANDOM_UUID - int mib[] = { CTL_KERN, KERN_RANDOM, RANDOM_UUID }; -#elif HAVE_KERN_URND - int mib[] = { CTL_KERN, KERN_URND }; -#else - int mib[] = { CTL_KERN, KERN_ARND }; + +#if HAVE_ARC4RANDOM + while (count < rqstd) { + size_t n = MIN(rqstd - count, sizeof data); + + arc4random(data, n); + + RAND_seed(data, n); + + count += n; + } +#endif + +#if HAVE_SYSCALL && HAVE_DECL_SYS_GETRANDOM + while (count < rqstd) { + size_t lim = MIN(rqstd - count, sizeof data); + int n; + + n = syscall(SYS_getrandom, data, lim, 0); + + if (n == -1) { + break; + } + + RAND_seed(data, n); + + count += n; + } #endif +#if HAVE_SYS_SYSCTL_H && HAVE_DECL_RANDOM_UUID while (count < rqstd) { + int mib[] = { CTL_KERN, KERN_RANDOM, RANDOM_UUID }; size_t n = MIN(rqstd - count, sizeof data); if (0 != sysctl(mib, countof(mib), data, &n, (void *)0, 0)) break; - RAND_add(data, n, n); + RAND_seed(data, n); count += n; } + #endif if (count < rqstd) { @@ -7884,7 +7896,7 @@ static int randL_stir(struct randL_state *st, unsigned rqstd) { goto error; default: - RAND_add(data, n, n); + RAND_seed(data, n); count += n; } @@ -7922,7 +7934,12 @@ error:; #elif defined __sun /* * NOTE: Linux requires -lrt for clock_gettime, and in any event - * already has RANDOM_UUID. The BSDs have KERN_URND and KERN_ARND. + * should have RANDOM_UUID or getrandom. (Though, some middle-aged + * kernels might have neither). The BSDs have arc4random which + * should be using KERN_URND, KERN_ARND, and more recently + * getentropy. (Though, again, some older BSD kernels used an + * arc4random implementation that opened /dev/urandom.) + * * Just do this for Solaris to keep things simple. We've already * crossed the line of what can be reasonably accomplished on * unreasonable platforms. |