diff options
Diffstat (limited to 'src/lib/libcrypto/rand/rand_unix.c')
| -rw-r--r-- | src/lib/libcrypto/rand/rand_unix.c | 35 |
1 files changed, 26 insertions, 9 deletions
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c index 0599719dd1..9376554fae 100644 --- a/src/lib/libcrypto/rand/rand_unix.c +++ b/src/lib/libcrypto/rand/rand_unix.c | |||
| @@ -120,6 +120,7 @@ | |||
| 120 | #include <sys/types.h> | 120 | #include <sys/types.h> |
| 121 | #include <sys/time.h> | 121 | #include <sys/time.h> |
| 122 | #include <sys/times.h> | 122 | #include <sys/times.h> |
| 123 | #include <sys/stat.h> | ||
| 123 | #include <fcntl.h> | 124 | #include <fcntl.h> |
| 124 | #include <unistd.h> | 125 | #include <unistd.h> |
| 125 | #include <time.h> | 126 | #include <time.h> |
| @@ -151,9 +152,9 @@ int RAND_poll(void) | |||
| 151 | int n = 0; | 152 | int n = 0; |
| 152 | #endif | 153 | #endif |
| 153 | #ifdef DEVRANDOM | 154 | #ifdef DEVRANDOM |
| 154 | static const char *randomfiles[] = { DEVRANDOM, NULL }; | 155 | static const char *randomfiles[] = { DEVRANDOM }; |
| 155 | const char **randomfile = NULL; | 156 | struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])]; |
| 156 | int fd; | 157 | int fd,i; |
| 157 | #endif | 158 | #endif |
| 158 | #ifdef DEVRANDOM_EGD | 159 | #ifdef DEVRANDOM_EGD |
| 159 | static const char *egdsockets[] = { DEVRANDOM_EGD, NULL }; | 160 | static const char *egdsockets[] = { DEVRANDOM_EGD, NULL }; |
| @@ -161,26 +162,42 @@ int RAND_poll(void) | |||
| 161 | #endif | 162 | #endif |
| 162 | 163 | ||
| 163 | #ifdef DEVRANDOM | 164 | #ifdef DEVRANDOM |
| 165 | memset(randomstats,0,sizeof(randomstats)); | ||
| 164 | /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD | 166 | /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD |
| 165 | * have this. Use /dev/urandom if you can as /dev/random may block | 167 | * have this. Use /dev/urandom if you can as /dev/random may block |
| 166 | * if it runs out of random entries. */ | 168 | * if it runs out of random entries. */ |
| 167 | 169 | ||
| 168 | for (randomfile = randomfiles; *randomfile && n < ENTROPY_NEEDED; randomfile++) | 170 | for (i=0; i<sizeof(randomfiles)/sizeof(randomfiles[0]) && n < ENTROPY_NEEDED; i++) |
| 169 | { | 171 | { |
| 170 | if ((fd = open(*randomfile, O_RDONLY|O_NONBLOCK | 172 | if ((fd = open(randomfiles[i], O_RDONLY |
| 173 | #ifdef O_NONBLOCK | ||
| 174 | |O_NONBLOCK | ||
| 175 | #endif | ||
| 176 | #ifdef O_BINARY | ||
| 177 | |O_BINARY | ||
| 178 | #endif | ||
| 171 | #ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it | 179 | #ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it |
| 172 | our controlling tty */ | 180 | our controlling tty */ |
| 173 | |O_NOCTTY | 181 | |O_NOCTTY |
| 174 | #endif | 182 | #endif |
| 175 | #ifdef O_NOFOLLOW /* Fail if the file is a symbolic link */ | ||
| 176 | |O_NOFOLLOW | ||
| 177 | #endif | ||
| 178 | )) >= 0) | 183 | )) >= 0) |
| 179 | { | 184 | { |
| 180 | struct timeval t = { 0, 10*1000 }; /* Spend 10ms on | 185 | struct timeval t = { 0, 10*1000 }; /* Spend 10ms on |
| 181 | each file. */ | 186 | each file. */ |
| 182 | int r; | 187 | int r,j; |
| 183 | fd_set fset; | 188 | fd_set fset; |
| 189 | struct stat *st=&randomstats[i]; | ||
| 190 | |||
| 191 | /* Avoid using same input... Used to be O_NOFOLLOW | ||
| 192 | * above, but it's not universally appropriate... */ | ||
| 193 | if (fstat(fd,st) != 0) { close(fd); continue; } | ||
| 194 | for (j=0;j<i;j++) | ||
| 195 | { | ||
| 196 | if (randomstats[j].st_ino==st->st_ino && | ||
| 197 | randomstats[j].st_dev==st->st_dev) | ||
| 198 | break; | ||
| 199 | } | ||
| 200 | if (j<i) { close(fd); continue; } | ||
| 184 | 201 | ||
| 185 | do | 202 | do |
| 186 | { | 203 | { |