diff options
author | William Ahern <william+ubuntu@25thandClement.com> | 2016-10-19 13:24:50 -0700 |
---|---|---|
committer | William Ahern <william+ubuntu@25thandClement.com> | 2016-10-19 13:24:50 -0700 |
commit | 6e9ce5c2b3adfc52030815c43439f4890f31c32c (patch) | |
tree | ebffcc6761d18d090da01f755eae781a4041c6e8 /src/openssl.c | |
parent | ed41847aea5553e67e7df58723dd863c2110b6ae (diff) | |
parent | 5949f01087291c0a6431f90264fc9795b133867f (diff) | |
download | luaossl-6e9ce5c2b3adfc52030815c43439f4890f31c32c.tar.gz luaossl-6e9ce5c2b3adfc52030815c43439f4890f31c32c.tar.bz2 luaossl-6e9ce5c2b3adfc52030815c43439f4890f31c32c.zip |
Merge branch 'oerdnj-master'
Diffstat (limited to 'src/openssl.c')
-rw-r--r-- | src/openssl.c | 75 |
1 files changed, 46 insertions, 29 deletions
diff --git a/src/openssl.c b/src/openssl.c index d8eebb5..78dbd65 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -23,6 +23,10 @@ * USE OR OTHER DEALINGS IN THE SOFTWARE. * ========================================================================== */ +#if HAVE_CONFIG_H +#include "config.h" +#endif + #include <limits.h> /* INT_MAX INT_MIN LLONG_MAX LLONG_MIN UCHAR_MAX ULLONG_MAX */ #include <stdint.h> /* uintptr_t */ #include <string.h> /* memset(3) strerror_r(3) */ @@ -79,10 +83,6 @@ #define LIBRESSL_PREREQ(M, m, p) \ (LIBRESSL_VERSION_NUMBER >= (((M) << 28) | ((m) << 20) | ((p) << 12))) -#ifndef HAVE_DLADDR -#define HAVE_DLADDR (!defined _AIX) /* TODO: https://root.cern.ch/drupal/content/aix-and-dladdr */ -#endif - #ifndef HAVE_SSL_CTX_SET_ALPN_PROTOS #define HAVE_SSL_CTX_SET_ALPN_PROTOS OPENSSL_PREREQ(1, 0, 2) #endif @@ -7811,49 +7811,61 @@ static struct randL_state *randL_getstate(lua_State *L) { return lua_touserdata(L, lua_upvalueindex(1)); } /* randL_getstate() */ -#ifndef HAVE_SYS_SYSCTL_H -#define HAVE_SYS_SYSCTL_H (BSD || __GLIBC__) +#if HAVE_SYS_SYSCALL_H +#include <sys/syscall.h> /* SYS_getrandom syscall(2) */ #endif #if HAVE_SYS_SYSCTL_H -#include <sys/sysctl.h> /* CTL_KERN KERN_RANDOM RANDOM_UUID KERN_URND KERN_ARND sysctl(2) */ -#endif - -#ifndef HAVE_RANDOM_UUID -#define HAVE_RANDOM_UUID (HAVE_SYS_SYSCTL_H && defined __linux) /* RANDOM_UUID is an enum, not macro */ -#endif - -#ifndef HAVE_KERN_URND -#define HAVE_KERN_URND (defined KERN_URND) -#endif - -#ifndef HAVE_KERN_ARND -#define HAVE_KERN_ARND (defined KERN_ARND) +#include <sys/sysctl.h> /* CTL_KERN KERN_RANDOM RANDOM_UUID sysctl(2) */ #endif static int randL_stir(struct randL_state *st, unsigned rqstd) { unsigned count = 0; int error; unsigned char data[256]; -#if HAVE_RANDOM_UUID || HAVE_KERN_URND || HAVE_KERN_ARND -#if HAVE_RANDOM_UUID - int mib[] = { CTL_KERN, KERN_RANDOM, RANDOM_UUID }; -#elif HAVE_KERN_URND - int mib[] = { CTL_KERN, KERN_URND }; -#else - int mib[] = { CTL_KERN, KERN_ARND }; + +#if HAVE_ARC4RANDOM + while (count < rqstd) { + size_t n = MIN(rqstd - count, sizeof data); + + arc4random(data, n); + + RAND_seed(data, n); + + count += n; + } +#endif + +#if HAVE_SYSCALL && HAVE_DECL_SYS_GETRANDOM + while (count < rqstd) { + size_t lim = MIN(rqstd - count, sizeof data); + int n; + + n = syscall(SYS_getrandom, data, lim, 0); + + if (n == -1) { + break; + } + + RAND_seed(data, n); + + count += n; + } #endif +#if HAVE_SYS_SYSCTL_H && HAVE_DECL_RANDOM_UUID while (count < rqstd) { + int mib[] = { CTL_KERN, KERN_RANDOM, RANDOM_UUID }; size_t n = MIN(rqstd - count, sizeof data); if (0 != sysctl(mib, countof(mib), data, &n, (void *)0, 0)) break; - RAND_add(data, n, n); + RAND_seed(data, n); count += n; } + #endif if (count < rqstd) { @@ -7884,7 +7896,7 @@ static int randL_stir(struct randL_state *st, unsigned rqstd) { goto error; default: - RAND_add(data, n, n); + RAND_seed(data, n); count += n; } @@ -7922,7 +7934,12 @@ error:; #elif defined __sun /* * NOTE: Linux requires -lrt for clock_gettime, and in any event - * already has RANDOM_UUID. The BSDs have KERN_URND and KERN_ARND. + * should have RANDOM_UUID or getrandom. (Though, some middle-aged + * kernels might have neither). The BSDs have arc4random which + * should be using KERN_URND, KERN_ARND, and more recently + * getentropy. (Though, again, some older BSD kernels used an + * arc4random implementation that opened /dev/urandom.) + * * Just do this for Solaris to keep things simple. We've already * crossed the line of what can be reasonably accomplished on * unreasonable platforms. |