1 files changed, 20 insertions, 26 deletions
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c
index 88088ce73c..0f8dd3e00f 100644
--- a/src/lib/libcrypto/rand/md_rand.c
+++ b/src/lib/libcrypto/rand/md_rand.c
@@ -126,6 +126,10 @@
 #include <openssl/crypto.h>
 #include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
 #ifdef BN_DEBUG
 # define PREDICT
@@ -145,7 +149,7 @@ static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
                                           * holds CRYPTO_LOCK_RAND
                                           * (to prevent double locking) */
 /* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
-static CRYPTO_THREADID locking_threadid; /* valid iff crypto_lock_rand is set */
+static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
 #ifdef PREDICT
@@ -213,10 +217,8 @@ static void ssleay_rand_add(const void *buf, int num, double add)
        /* check if we already have the lock */
        if (crypto_lock_rand)
                {
-                CRYPTO_THREADID cur;
-                CRYPTO_THREADID_current(&cur);
                CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
-                do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
+                do_not_lock = (locking_thread == CRYPTO_thread_id());
                CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
                }
        else
@@ -272,16 +274,8 @@ static void ssleay_rand_add(const void *buf, int num, double add)
                        }
                else
                        MD_Update(&m,&(state[st_idx]),j);
+                        
-                /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
                MD_Update(&m,buf,j);
-                /* We know that line may cause programs such as
-                   purify and valgrind to complain about use of
-                   uninitialized data.  The problem is not, it's
-                   with the caller.  Removing that line will make
-                   sure you get really bad randomness and thereby
-                   other problems such as very insecure keys. */
                MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
                MD_Final(&m,local_md);
                md_c[1]++;
@@ -342,6 +336,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 #endif
        int do_stir_pool = 0;
+#ifdef OPENSSL_FIPS
+        if(FIPS_mode())
+            {
+            FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD);
+            return 0;
+            }
+#endif
 #ifdef PREDICT
        if (rand_predictable)
                {
@@ -382,7 +384,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
        /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
        CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
-        CRYPTO_THREADID_current(&locking_threadid);
+        locking_thread = CRYPTO_thread_id();
        CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
        crypto_lock_rand = 1;
@@ -474,15 +476,9 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 #endif
                MD_Update(&m,local_md,MD_DIGEST_LENGTH);
                MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
+#ifndef PURIFY
-#ifndef PURIFY /* purify complains */
+                MD_Update(&m,buf,j); /* purify complains */
-                /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
-                MD_Update(&m,buf,j);
-                /* We know that line may cause programs such as
-                   purify and valgrind to complain about use of
-                   uninitialized data.  */
 #endif
                k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
                if (k > 0)
                        {
@@ -543,17 +539,15 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
 static int ssleay_rand_status(void)
        {
-        CRYPTO_THREADID cur;
        int ret;
        int do_not_lock;
-        CRYPTO_THREADID_current(&cur);
        /* check if we already have the lock
         * (could happen if a RAND_poll() implementation calls RAND_status()) */
        if (crypto_lock_rand)
                {
                CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
-                do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
+                do_not_lock = (locking_thread == CRYPTO_thread_id());
                CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
                }
        else
@@ -565,7 +559,7 @@ static int ssleay_rand_status(void)
                
                /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
                CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
-                CRYPTO_THREADID_cpy(&locking_threadid, &cur);
+                locking_thread = CRYPTO_thread_id();
                CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
                crypto_lock_rand = 1;
                }

diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c index 88088ce73c..0f8dd3e00f 100644 --- a/src/lib/libcrypto/rand/md_rand.c +++ b/src/lib/libcrypto/rand/md_rand.c
@@ -126,6 +126,10 @@
126		126
127	#include <openssl/crypto.h>	127	#include <openssl/crypto.h>
128	#include <openssl/err.h>	128	#include <openssl/err.h>
		129	#ifdef OPENSSL_FIPS
		130	#include <openssl/fips.h>
		131	#endif
		132
129		133
130	#ifdef BN_DEBUG	134	#ifdef BN_DEBUG
131	# define PREDICT	135	# define PREDICT
@@ -145,7 +149,7 @@ static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
145	* holds CRYPTO_LOCK_RAND	149	* holds CRYPTO_LOCK_RAND
146	* (to prevent double locking) */	150	* (to prevent double locking) */
147	/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */	151	/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
148	static CRYPTO_THREADID locking_threadid; /* valid iff crypto_lock_rand is set */	152	static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
149		153
150		154
151	#ifdef PREDICT	155	#ifdef PREDICT
@@ -213,10 +217,8 @@ static void ssleay_rand_add(const void *buf, int num, double add)
213	/* check if we already have the lock */	217	/* check if we already have the lock */
214	if (crypto_lock_rand)	218	if (crypto_lock_rand)
215	{	219	{
216	CRYPTO_THREADID cur;
217	CRYPTO_THREADID_current(&cur);
218	CRYPTO_r_lock(CRYPTO_LOCK_RAND2);	220	CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
219	do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);	221	do_not_lock = (locking_thread == CRYPTO_thread_id());
220	CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);	222	CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
221	}	223	}
222	else	224	else
@@ -272,16 +274,8 @@ static void ssleay_rand_add(const void *buf, int num, double add)
272	}	274	}
273	else	275	else
274	MD_Update(&m,&(state[st_idx]),j);	276	MD_Update(&m,&(state[st_idx]),j);
275		277
276	/* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
277	MD_Update(&m,buf,j);	278	MD_Update(&m,buf,j);
278	/* We know that line may cause programs such as
279	purify and valgrind to complain about use of
280	uninitialized data. The problem is not, it's
281	with the caller. Removing that line will make
282	sure you get really bad randomness and thereby
283	other problems such as very insecure keys. */
284
285	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));	279	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
286	MD_Final(&m,local_md);	280	MD_Final(&m,local_md);
287	md_c[1]++;	281	md_c[1]++;
@@ -342,6 +336,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
342	#endif	336	#endif
343	int do_stir_pool = 0;	337	int do_stir_pool = 0;
344		338
		339	#ifdef OPENSSL_FIPS
		340	if(FIPS_mode())
		341	{
		342	FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD);
		343	return 0;
		344	}
		345	#endif
		346
345	#ifdef PREDICT	347	#ifdef PREDICT
346	if (rand_predictable)	348	if (rand_predictable)
347	{	349	{
@@ -382,7 +384,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
382		384
383	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */	385	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
384	CRYPTO_w_lock(CRYPTO_LOCK_RAND2);	386	CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
385	CRYPTO_THREADID_current(&locking_threadid);	387	locking_thread = CRYPTO_thread_id();
386	CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);	388	CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
387	crypto_lock_rand = 1;	389	crypto_lock_rand = 1;
388		390
@@ -474,15 +476,9 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
474	#endif	476	#endif
475	MD_Update(&m,local_md,MD_DIGEST_LENGTH);	477	MD_Update(&m,local_md,MD_DIGEST_LENGTH);
476	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));	478	MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
477		479	#ifndef PURIFY
478	#ifndef PURIFY /* purify complains */	480	MD_Update(&m,buf,j); /* purify complains */
479	/* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
480	MD_Update(&m,buf,j);
481	/* We know that line may cause programs such as
482	purify and valgrind to complain about use of
483	uninitialized data. */
484	#endif	481	#endif
485
486	k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;	482	k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
487	if (k > 0)	483	if (k > 0)
488	{	484	{
@@ -543,17 +539,15 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
543		539
544	static int ssleay_rand_status(void)	540	static int ssleay_rand_status(void)
545	{	541	{
546	CRYPTO_THREADID cur;
547	int ret;	542	int ret;
548	int do_not_lock;	543	int do_not_lock;
549		544
550	CRYPTO_THREADID_current(&cur);
551	/* check if we already have the lock	545	/* check if we already have the lock
552	* (could happen if a RAND_poll() implementation calls RAND_status()) */	546	* (could happen if a RAND_poll() implementation calls RAND_status()) */
553	if (crypto_lock_rand)	547	if (crypto_lock_rand)
554	{	548	{
555	CRYPTO_r_lock(CRYPTO_LOCK_RAND2);	549	CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
556	do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);	550	do_not_lock = (locking_thread == CRYPTO_thread_id());
557	CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);	551	CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
558	}	552	}
559	else	553	else
@@ -565,7 +559,7 @@ static int ssleay_rand_status(void)
565		559
566	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */	560	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
567	CRYPTO_w_lock(CRYPTO_LOCK_RAND2);	561	CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
568	CRYPTO_THREADID_cpy(&locking_threadid, &cur);	562	locking_thread = CRYPTO_thread_id();
569	CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);	563	CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
570	crypto_lock_rand = 1;	564	crypto_lock_rand = 1;
571	}	565	}