import of OpenSSL 0.9.8h

4 files changed, 17 insertions, 43 deletions

diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h
index 604df9be6c..ac6c021763 100644
--- a/src/lib/libcrypto/rand/rand.h
+++ b/src/lib/libcrypto/rand/rand.h
@@ -72,10 +72,13 @@ extern "C" {
 #endif
 
 #if defined(OPENSSL_FIPS)
-#define FIPS_RAND_SIZE_T int
+#define FIPS_RAND_SIZE_T size_t
 #endif
 
-typedef struct rand_meth_st
+/* Already defined in ossl_typ.h */
+/* typedef struct rand_meth_st RAND_METHOD; */
+
+struct rand_meth_st
         {
         void (*seed)(const void *buf, int num);
         int (*bytes)(unsigned char *buf, int num);
@@ -83,7 +86,7 @@ typedef struct rand_meth_st
         void (*add)(const void *buf, int num, double entropy);
         int (*pseudorand)(unsigned char *buf, int num);
         int (*status)(void);
-        } RAND_METHOD;
+        };
 
 #ifdef BN_DEBUG
 extern int rand_predictable;
@@ -125,17 +128,11 @@ void ERR_load_RAND_strings(void);
 /* Error codes for the RAND functions. */
 
 /* Function codes. */
-#define RAND_F_FIPS_RAND_BYTES                           102
 #define RAND_F_RAND_GET_RAND_METHOD                      101
 #define RAND_F_SSLEAY_RAND_BYTES                         100
 
 /* Reason codes. */
-#define RAND_R_NON_FIPS_METHOD                           101
-#define RAND_R_PRNG_ASKING_FOR_TOO_MUCH                  105
-#define RAND_R_PRNG_NOT_REKEYED                          103
-#define RAND_R_PRNG_NOT_RESEEDED                         104
 #define RAND_R_PRNG_NOT_SEEDED                           100
-#define RAND_R_PRNG_STUCK                                102
 
 #ifdef  __cplusplus
 }
diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c
index 97f96e1aee..386934dcd1 100644
--- a/src/lib/libcrypto/rand/rand_err.c
+++ b/src/lib/libcrypto/rand/rand_err.c
@@ -70,7 +70,6 @@
 
 static ERR_STRING_DATA RAND_str_functs[]=
         {
-{ERR_FUNC(RAND_F_FIPS_RAND_BYTES),      "FIPS_RAND_BYTES"},
 {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"},
 {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES),    "SSLEAY_RAND_BYTES"},
 {0,NULL}
@@ -78,12 +77,7 @@ static ERR_STRING_DATA RAND_str_functs[]=
 
 static ERR_STRING_DATA RAND_str_reasons[]=
         {
-{ERR_REASON(RAND_R_NON_FIPS_METHOD)      ,"non fips method"},
-{ERR_REASON(RAND_R_PRNG_ASKING_FOR_TOO_MUCH),"prng asking for too much"},
-{ERR_REASON(RAND_R_PRNG_NOT_REKEYED)     ,"prng not rekeyed"},
-{ERR_REASON(RAND_R_PRNG_NOT_RESEEDED)    ,"prng not reseeded"},
 {ERR_REASON(RAND_R_PRNG_NOT_SEEDED)      ,"PRNG not seeded"},
-{ERR_REASON(RAND_R_PRNG_STUCK)           ,"prng stuck"},
 {0,NULL}
         };
 
@@ -91,15 +85,12 @@ static ERR_STRING_DATA RAND_str_reasons[]=
 
 void ERR_load_RAND_strings(void)
         {
-        static int init=1;
+#ifndef OPENSSL_NO_ERR
 
-        if (init)
+        if (ERR_func_error_string(RAND_str_functs[0].error) == NULL)
                 {
-                init=0;
-#ifndef OPENSSL_NO_ERR
                 ERR_load_strings(0,RAND_str_functs);
                 ERR_load_strings(0,RAND_str_reasons);
-#endif
-
                 }
+#endif
         }
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c
index a21bde79de..513e338985 100644
--- a/src/lib/libcrypto/rand/rand_lib.c
+++ b/src/lib/libcrypto/rand/rand_lib.c
@@ -63,8 +63,6 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
-#include <openssl/fips.h>
-#include <openssl/fips_rand.h>
 
 #ifndef OPENSSL_NO_ENGINE
 /* non-NULL if default_RAND_meth is ENGINE-provided */
@@ -104,22 +102,8 @@ const RAND_METHOD *RAND_get_rand_method(void)
                         funct_ref = e;
                 else
 #endif
-#ifdef OPENSSL_FIPS
-                        if(FIPS_mode())
-                                default_RAND_meth=FIPS_rand_method();
-                        else
-#endif
-                                default_RAND_meth = RAND_SSLeay();
+                        default_RAND_meth = RAND_SSLeay();
                 }
-
-#ifdef OPENSSL_FIPS
-        if(FIPS_mode()
-                && default_RAND_meth != FIPS_rand_check())
-            {
-            RANDerr(RAND_F_RAND_GET_RAND_METHOD,RAND_R_NON_FIPS_METHOD);
-            return 0;
-            }
-#endif
         return default_RAND_meth;
         }
 
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index 7183fa32e4..6c0ec9a41c 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -102,10 +102,8 @@ int RAND_load_file(const char *file, long bytes)
 
         if (file == NULL) return(0);
 
-        i=stat(file,&sb);
-        /* If the state fails, put some crap in anyway */
-        RAND_add(&sb,sizeof(sb),0);
-        if (i < 0) return(0);
+        if (stat(file,&sb) < 0) return(0);
+        RAND_add(&sb,sizeof(sb),0.0);
         if (bytes == 0) return(ret);
 
         in=fopen(file,"rb");
@@ -128,8 +126,12 @@ int RAND_load_file(const char *file, long bytes)
                         n = BUFSIZE;
                 i=fread(buf,1,n,in);
                 if (i <= 0) break;
+#ifdef PURIFY
+                RAND_add(buf,i,(double)i);
+#else
                 /* even if n != i, use the full array */
-                RAND_add(buf,n,i);
+                RAND_add(buf,n,(double)i);
+#endif
                 ret+=i;
                 if (bytes > 0)
                         {