1 files changed, 425 insertions, 0 deletions
diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c
new file mode 100644
index 0000000000..3316388443
--- /dev/null
+++ b/src/lib/libcrypto/rand/rand_unix.c
@@ -0,0 +1,425 @@
+/* crypto/rand/rand_unix.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#define USE_SOCKETS
+#include "e_os.h"
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/times.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <time.h>
+#if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */
+# include <poll.h>
+#endif
+#include <limits.h>
+#ifndef FD_SETSIZE
+# define FD_SETSIZE (8*sizeof(fd_set))
+#endif
+#if defined(OPENSSL_SYS_VOS)
+/* The following algorithm repeatedly samples the real-time clock
+   (RTC) to generate a sequence of unpredictable data.  The algorithm
+   relies upon the uneven execution speed of the code (due to factors
+   such as cache misses, interrupts, bus activity, and scheduling) and
+   upon the rather large relative difference between the speed of the
+   clock and the rate at which it can be read.
+   If this code is ported to an environment where execution speed is
+   more constant or where the RTC ticks at a much slower rate, or the
+   clock can be read with fewer instructions, it is likely that the
+   results would be far more predictable.
+   As a precaution, we generate 4 times the minimum required amount of
+   seed data.  */
+int RAND_poll(void)
+{
+        short int code;
+        gid_t curr_gid;
+        pid_t curr_pid;
+        uid_t curr_uid;
+        int i, k;
+        struct timespec ts;
+        unsigned char v;
+#ifdef OPENSSL_SYS_VOS_HPPA
+        long duration;
+        extern void s$sleep (long *_duration, short int *_code);
+#else
+#ifdef OPENSSL_SYS_VOS_IA32
+        long long duration;
+        extern void s$sleep2 (long long *_duration, short int *_code);
+#else
+#error "Unsupported Platform."
+#endif /* OPENSSL_SYS_VOS_IA32 */
+#endif /* OPENSSL_SYS_VOS_HPPA */
+        /* Seed with the gid, pid, and uid, to ensure *some*
+           variation between different processes.  */
+        curr_gid = getgid();
+        RAND_add (&curr_gid, sizeof curr_gid, 1);
+        curr_gid = 0;
+        curr_pid = getpid();
+        RAND_add (&curr_pid, sizeof curr_pid, 1);
+        curr_pid = 0;
+        curr_uid = getuid();
+        RAND_add (&curr_uid, sizeof curr_uid, 1);
+        curr_uid = 0;
+        for (i=0; i<(ENTROPY_NEEDED*4); i++)
+        {
+                /* burn some cpu; hope for interrupts, cache
+                   collisions, bus interference, etc.  */
+                for (k=0; k<99; k++)
+                        ts.tv_nsec = random ();
+#ifdef OPENSSL_SYS_VOS_HPPA
+                /* sleep for 1/1024 of a second (976 us).  */
+                duration = 1;
+                s$sleep (&duration, &code);
+#else
+#ifdef OPENSSL_SYS_VOS_IA32
+                /* sleep for 1/65536 of a second (15 us).  */
+                duration = 1;
+                s$sleep2 (&duration, &code);
+#endif /* OPENSSL_SYS_VOS_IA32 */
+#endif /* OPENSSL_SYS_VOS_HPPA */
+                /* get wall clock time.  */
+                clock_gettime (CLOCK_REALTIME, &ts);
+                /* take 8 bits */
+                v = (unsigned char) (ts.tv_nsec % 256);
+                RAND_add (&v, sizeof v, 1);
+                v = 0;
+        }
+        return 1;
+}
+#elif defined __OpenBSD__
+int RAND_poll(void)
+{
+        unsigned char buf[ENTROPY_NEEDED];
+        arc4random_buf(buf, sizeof(buf));
+        RAND_add(buf, sizeof(buf), sizeof(buf));
+        memset(buf, 0, sizeof(buf));
+        return 1;
+}
+#else /* !defined(__OpenBSD__) */
+int RAND_poll(void)
+{
+        unsigned long l;
+        pid_t curr_pid = getpid();
+#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+        unsigned char tmpbuf[ENTROPY_NEEDED];
+        int n = 0;
+#endif
+#ifdef DEVRANDOM
+        static const char *randomfiles[] = { DEVRANDOM };
+        struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])];
+        int fd;
+        unsigned int i;
+#endif
+#ifdef DEVRANDOM_EGD
+        static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
+        const char **egdsocket = NULL;
+#endif
+#ifdef DEVRANDOM
+        memset(randomstats,0,sizeof(randomstats));
+        /* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
+         * have this. Use /dev/urandom if you can as /dev/random may block
+         * if it runs out of random entries.  */
+        for (i = 0; (i < sizeof(randomfiles)/sizeof(randomfiles[0])) &&
+                        (n < ENTROPY_NEEDED); i++)
+                {
+                if ((fd = open(randomfiles[i], O_RDONLY
+#ifdef O_NONBLOCK
+                        |O_NONBLOCK
+#endif
+#ifdef O_BINARY
+                        |O_BINARY
+#endif
+#ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it
+                   our controlling tty */
+                        |O_NOCTTY
+#endif
+                        )) >= 0)
+                        {
+                        int usec = 10*1000; /* spend 10ms on each file */
+                        int r;
+                        unsigned int j;
+                        struct stat *st=&randomstats[i];
+                        /* Avoid using same input... Used to be O_NOFOLLOW
+                         * above, but it's not universally appropriate... */
+                        if (fstat(fd,st) != 0)  { close(fd); continue; }
+                        for (j=0;j<i;j++)
+                                {
+                                if (randomstats[j].st_ino==st->st_ino &&
+                                    randomstats[j].st_dev==st->st_dev)
+                                        break;
+                                }
+                        if (j<i)                { close(fd); continue; }
+                        do
+                                {
+                                int try_read = 0;
+#if defined(OPENSSL_SYS_BEOS_R5)
+                                /* select() is broken in BeOS R5, so we simply
+                                 *  try to read something and snooze if we couldn't */
+                                try_read = 1;
+#elif defined(OPENSSL_SYS_LINUX)
+                                /* use poll() */
+                                struct pollfd pset;
+                                
+                                pset.fd = fd;
+                                pset.events = POLLIN;
+                                pset.revents = 0;
+                                if (poll(&pset, 1, usec / 1000) < 0)
+                                        usec = 0;
+                                else
+                                        try_read = (pset.revents & POLLIN) != 0;
+#else
+                                /* use select() */
+                                fd_set fset;
+                                struct timeval t;
+                                
+                                t.tv_sec = 0;
+                                t.tv_usec = usec;
+                                if (FD_SETSIZE > 0 && (unsigned)fd >= FD_SETSIZE)
+                                        {
+                                        /* can't use select, so just try to read once anyway */
+                                        try_read = 1;
+                                        }
+                                else
+                                        {
+                                        FD_ZERO(&fset);
+                                        FD_SET(fd, &fset);
+                                        
+                                        if (select(fd+1,&fset,NULL,NULL,&t) >= 0)
+                                                {
+                                                usec = t.tv_usec;
+                                                if (FD_ISSET(fd, &fset))
+                                                        try_read = 1;
+                                                }
+                                        else
+                                                usec = 0;
+                                        }
+#endif
+                                
+                                if (try_read)
+                                        {
+                                        r = read(fd,(unsigned char *)tmpbuf+n, ENTROPY_NEEDED-n);
+                                        if (r > 0)
+                                                n += r;
+#if defined(OPENSSL_SYS_BEOS_R5)
+                                        if (r == 0)
+                                                snooze(t.tv_usec);
+#endif
+                                        }
+                                else
+                                        r = -1;
+                                
+                                /* Some Unixen will update t in select(), some
+                                   won't.  For those who won't, or if we
+                                   didn't use select() in the first place,
+                                   give up here, otherwise, we will do
+                                   this once again for the remaining
+                                   time. */
+                                if (usec == 10*1000)
+                                        usec = 0;
+                                }
+                        while ((r > 0 ||
+                               (errno == EINTR || errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED);
+                        close(fd);
+                        }
+                }
+#endif /* defined(DEVRANDOM) */
+#ifdef DEVRANDOM_EGD
+        /* Use an EGD socket to read entropy from an EGD or PRNGD entropy
+         * collecting daemon. */
+        for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED; egdsocket++)
+                {
+                int r;
+                r = RAND_query_egd_bytes(*egdsocket, (unsigned char *)tmpbuf+n,
+                                         ENTROPY_NEEDED-n);
+                if (r > 0)
+                        n += r;
+                }
+#endif /* defined(DEVRANDOM_EGD) */
+#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+        if (n > 0)
+                {
+                RAND_add(tmpbuf,sizeof tmpbuf,(double)n);
+                OPENSSL_cleanse(tmpbuf,n);
+                }
+#endif
+        /* put in some default random data, we need more than just this */
+        l=curr_pid;
+        RAND_add(&l,sizeof(l),0.0);
+        l=getuid();
+        RAND_add(&l,sizeof(l),0.0);
+        l=time(NULL);
+        RAND_add(&l,sizeof(l),0.0);
+#if defined(OPENSSL_SYS_BEOS)
+        {
+        system_info sysInfo;
+        get_system_info(&sysInfo);
+        RAND_add(&sysInfo,sizeof(sysInfo),0);
+        }
+#endif
+#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+        return 1;
+#else
+        return 0;
+#endif
+}
+#endif /* defined(__OpenBSD__) */
+#endif /* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */
+#if defined(OPENSSL_SYS_VXWORKS)
+int RAND_poll(void)
+        {
+        return 0;
+        }
+#endif

diff --git a/src/lib/libcrypto/rand/rand_unix.c b/src/lib/libcrypto/rand/rand_unix.c new file mode 100644 index 0000000000..3316388443 --- /dev/null +++ b/src/lib/libcrypto/rand/rand_unix.c
@@ -0,0 +1,425 @@
	1	/* crypto/rand/rand_unix.c */
	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
	3	* All rights reserved.
	4	*
	5	* This package is an SSL implementation written
	6	* by Eric Young (eay@cryptsoft.com).
	7	* The implementation was written so as to conform with Netscapes SSL.
	8	*
	9	* This library is free for commercial and non-commercial use as long as
	10	* the following conditions are aheared to. The following conditions
	11	* apply to all code found in this distribution, be it the RC4, RSA,
	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	13	* included with this distribution is covered by the same copyright terms
	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
	15	*
	16	* Copyright remains Eric Young's, and as such any Copyright notices in
	17	* the code are not to be removed.
	18	* If this package is used in a product, Eric Young should be given attribution
	19	* as the author of the parts of the library used.
	20	* This can be in the form of a textual message at program startup or
	21	* in documentation (online or textual) provided with the package.
	22	*
	23	* Redistribution and use in source and binary forms, with or without
	24	* modification, are permitted provided that the following conditions
	25	* are met:
	26	* 1. Redistributions of source code must retain the copyright
	27	* notice, this list of conditions and the following disclaimer.
	28	* 2. Redistributions in binary form must reproduce the above copyright
	29	* notice, this list of conditions and the following disclaimer in the
	30	* documentation and/or other materials provided with the distribution.
	31	* 3. All advertising materials mentioning features or use of this software
	32	* must display the following acknowledgement:
	33	* "This product includes cryptographic software written by
	34	* Eric Young (eay@cryptsoft.com)"
	35	* The word 'cryptographic' can be left out if the rouines from the library
	36	* being used are not cryptographic related :-).
	37	* 4. If you include any Windows specific code (or a derivative thereof) from
	38	* the apps directory (application code) you must include an acknowledgement:
	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
	40	*
	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	51	* SUCH DAMAGE.
	52	*
	53	* The licence and distribution terms for any publically available version or
	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
	55	* copied and put under another distribution licence
	56	* [including the GNU Public Licence.]
	57	*/
	58	/* ====================================================================
	59	* Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
	60	*
	61	* Redistribution and use in source and binary forms, with or without
	62	* modification, are permitted provided that the following conditions
	63	* are met:
	64	*
	65	* 1. Redistributions of source code must retain the above copyright
	66	* notice, this list of conditions and the following disclaimer.
	67	*
	68	* 2. Redistributions in binary form must reproduce the above copyright
	69	* notice, this list of conditions and the following disclaimer in
	70	* the documentation and/or other materials provided with the
	71	* distribution.
	72	*
	73	* 3. All advertising materials mentioning features or use of this
	74	* software must display the following acknowledgment:
	75	* "This product includes software developed by the OpenSSL Project
	76	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	77	*
	78	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	79	* endorse or promote products derived from this software without
	80	* prior written permission. For written permission, please contact
	81	* openssl-core@openssl.org.
	82	*
	83	* 5. Products derived from this software may not be called "OpenSSL"
	84	* nor may "OpenSSL" appear in their names without prior written
	85	* permission of the OpenSSL Project.
	86	*
	87	* 6. Redistributions of any form whatsoever must retain the following
	88	* acknowledgment:
	89	* "This product includes software developed by the OpenSSL Project
	90	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	91	*
	92	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	93	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	94	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	95	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	96	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	97	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	98	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	99	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	100	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	101	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	102	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	103	* OF THE POSSIBILITY OF SUCH DAMAGE.
	104	* ====================================================================
	105	*
	106	* This product includes cryptographic software written by Eric Young
	107	* (eay@cryptsoft.com). This product includes software written by Tim
	108	* Hudson (tjh@cryptsoft.com).
	109	*
	110	*/
	111	#include <stdio.h>
	112
	113	#define USE_SOCKETS
	114	#include "e_os.h"
	115	#include "cryptlib.h"
	116	#include <openssl/rand.h>
	117	#include "rand_lcl.h"
	118
	119	#if !(defined(OPENSSL_SYS_WINDOWS) \|\| defined(OPENSSL_SYS_WIN32) \|\| defined(OPENSSL_SYS_VMS) \|\| defined(OPENSSL_SYS_OS2) \|\| defined(OPENSSL_SYS_VXWORKS) \|\| defined(OPENSSL_SYS_NETWARE))
	120
	121	#include <sys/types.h>
	122	#include <sys/time.h>
	123	#include <sys/times.h>
	124	#include <sys/stat.h>
	125	#include <fcntl.h>
	126	#include <unistd.h>
	127	#include <time.h>
	128	#if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually everywhere */
	129	# include <poll.h>
	130	#endif
	131	#include <limits.h>
	132	#ifndef FD_SETSIZE
	133	# define FD_SETSIZE (8*sizeof(fd_set))
	134	#endif
	135
	136	#if defined(OPENSSL_SYS_VOS)
	137
	138	/* The following algorithm repeatedly samples the real-time clock
	139	(RTC) to generate a sequence of unpredictable data. The algorithm
	140	relies upon the uneven execution speed of the code (due to factors
	141	such as cache misses, interrupts, bus activity, and scheduling) and
	142	upon the rather large relative difference between the speed of the
	143	clock and the rate at which it can be read.
	144
	145	If this code is ported to an environment where execution speed is
	146	more constant or where the RTC ticks at a much slower rate, or the
	147	clock can be read with fewer instructions, it is likely that the
	148	results would be far more predictable.
	149
	150	As a precaution, we generate 4 times the minimum required amount of
	151	seed data. */
	152
	153	int RAND_poll(void)
	154	{
	155	short int code;
	156	gid_t curr_gid;
	157	pid_t curr_pid;
	158	uid_t curr_uid;
	159	int i, k;
	160	struct timespec ts;
	161	unsigned char v;
	162
	163	#ifdef OPENSSL_SYS_VOS_HPPA
	164	long duration;
	165	extern void s$sleep (long _duration, short int _code);
	166	#else
	167	#ifdef OPENSSL_SYS_VOS_IA32
	168	long long duration;
	169	extern void s$sleep2 (long long _duration, short int _code);
	170	#else
	171	#error "Unsupported Platform."
	172	#endif /* OPENSSL_SYS_VOS_IA32 */
	173	#endif /* OPENSSL_SYS_VOS_HPPA */
	174
	175	/* Seed with the gid, pid, and uid, to ensure some
	176	variation between different processes. */
	177
	178	curr_gid = getgid();
	179	RAND_add (&curr_gid, sizeof curr_gid, 1);
	180	curr_gid = 0;
	181
	182	curr_pid = getpid();
	183	RAND_add (&curr_pid, sizeof curr_pid, 1);
	184	curr_pid = 0;
	185
	186	curr_uid = getuid();
	187	RAND_add (&curr_uid, sizeof curr_uid, 1);
	188	curr_uid = 0;
	189
	190	for (i=0; i<(ENTROPY_NEEDED*4); i++)
	191	{
	192	/* burn some cpu; hope for interrupts, cache
	193	collisions, bus interference, etc. */
	194	for (k=0; k<99; k++)
	195	ts.tv_nsec = random ();
	196
	197	#ifdef OPENSSL_SYS_VOS_HPPA
	198	/* sleep for 1/1024 of a second (976 us). */
	199	duration = 1;
	200	s$sleep (&duration, &code);
	201	#else
	202	#ifdef OPENSSL_SYS_VOS_IA32
	203	/* sleep for 1/65536 of a second (15 us). */
	204	duration = 1;
	205	s$sleep2 (&duration, &code);
	206	#endif /* OPENSSL_SYS_VOS_IA32 */
	207	#endif /* OPENSSL_SYS_VOS_HPPA */
	208
	209	/* get wall clock time. */
	210	clock_gettime (CLOCK_REALTIME, &ts);
	211
	212	/* take 8 bits */
	213	v = (unsigned char) (ts.tv_nsec % 256);
	214	RAND_add (&v, sizeof v, 1);
	215	v = 0;
	216	}
	217	return 1;
	218	}
	219	#elif defined __OpenBSD__
	220	int RAND_poll(void)
	221	{
	222	unsigned char buf[ENTROPY_NEEDED];
	223
	224	arc4random_buf(buf, sizeof(buf));
	225	RAND_add(buf, sizeof(buf), sizeof(buf));
	226	memset(buf, 0, sizeof(buf));
	227
	228	return 1;
	229	}
	230	#else /* !defined(__OpenBSD__) */
	231	int RAND_poll(void)
	232	{
	233	unsigned long l;
	234	pid_t curr_pid = getpid();
	235	#if defined(DEVRANDOM) \|\| defined(DEVRANDOM_EGD)
	236	unsigned char tmpbuf[ENTROPY_NEEDED];
	237	int n = 0;
	238	#endif
	239	#ifdef DEVRANDOM
	240	static const char *randomfiles[] = { DEVRANDOM };
	241	struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])];
	242	int fd;
	243	unsigned int i;
	244	#endif
	245	#ifdef DEVRANDOM_EGD
	246	static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
	247	const char **egdsocket = NULL;
	248	#endif
	249
	250	#ifdef DEVRANDOM
	251	memset(randomstats,0,sizeof(randomstats));
	252	/* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
	253	* have this. Use /dev/urandom if you can as /dev/random may block
	254	* if it runs out of random entries. */
	255
	256	for (i = 0; (i < sizeof(randomfiles)/sizeof(randomfiles[0])) &&
	257	(n < ENTROPY_NEEDED); i++)
	258	{
	259	if ((fd = open(randomfiles[i], O_RDONLY
	260	#ifdef O_NONBLOCK
	261	\|O_NONBLOCK
	262	#endif
	263	#ifdef O_BINARY
	264	\|O_BINARY
	265	#endif
	266	#ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it
	267	our controlling tty */
	268	\|O_NOCTTY
	269	#endif
	270	)) >= 0)
	271	{
	272	int usec = 101000; / spend 10ms on each file */
	273	int r;
	274	unsigned int j;
	275	struct stat *st=&randomstats[i];
	276
	277	/* Avoid using same input... Used to be O_NOFOLLOW
	278	* above, but it's not universally appropriate... */
	279	if (fstat(fd,st) != 0) { close(fd); continue; }
	280	for (j=0;j<i;j++)
	281	{
	282	if (randomstats[j].st_ino==st->st_ino &&
	283	randomstats[j].st_dev==st->st_dev)
	284	break;
	285	}
	286	if (j<i) { close(fd); continue; }
	287
	288	do
	289	{
	290	int try_read = 0;
	291
	292	#if defined(OPENSSL_SYS_BEOS_R5)
	293	/* select() is broken in BeOS R5, so we simply
	294	* try to read something and snooze if we couldn't */
	295	try_read = 1;
	296
	297	#elif defined(OPENSSL_SYS_LINUX)
	298	/* use poll() */
	299	struct pollfd pset;
	300
	301	pset.fd = fd;
	302	pset.events = POLLIN;
	303	pset.revents = 0;
	304
	305	if (poll(&pset, 1, usec / 1000) < 0)
	306	usec = 0;
	307	else
	308	try_read = (pset.revents & POLLIN) != 0;
	309
	310	#else
	311	/* use select() */
	312	fd_set fset;
	313	struct timeval t;
	314
	315	t.tv_sec = 0;
	316	t.tv_usec = usec;
	317
	318	if (FD_SETSIZE > 0 && (unsigned)fd >= FD_SETSIZE)
	319	{
	320	/* can't use select, so just try to read once anyway */
	321	try_read = 1;
	322	}
	323	else
	324	{
	325	FD_ZERO(&fset);
	326	FD_SET(fd, &fset);
	327
	328	if (select(fd+1,&fset,NULL,NULL,&t) >= 0)
	329	{
	330	usec = t.tv_usec;
	331	if (FD_ISSET(fd, &fset))
	332	try_read = 1;
	333	}
	334	else
	335	usec = 0;
	336	}
	337	#endif
	338
	339	if (try_read)
	340	{
	341	r = read(fd,(unsigned char *)tmpbuf+n, ENTROPY_NEEDED-n);
	342	if (r > 0)
	343	n += r;
	344	#if defined(OPENSSL_SYS_BEOS_R5)
	345	if (r == 0)
	346	snooze(t.tv_usec);
	347	#endif
	348	}
	349	else
	350	r = -1;
	351
	352	/* Some Unixen will update t in select(), some
	353	won't. For those who won't, or if we
	354	didn't use select() in the first place,
	355	give up here, otherwise, we will do
	356	this once again for the remaining
	357	time. */
	358	if (usec == 10*1000)
	359	usec = 0;
	360	}
	361	while ((r > 0 \|\|
	362	(errno == EINTR \|\| errno == EAGAIN)) && usec != 0 && n < ENTROPY_NEEDED);
	363
	364	close(fd);
	365	}
	366	}
	367	#endif /* defined(DEVRANDOM) */
	368
	369	#ifdef DEVRANDOM_EGD
	370	/* Use an EGD socket to read entropy from an EGD or PRNGD entropy
	371	* collecting daemon. */
	372
	373	for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED; egdsocket++)
	374	{
	375	int r;
	376
	377	r = RAND_query_egd_bytes(egdsocket, (unsigned char )tmpbuf+n,
	378	ENTROPY_NEEDED-n);
	379	if (r > 0)
	380	n += r;
	381	}
	382	#endif /* defined(DEVRANDOM_EGD) */
	383
	384	#if defined(DEVRANDOM) \|\| defined(DEVRANDOM_EGD)
	385	if (n > 0)
	386	{
	387	RAND_add(tmpbuf,sizeof tmpbuf,(double)n);
	388	OPENSSL_cleanse(tmpbuf,n);
	389	}
	390	#endif
	391
	392	/* put in some default random data, we need more than just this */
	393	l=curr_pid;
	394	RAND_add(&l,sizeof(l),0.0);
	395	l=getuid();
	396	RAND_add(&l,sizeof(l),0.0);
	397
	398	l=time(NULL);
	399	RAND_add(&l,sizeof(l),0.0);
	400
	401	#if defined(OPENSSL_SYS_BEOS)
	402	{
	403	system_info sysInfo;
	404	get_system_info(&sysInfo);
	405	RAND_add(&sysInfo,sizeof(sysInfo),0);
	406	}
	407	#endif
	408
	409	#if defined(DEVRANDOM) \|\| defined(DEVRANDOM_EGD)
	410	return 1;
	411	#else
	412	return 0;
	413	#endif
	414	}
	415
	416	#endif /* defined(__OpenBSD__) */
	417	#endif /* !(defined(OPENSSL_SYS_WINDOWS) \|\| defined(OPENSSL_SYS_WIN32) \|\| defined(OPENSSL_SYS_VMS) \|\| defined(OPENSSL_SYS_OS2) \|\| defined(OPENSSL_SYS_VXWORKS) \|\| defined(OPENSSL_SYS_NETWARE)) */
	418
	419
	420	#if defined(OPENSSL_SYS_VXWORKS)
	421	int RAND_poll(void)
	422	{
	423	return 0;
	424	}
	425	#endif