4 files changed, 249 insertions, 78 deletions
diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h
index 477d7a150a..e17aa7a9f7 100644
--- a/src/lib/libcrypto/rand/rand.h
+++ b/src/lib/libcrypto/rand/rand.h
@@ -59,34 +59,68 @@
 #ifndef HEADER_RAND_H
 #define HEADER_RAND_H
+#include <stdlib.h>
+#include <openssl/ossl_typ.h>
 #ifdef  __cplusplus
 extern "C" {
 #endif
-#ifndef NOPROTO
+typedef struct rand_meth_st
+        {
+        void (*seed)(const void *buf, int num);
+        int (*bytes)(unsigned char *buf, int num);
+        void (*cleanup)(void);
+        void (*add)(const void *buf, int num, double entropy);
+        int (*pseudorand)(unsigned char *buf, int num);
+        int (*status)(void);
+        } RAND_METHOD;
+#ifdef BN_DEBUG
+extern int rand_predictable;
+#endif
+int RAND_set_rand_method(const RAND_METHOD *meth);
+const RAND_METHOD *RAND_get_rand_method(void);
+int RAND_set_rand_engine(ENGINE *engine);
+RAND_METHOD *RAND_SSLeay(void);
 void RAND_cleanup(void );
-void RAND_bytes( unsigned char *buf,int num);
+int  RAND_bytes(unsigned char *buf,int num);
-void RAND_seed( unsigned char *buf,int num);
+int  RAND_pseudo_bytes(unsigned char *buf,int num);
-int  RAND_load_file(char *file,long max_bytes);
+void RAND_seed(const void *buf,int num);
-int  RAND_write_file(char *file);
+void RAND_add(const void *buf,int num,double entropy);
-char *RAND_file_name(char *file,int num);
+int  RAND_load_file(const char *file,long max_bytes);
-#ifdef WINDOWS
+int  RAND_write_file(const char *file);
+const char *RAND_file_name(char *file,size_t num);
+int RAND_status(void);
+int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
+int RAND_egd(const char *path);
+int RAND_egd_bytes(const char *path,int bytes);
+int RAND_poll(void);
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
 void RAND_screen(void);
+int RAND_event(UINT, WPARAM, LPARAM);
 #endif
-#else
-void RAND_cleanup();
+/* BEGIN ERROR CODES */
-void RAND_bytes();
+/* The following lines are auto generated by the script mkerr.pl. Any changes
-void RAND_seed();
+ * made after this point may be overwritten when the script is next run.
-int  RAND_load_file();
+ */
-int  RAND_write_file();
+void ERR_load_RAND_strings(void);
-char *RAND_file_name();
-#ifdef WINDOWS
+/* Error codes for the RAND functions. */
-void RAND_screen();
-#endif
+/* Function codes. */
-#endif
+#define RAND_F_RAND_GET_RAND_METHOD                      101
+#define RAND_F_SSLEAY_RAND_BYTES                         100
+/* Reason codes. */
+#define RAND_R_PRNG_NOT_SEEDED                           100
 #ifdef  __cplusplus
 }
 #endif
 #endif
diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c
index d1263edf80..b77267e213 100644
--- a/src/lib/libcrypto/rand/rand_err.c
+++ b/src/lib/libcrypto/rand/rand_err.c
@@ -54,7 +54,8 @@
 */
 /* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file.
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
 */
 #include <stdio.h>
@@ -62,16 +63,17 @@
 #include <openssl/rand.h>
 /* BEGIN ERROR CODES */
-#ifndef NO_ERR
+#ifndef OPENSSL_NO_ERR
 static ERR_STRING_DATA RAND_str_functs[]=
        {
+{ERR_PACK(0,RAND_F_RAND_GET_RAND_METHOD,0),     "RAND_get_rand_method"},
 {ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0),        "SSLEAY_RAND_BYTES"},
 {0,NULL}
        };
 static ERR_STRING_DATA RAND_str_reasons[]=
        {
-{RAND_R_PRNG_NOT_SEEDED                  ,"prng not seeded"},
+{RAND_R_PRNG_NOT_SEEDED                  ,"PRNG not seeded"},
 {0,NULL}
        };
@@ -84,7 +86,7 @@ void ERR_load_RAND_strings(void)
        if (init)
                {
                init=0;
-#ifndef NO_ERR
+#ifndef OPENSSL_NO_ERR
                ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);
                ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);
 #endif
diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c
index 34c6d5b968..5cf5dc1188 100644
--- a/src/lib/libcrypto/rand/rand_lib.c
+++ b/src/lib/libcrypto/rand/rand_lib.c
@@ -57,42 +57,110 @@
 */
 #include <stdio.h>
-#include <sys/types.h>
 #include <time.h>
+#include "cryptlib.h"
 #include <openssl/rand.h>
+#include <openssl/engine.h>
-#ifdef NO_RAND
+/* non-NULL if default_RAND_meth is ENGINE-provided */
-static RAND_METHOD *rand_meth=NULL;
+static ENGINE *funct_ref =NULL;
-#else
+static const RAND_METHOD *default_RAND_meth = NULL;
-extern RAND_METHOD rand_ssleay_meth;
-static RAND_METHOD *rand_meth= &rand_ssleay_meth;
-#endif
-void RAND_set_rand_method(RAND_METHOD *meth)
+int RAND_set_rand_method(const RAND_METHOD *meth)
        {
-        rand_meth=meth;
+        if(funct_ref)
+                {
+                ENGINE_finish(funct_ref);
+                funct_ref = NULL;
+                }
+        default_RAND_meth = meth;
+        return 1;
        }
-RAND_METHOD *RAND_get_rand_method(void)
+const RAND_METHOD *RAND_get_rand_method(void)
        {
-        return(rand_meth);
+        if (!default_RAND_meth)
+                {
+                ENGINE *e = ENGINE_get_default_RAND();
+                if(e)
+                        {
+                        default_RAND_meth = ENGINE_get_RAND(e);
+                        if(!default_RAND_meth)
+                                {
+                                ENGINE_finish(e);
+                                e = NULL;
+                                }
+                        }
+                if(e)
+                        funct_ref = e;
+                else
+                        default_RAND_meth = RAND_SSLeay();
+                }
+        return default_RAND_meth;
+        }
+int RAND_set_rand_engine(ENGINE *engine)
+        {
+        const RAND_METHOD *tmp_meth = NULL;
+        if(engine)
+                {
+                if(!ENGINE_init(engine))
+                        return 0;
+                tmp_meth = ENGINE_get_RAND(engine);
+                if(!tmp_meth)
+                        {
+                        ENGINE_finish(engine);
+                        return 0;
+                        }
+                }
+        /* This function releases any prior ENGINE so call it first */
+        RAND_set_rand_method(tmp_meth);
+        funct_ref = engine;
+        return 1;
        }
 void RAND_cleanup(void)
        {
-        if (rand_meth != NULL)
+        const RAND_METHOD *meth = RAND_get_rand_method();
-                rand_meth->cleanup();
+        if (meth && meth->cleanup)
+                meth->cleanup();
+        RAND_set_rand_method(NULL);
        }
 void RAND_seed(const void *buf, int num)
        {
-        if (rand_meth != NULL)
+        const RAND_METHOD *meth = RAND_get_rand_method();
-                rand_meth->seed(buf,num);
+        if (meth && meth->seed)
+                meth->seed(buf,num);
+        }
+void RAND_add(const void *buf, int num, double entropy)
+        {
+        const RAND_METHOD *meth = RAND_get_rand_method();
+        if (meth && meth->add)
+                meth->add(buf,num,entropy);
        }
-void RAND_bytes(unsigned char *buf, int num)
+int RAND_bytes(unsigned char *buf, int num)
        {
-        if (rand_meth != NULL)
+        const RAND_METHOD *meth = RAND_get_rand_method();
-                rand_meth->bytes(buf,num);
+        if (meth && meth->bytes)
+                return meth->bytes(buf,num);
+        return(-1);
        }
+int RAND_pseudo_bytes(unsigned char *buf, int num)
+        {
+        const RAND_METHOD *meth = RAND_get_rand_method();
+        if (meth && meth->pseudorand)
+                return meth->pseudorand(buf,num);
+        return(-1);
+        }
+int RAND_status(void)
+        {
+        const RAND_METHOD *meth = RAND_get_rand_method();
+        if (meth && meth->status)
+                return meth->status();
+        return 0;
+        }
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c
index f2b3746363..982074c465 100644
--- a/src/lib/libcrypto/rand/randfile.c
+++ b/src/lib/libcrypto/rand/randfile.c
@@ -56,22 +56,41 @@
 * [including the GNU Public Licence.]
 */
+#include <errno.h>
 #include <stdio.h>
-#include "cryptlib.h"
+#include <stdlib.h>
-#include <sys/stat.h>
+#include <string.h>
-#include <sys/types.h>
-#include "rand.h"
+#include "e_os.h"
+#include <openssl/crypto.h>
+#include <openssl/rand.h>
+#ifdef OPENSSL_SYS_VMS
+#include <unixio.h>
+#endif
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#ifdef MAC_OS_pre_X
+# include <stat.h>
+#else
+# include <sys/stat.h>
+#endif
 #undef BUFSIZE
 #define BUFSIZE 1024
 #define RAND_DATA 1024
-/* #define RFILE ".rand" - defined in ../../e_os.h */
+/* #define RFILE ".rnd" - defined in ../../e_os.h */
+/* Note that these functions are intended for seed files only.
+ * Entropy devices and EGD sockets are handled in rand_unix.c */
-int RAND_load_file(file,bytes)
+int RAND_load_file(const char *file, long bytes)
-char *file;
-long bytes;
        {
+        /* If bytes >= 0, read up to 'bytes' bytes.
+         * if bytes == -1, read complete file. */
        MS_STATIC unsigned char buf[BUFSIZE];
        struct stat sb;
        int i,ret=0,n;
@@ -81,23 +100,28 @@ long bytes;
        i=stat(file,&sb);
        /* If the state fails, put some crap in anyway */
-        RAND_seed((unsigned char *)&sb,sizeof(sb));
+        RAND_add(&sb,sizeof(sb),0);
-        ret+=sizeof(sb);
        if (i < 0) return(0);
-        if (bytes <= 0) return(ret);
+        if (bytes == 0) return(ret);
-        in=fopen(file,"r");
+        in=fopen(file,"rb");
        if (in == NULL) goto err;
        for (;;)
                {
-                n=(bytes < BUFSIZE)?(int)bytes:BUFSIZE;
+                if (bytes > 0)
+                        n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE;
+                else
+                        n = BUFSIZE;
                i=fread(buf,1,n,in);
                if (i <= 0) break;
                /* even if n != i, use the full array */
-                RAND_seed(buf,n);
+                RAND_add(buf,n,i);
                ret+=i;
-                bytes-=n;
+                if (bytes > 0)
-                if (bytes <= 0) break;
+                        {
+                        bytes-=n;
+                        if (bytes <= 0) break;
+                        }
                }
        fclose(in);
        memset(buf,0,BUFSIZE);
@@ -105,23 +129,36 @@ err:
        return(ret);
        }
-int RAND_write_file(file)
+int RAND_write_file(const char *file)
-char *file;
        {
        unsigned char buf[BUFSIZE];
-        int i,ret=0;
+        int i,ret=0,rand_err=0;
-        FILE *out;
+        FILE *out = NULL;
        int n;
+        
-        out=fopen(file,"w");
+#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32)
+        /* For some reason Win32 can't write to files created this way */
+        
+        /* chmod(..., 0600) is too late to protect the file,
+         * permissions should be restrictive from the start */
+        int fd = open(file, O_CREAT, 0600);
+        if (fd != -1)
+                out = fdopen(fd, "wb");
+#endif
+        if (out == NULL)
+                out = fopen(file,"wb");
        if (out == NULL) goto err;
+#ifndef NO_CHMOD
        chmod(file,0600);
+#endif
        n=RAND_DATA;
        for (;;)
                {
                i=(n > BUFSIZE)?BUFSIZE:n;
                n-=BUFSIZE;
-                RAND_bytes(buf,i);
+                if (RAND_bytes(buf,i) <= 0)
+                        rand_err=1;
                i=fwrite(buf,1,i,out);
                if (i <= 0)
                        {
@@ -130,21 +167,40 @@ char *file;
                        }
                ret+=i;
                if (n <= 0) break;
+                }
+#ifdef OPENSSL_SYS_VMS
+        /* Try to delete older versions of the file, until there aren't
+           any */
+        {
+        char *tmpf;
+        tmpf = OPENSSL_malloc(strlen(file) + 4);  /* to add ";-1" and a nul */
+        if (tmpf)
+                {
+                strcpy(tmpf, file);
+                strcat(tmpf, ";-1");
+                while(delete(tmpf) == 0)
+                        ;
+                rename(file,";1"); /* Make sure it's version 1, or we
+                                      will reach the limit (32767) at
+                                      some point... */
                }
+        }
+#endif /* OPENSSL_SYS_VMS */
        fclose(out);
        memset(buf,0,BUFSIZE);
 err:
-        return(ret);
+        return (rand_err ? -1 : ret);
        }
-char *RAND_file_name(buf,size)
+const char *RAND_file_name(char *buf, size_t size)
-char *buf;
-int size;
        {
-        char *s;
+        char *s=NULL;
        char *ret=NULL;
-        s=getenv("RANDFILE");
+        if (OPENSSL_issetugid() == 0)
+                s=getenv("RANDFILE");
        if (s != NULL)
                {
                strncpy(buf,s,size-1);
@@ -153,14 +209,25 @@ int size;
                }
        else
                {
-                s=getenv("HOME");
+                if (OPENSSL_issetugid() == 0)
-                if (s == NULL) return(RFILE);
+                        s=getenv("HOME");
-                if (((int)(strlen(s)+strlen(RFILE)+2)) > size)
+#ifdef DEFAULT_HOME
-                        return(RFILE);
+                if (s == NULL)
-                strcpy(buf,s);
+                        {
-                strcat(buf,"/");
+                        s = DEFAULT_HOME;
-                strcat(buf,RFILE);
+                        }
-                ret=buf;
+#endif
+                if (s != NULL && (strlen(s)+strlen(RFILE)+2 < size))
+                        {
+                        strcpy(buf,s);
+#ifndef OPENSSL_SYS_VMS
+                        strcat(buf,"/");
+#endif
+                        strcat(buf,RFILE);
+                        ret=buf;
+                        }
+                else
+                        buf[0] = '\0'; /* no file name */
                }
        return(ret);
        }

diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h index 477d7a150a..e17aa7a9f7 100644 --- a/src/lib/libcrypto/rand/rand.h +++ b/src/lib/libcrypto/rand/rand.h
@@ -59,34 +59,68 @@
59	#ifndef HEADER_RAND_H	59	#ifndef HEADER_RAND_H
60	#define HEADER_RAND_H	60	#define HEADER_RAND_H
61		61
		62	#include <stdlib.h>
		63	#include <openssl/ossl_typ.h>
		64
62	#ifdef __cplusplus	65	#ifdef __cplusplus
63	extern "C" {	66	extern "C" {
64	#endif	67	#endif
65		68
66	#ifndef NOPROTO	69	typedef struct rand_meth_st
		70	{
		71	void (seed)(const void buf, int num);
		72	int (bytes)(unsigned char buf, int num);
		73	void (*cleanup)(void);
		74	void (add)(const void buf, int num, double entropy);
		75	int (pseudorand)(unsigned char buf, int num);
		76	int (*status)(void);
		77	} RAND_METHOD;
		78
		79	#ifdef BN_DEBUG
		80	extern int rand_predictable;
		81	#endif
		82
		83	int RAND_set_rand_method(const RAND_METHOD *meth);
		84	const RAND_METHOD *RAND_get_rand_method(void);
		85	int RAND_set_rand_engine(ENGINE *engine);
		86	RAND_METHOD *RAND_SSLeay(void);
67	void RAND_cleanup(void );	87	void RAND_cleanup(void );
68	void RAND_bytes( unsigned char *buf,int num);	88	int RAND_bytes(unsigned char *buf,int num);
69	void RAND_seed( unsigned char *buf,int num);	89	int RAND_pseudo_bytes(unsigned char *buf,int num);
70	int RAND_load_file(char *file,long max_bytes);	90	void RAND_seed(const void *buf,int num);
71	int RAND_write_file(char *file);	91	void RAND_add(const void *buf,int num,double entropy);
72	char RAND_file_name(char file,int num);	92	int RAND_load_file(const char *file,long max_bytes);
73	#ifdef WINDOWS	93	int RAND_write_file(const char *file);
		94	const char RAND_file_name(char file,size_t num);
		95	int RAND_status(void);
		96	int RAND_query_egd_bytes(const char path, unsigned char buf, int bytes);
		97	int RAND_egd(const char *path);
		98	int RAND_egd_bytes(const char *path,int bytes);
		99	int RAND_poll(void);
		100
		101	#if defined(OPENSSL_SYS_WINDOWS) \|\| defined(OPENSSL_SYS_WIN32)
		102
74	void RAND_screen(void);	103	void RAND_screen(void);
		104	int RAND_event(UINT, WPARAM, LPARAM);
		105
75	#endif	106	#endif
76	#else	107
77	void RAND_cleanup();	108	/* BEGIN ERROR CODES */
78	void RAND_bytes();	109	/* The following lines are auto generated by the script mkerr.pl. Any changes
79	void RAND_seed();	110	* made after this point may be overwritten when the script is next run.
80	int RAND_load_file();	111	*/
81	int RAND_write_file();	112	void ERR_load_RAND_strings(void);
82	char *RAND_file_name();	113
83	#ifdef WINDOWS	114	/* Error codes for the RAND functions. */
84	void RAND_screen();	115
85	#endif	116	/* Function codes. */
86	#endif	117	#define RAND_F_RAND_GET_RAND_METHOD 101
		118	#define RAND_F_SSLEAY_RAND_BYTES 100
		119
		120	/* Reason codes. */
		121	#define RAND_R_PRNG_NOT_SEEDED 100
87		122
88	#ifdef __cplusplus	123	#ifdef __cplusplus
89	}	124	}
90	#endif	125	#endif
91
92	#endif	126	#endif


diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c index d1263edf80..b77267e213 100644 --- a/src/lib/libcrypto/rand/rand_err.c +++ b/src/lib/libcrypto/rand/rand_err.c
@@ -54,7 +54,8 @@
54	*/	54	*/
55		55
56	/* NOTE: this file was auto generated by the mkerr.pl script: any changes	56	/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57	* made to it will be overwritten when the script next updates this file.	57	* made to it will be overwritten when the script next updates this file,
		58	* only reason strings will be preserved.
58	*/	59	*/
59		60
60	#include <stdio.h>	61	#include <stdio.h>
@@ -62,16 +63,17 @@
62	#include <openssl/rand.h>	63	#include <openssl/rand.h>
63		64
64	/* BEGIN ERROR CODES */	65	/* BEGIN ERROR CODES */
65	#ifndef NO_ERR	66	#ifndef OPENSSL_NO_ERR
66	static ERR_STRING_DATA RAND_str_functs[]=	67	static ERR_STRING_DATA RAND_str_functs[]=
67	{	68	{
		69	{ERR_PACK(0,RAND_F_RAND_GET_RAND_METHOD,0), "RAND_get_rand_method"},
68	{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0), "SSLEAY_RAND_BYTES"},	70	{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0), "SSLEAY_RAND_BYTES"},
69	{0,NULL}	71	{0,NULL}
70	};	72	};
71		73
72	static ERR_STRING_DATA RAND_str_reasons[]=	74	static ERR_STRING_DATA RAND_str_reasons[]=
73	{	75	{
74	{RAND_R_PRNG_NOT_SEEDED ,"prng not seeded"},	76	{RAND_R_PRNG_NOT_SEEDED ,"PRNG not seeded"},
75	{0,NULL}	77	{0,NULL}
76	};	78	};
77		79
@@ -84,7 +86,7 @@ void ERR_load_RAND_strings(void)
84	if (init)	86	if (init)
85	{	87	{
86	init=0;	88	init=0;
87	#ifndef NO_ERR	89	#ifndef OPENSSL_NO_ERR
88	ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);	90	ERR_load_strings(ERR_LIB_RAND,RAND_str_functs);
89	ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);	91	ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons);
90	#endif	92	#endif


diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c index 34c6d5b968..5cf5dc1188 100644 --- a/src/lib/libcrypto/rand/rand_lib.c +++ b/src/lib/libcrypto/rand/rand_lib.c
@@ -57,42 +57,110 @@
57	*/	57	*/
58		58
59	#include <stdio.h>	59	#include <stdio.h>
60	#include <sys/types.h>
61	#include <time.h>	60	#include <time.h>
		61	#include "cryptlib.h"
62	#include <openssl/rand.h>	62	#include <openssl/rand.h>
		63	#include <openssl/engine.h>
63		64
64	#ifdef NO_RAND	65	/* non-NULL if default_RAND_meth is ENGINE-provided */
65	static RAND_METHOD *rand_meth=NULL;	66	static ENGINE *funct_ref =NULL;
66	#else	67	static const RAND_METHOD *default_RAND_meth = NULL;
67	extern RAND_METHOD rand_ssleay_meth;
68	static RAND_METHOD *rand_meth= &rand_ssleay_meth;
69	#endif
70		68
71	void RAND_set_rand_method(RAND_METHOD *meth)	69	int RAND_set_rand_method(const RAND_METHOD *meth)
72	{	70	{
73	rand_meth=meth;	71	if(funct_ref)
		72	{
		73	ENGINE_finish(funct_ref);
		74	funct_ref = NULL;
		75	}
		76	default_RAND_meth = meth;
		77	return 1;
74	}	78	}
75		79
76	RAND_METHOD *RAND_get_rand_method(void)	80	const RAND_METHOD *RAND_get_rand_method(void)
77	{	81	{
78	return(rand_meth);	82	if (!default_RAND_meth)
		83	{
		84	ENGINE *e = ENGINE_get_default_RAND();
		85	if(e)
		86	{
		87	default_RAND_meth = ENGINE_get_RAND(e);
		88	if(!default_RAND_meth)
		89	{
		90	ENGINE_finish(e);
		91	e = NULL;
		92	}
		93	}
		94	if(e)
		95	funct_ref = e;
		96	else
		97	default_RAND_meth = RAND_SSLeay();
		98	}
		99	return default_RAND_meth;
		100	}
		101
		102	int RAND_set_rand_engine(ENGINE *engine)
		103	{
		104	const RAND_METHOD *tmp_meth = NULL;
		105	if(engine)
		106	{
		107	if(!ENGINE_init(engine))
		108	return 0;
		109	tmp_meth = ENGINE_get_RAND(engine);
		110	if(!tmp_meth)
		111	{
		112	ENGINE_finish(engine);
		113	return 0;
		114	}
		115	}
		116	/* This function releases any prior ENGINE so call it first */
		117	RAND_set_rand_method(tmp_meth);
		118	funct_ref = engine;
		119	return 1;
79	}	120	}
80		121
81	void RAND_cleanup(void)	122	void RAND_cleanup(void)
82	{	123	{
83	if (rand_meth != NULL)	124	const RAND_METHOD *meth = RAND_get_rand_method();
84	rand_meth->cleanup();	125	if (meth && meth->cleanup)
		126	meth->cleanup();
		127	RAND_set_rand_method(NULL);
85	}	128	}
86		129
87	void RAND_seed(const void *buf, int num)	130	void RAND_seed(const void *buf, int num)
88	{	131	{
89	if (rand_meth != NULL)	132	const RAND_METHOD *meth = RAND_get_rand_method();
90	rand_meth->seed(buf,num);	133	if (meth && meth->seed)
		134	meth->seed(buf,num);
		135	}
		136
		137	void RAND_add(const void *buf, int num, double entropy)
		138	{
		139	const RAND_METHOD *meth = RAND_get_rand_method();
		140	if (meth && meth->add)
		141	meth->add(buf,num,entropy);
91	}	142	}
92		143
93	void RAND_bytes(unsigned char *buf, int num)	144	int RAND_bytes(unsigned char *buf, int num)
94	{	145	{
95	if (rand_meth != NULL)	146	const RAND_METHOD *meth = RAND_get_rand_method();
96	rand_meth->bytes(buf,num);	147	if (meth && meth->bytes)
		148	return meth->bytes(buf,num);
		149	return(-1);
97	}	150	}
98		151
		152	int RAND_pseudo_bytes(unsigned char *buf, int num)
		153	{
		154	const RAND_METHOD *meth = RAND_get_rand_method();
		155	if (meth && meth->pseudorand)
		156	return meth->pseudorand(buf,num);
		157	return(-1);
		158	}
		159
		160	int RAND_status(void)
		161	{
		162	const RAND_METHOD *meth = RAND_get_rand_method();
		163	if (meth && meth->status)
		164	return meth->status();
		165	return 0;
		166	}


diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c index f2b3746363..982074c465 100644 --- a/src/lib/libcrypto/rand/randfile.c +++ b/src/lib/libcrypto/rand/randfile.c
@@ -56,22 +56,41 @@
56	* [including the GNU Public Licence.]	56	* [including the GNU Public Licence.]
57	*/	57	*/
58		58
		59	#include <errno.h>
59	#include <stdio.h>	60	#include <stdio.h>
60	#include "cryptlib.h"	61	#include <stdlib.h>
61	#include <sys/stat.h>	62	#include <string.h>
62	#include <sys/types.h>	63
63	#include "rand.h"	64	#include "e_os.h"
		65	#include <openssl/crypto.h>
		66	#include <openssl/rand.h>
		67
		68	#ifdef OPENSSL_SYS_VMS
		69	#include <unixio.h>
		70	#endif
		71	#ifndef NO_SYS_TYPES_H
		72	# include <sys/types.h>
		73	#endif
		74	#ifdef MAC_OS_pre_X
		75	# include <stat.h>
		76	#else
		77	# include <sys/stat.h>
		78	#endif
64		79
65	#undef BUFSIZE	80	#undef BUFSIZE
66	#define BUFSIZE 1024	81	#define BUFSIZE 1024
67	#define RAND_DATA 1024	82	#define RAND_DATA 1024
68		83
69	/* #define RFILE ".rand" - defined in ../../e_os.h */	84	/* #define RFILE ".rnd" - defined in ../../e_os.h */
		85
		86	/* Note that these functions are intended for seed files only.
		87	* Entropy devices and EGD sockets are handled in rand_unix.c */
70		88
71	int RAND_load_file(file,bytes)	89	int RAND_load_file(const char *file, long bytes)
72	char *file;
73	long bytes;
74	{	90	{
		91	/* If bytes >= 0, read up to 'bytes' bytes.
		92	* if bytes == -1, read complete file. */
		93
75	MS_STATIC unsigned char buf[BUFSIZE];	94	MS_STATIC unsigned char buf[BUFSIZE];
76	struct stat sb;	95	struct stat sb;
77	int i,ret=0,n;	96	int i,ret=0,n;
@@ -81,23 +100,28 @@ long bytes;
81		100
82	i=stat(file,&sb);	101	i=stat(file,&sb);
83	/* If the state fails, put some crap in anyway */	102	/* If the state fails, put some crap in anyway */
84	RAND_seed((unsigned char *)&sb,sizeof(sb));	103	RAND_add(&sb,sizeof(sb),0);
85	ret+=sizeof(sb);
86	if (i < 0) return(0);	104	if (i < 0) return(0);
87	if (bytes <= 0) return(ret);	105	if (bytes == 0) return(ret);
88		106
89	in=fopen(file,"r");	107	in=fopen(file,"rb");
90	if (in == NULL) goto err;	108	if (in == NULL) goto err;
91	for (;;)	109	for (;;)
92	{	110	{
93	n=(bytes < BUFSIZE)?(int)bytes:BUFSIZE;	111	if (bytes > 0)
		112	n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE;
		113	else
		114	n = BUFSIZE;
94	i=fread(buf,1,n,in);	115	i=fread(buf,1,n,in);
95	if (i <= 0) break;	116	if (i <= 0) break;
96	/* even if n != i, use the full array */	117	/* even if n != i, use the full array */
97	RAND_seed(buf,n);	118	RAND_add(buf,n,i);
98	ret+=i;	119	ret+=i;
99	bytes-=n;	120	if (bytes > 0)
100	if (bytes <= 0) break;	121	{
		122	bytes-=n;
		123	if (bytes <= 0) break;
		124	}
101	}	125	}
102	fclose(in);	126	fclose(in);
103	memset(buf,0,BUFSIZE);	127	memset(buf,0,BUFSIZE);
@@ -105,23 +129,36 @@ err:
105	return(ret);	129	return(ret);
106	}	130	}
107		131
108	int RAND_write_file(file)	132	int RAND_write_file(const char *file)
109	char *file;
110	{	133	{
111	unsigned char buf[BUFSIZE];	134	unsigned char buf[BUFSIZE];
112	int i,ret=0;	135	int i,ret=0,rand_err=0;
113	FILE *out;	136	FILE *out = NULL;
114	int n;	137	int n;
115		138
116	out=fopen(file,"w");	139	#if defined(O_CREAT) && !defined(OPENSSL_SYS_WIN32)
		140	/* For some reason Win32 can't write to files created this way */
		141
		142	/* chmod(..., 0600) is too late to protect the file,
		143	* permissions should be restrictive from the start */
		144	int fd = open(file, O_CREAT, 0600);
		145	if (fd != -1)
		146	out = fdopen(fd, "wb");
		147	#endif
		148	if (out == NULL)
		149	out = fopen(file,"wb");
117	if (out == NULL) goto err;	150	if (out == NULL) goto err;
		151
		152	#ifndef NO_CHMOD
118	chmod(file,0600);	153	chmod(file,0600);
		154	#endif
119	n=RAND_DATA;	155	n=RAND_DATA;
120	for (;;)	156	for (;;)
121	{	157	{
122	i=(n > BUFSIZE)?BUFSIZE:n;	158	i=(n > BUFSIZE)?BUFSIZE:n;
123	n-=BUFSIZE;	159	n-=BUFSIZE;
124	RAND_bytes(buf,i);	160	if (RAND_bytes(buf,i) <= 0)
		161	rand_err=1;
125	i=fwrite(buf,1,i,out);	162	i=fwrite(buf,1,i,out);
126	if (i <= 0)	163	if (i <= 0)
127	{	164	{
@@ -130,21 +167,40 @@ char *file;
130	}	167	}
131	ret+=i;	168	ret+=i;
132	if (n <= 0) break;	169	if (n <= 0) break;
		170	}
		171	#ifdef OPENSSL_SYS_VMS
		172	/* Try to delete older versions of the file, until there aren't
		173	any */
		174	{
		175	char *tmpf;
		176
		177	tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */
		178	if (tmpf)
		179	{
		180	strcpy(tmpf, file);
		181	strcat(tmpf, ";-1");
		182	while(delete(tmpf) == 0)
		183	;
		184	rename(file,";1"); /* Make sure it's version 1, or we
		185	will reach the limit (32767) at
		186	some point... */
133	}	187	}
		188	}
		189	#endif /* OPENSSL_SYS_VMS */
		190
134	fclose(out);	191	fclose(out);
135	memset(buf,0,BUFSIZE);	192	memset(buf,0,BUFSIZE);
136	err:	193	err:
137	return(ret);	194	return (rand_err ? -1 : ret);
138	}	195	}
139		196
140	char *RAND_file_name(buf,size)	197	const char RAND_file_name(char buf, size_t size)
141	char *buf;
142	int size;
143	{	198	{
144	char *s;	199	char *s=NULL;
145	char *ret=NULL;	200	char *ret=NULL;
146		201
147	s=getenv("RANDFILE");	202	if (OPENSSL_issetugid() == 0)
		203	s=getenv("RANDFILE");
148	if (s != NULL)	204	if (s != NULL)
149	{	205	{
150	strncpy(buf,s,size-1);	206	strncpy(buf,s,size-1);
@@ -153,14 +209,25 @@ int size;
153	}	209	}
154	else	210	else
155	{	211	{
156	s=getenv("HOME");	212	if (OPENSSL_issetugid() == 0)
157	if (s == NULL) return(RFILE);	213	s=getenv("HOME");
158	if (((int)(strlen(s)+strlen(RFILE)+2)) > size)	214	#ifdef DEFAULT_HOME
159	return(RFILE);	215	if (s == NULL)
160	strcpy(buf,s);	216	{
161	strcat(buf,"/");	217	s = DEFAULT_HOME;
162	strcat(buf,RFILE);	218	}
163	ret=buf;	219	#endif
		220	if (s != NULL && (strlen(s)+strlen(RFILE)+2 < size))
		221	{
		222	strcpy(buf,s);
		223	#ifndef OPENSSL_SYS_VMS
		224	strcat(buf,"/");
		225	#endif
		226	strcat(buf,RFILE);
		227	ret=buf;
		228	}
		229	else
		230	buf[0] = '\0'; /* no file name */
164	}	231	}
165	return(ret);	232	return(ret);
166	}	233	}