diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/rand/randfile.c | 19 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/rand/randfile.c | 19 |
2 files changed, 28 insertions, 10 deletions
diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c index 9ff3974cc7..4a994bf73b 100644 --- a/src/lib/libcrypto/rand/randfile.c +++ b/src/lib/libcrypto/rand/randfile.c | |||
| @@ -97,13 +97,22 @@ int RAND_load_file(const char *file, long bytes) | |||
| 97 | if (file == NULL) return(0); | 97 | if (file == NULL) return(0); |
| 98 | 98 | ||
| 99 | i=stat(file,&sb); | 99 | i=stat(file,&sb); |
| 100 | /* If the state fails, put some crap in anyway */ | 100 | if (i < 0) { |
| 101 | RAND_add(&sb,sizeof(sb),0); | 101 | /* If the state fails, put some crap in anyway */ |
| 102 | if (i < 0) return(0); | 102 | RAND_add(&sb,sizeof(sb),0); |
| 103 | return(0); | ||
| 104 | } | ||
| 103 | if (bytes == 0) return(ret); | 105 | if (bytes == 0) return(ret); |
| 104 | |||
| 105 | in=fopen(file,"rb"); | 106 | in=fopen(file,"rb"); |
| 106 | if (in == NULL) goto err; | 107 | if (in == NULL) goto err; |
| 108 | if (sb.st_mode & (S_IFBLK | S_IFCHR)) { | ||
| 109 | /* this file is a device. we don't want read an infinite number | ||
| 110 | * of bytes from a random device, nor do we want to use buffered | ||
| 111 | * I/O because we will waste system entropy. | ||
| 112 | */ | ||
| 113 | bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */ | ||
| 114 | setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */ | ||
| 115 | } | ||
| 107 | for (;;) | 116 | for (;;) |
| 108 | { | 117 | { |
| 109 | if (bytes > 0) | 118 | if (bytes > 0) |
| @@ -118,7 +127,7 @@ int RAND_load_file(const char *file, long bytes) | |||
| 118 | if (bytes > 0) | 127 | if (bytes > 0) |
| 119 | { | 128 | { |
| 120 | bytes-=n; | 129 | bytes-=n; |
| 121 | if (bytes == 0) break; | 130 | if (bytes <= 0) break; |
| 122 | } | 131 | } |
| 123 | } | 132 | } |
| 124 | fclose(in); | 133 | fclose(in); |
diff --git a/src/lib/libssl/src/crypto/rand/randfile.c b/src/lib/libssl/src/crypto/rand/randfile.c index 9ff3974cc7..4a994bf73b 100644 --- a/src/lib/libssl/src/crypto/rand/randfile.c +++ b/src/lib/libssl/src/crypto/rand/randfile.c | |||
| @@ -97,13 +97,22 @@ int RAND_load_file(const char *file, long bytes) | |||
| 97 | if (file == NULL) return(0); | 97 | if (file == NULL) return(0); |
| 98 | 98 | ||
| 99 | i=stat(file,&sb); | 99 | i=stat(file,&sb); |
| 100 | /* If the state fails, put some crap in anyway */ | 100 | if (i < 0) { |
| 101 | RAND_add(&sb,sizeof(sb),0); | 101 | /* If the state fails, put some crap in anyway */ |
| 102 | if (i < 0) return(0); | 102 | RAND_add(&sb,sizeof(sb),0); |
| 103 | return(0); | ||
| 104 | } | ||
| 103 | if (bytes == 0) return(ret); | 105 | if (bytes == 0) return(ret); |
| 104 | |||
| 105 | in=fopen(file,"rb"); | 106 | in=fopen(file,"rb"); |
| 106 | if (in == NULL) goto err; | 107 | if (in == NULL) goto err; |
| 108 | if (sb.st_mode & (S_IFBLK | S_IFCHR)) { | ||
| 109 | /* this file is a device. we don't want read an infinite number | ||
| 110 | * of bytes from a random device, nor do we want to use buffered | ||
| 111 | * I/O because we will waste system entropy. | ||
| 112 | */ | ||
| 113 | bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */ | ||
| 114 | setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */ | ||
| 115 | } | ||
| 107 | for (;;) | 116 | for (;;) |
| 108 | { | 117 | { |
| 109 | if (bytes > 0) | 118 | if (bytes > 0) |
| @@ -118,7 +127,7 @@ int RAND_load_file(const char *file, long bytes) | |||
| 118 | if (bytes > 0) | 127 | if (bytes > 0) |
| 119 | { | 128 | { |
| 120 | bytes-=n; | 129 | bytes-=n; |
| 121 | if (bytes == 0) break; | 130 | if (bytes <= 0) break; |
| 122 | } | 131 | } |
| 123 | } | 132 | } |
| 124 | fclose(in); | 133 | fclose(in); |