[src/trunk]: src/crypto/external/bsd/openssl/dist/crypto/rand Re-check the en...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/crypto/external/bsd/openssl/dist/crypto/rand Re-check the en...
From: tls <tls%NetBSD.org@localhost>
Date: Tue, 07 Apr 2020 01:05:43 +0000

details:   https://anonhg.NetBSD.org/src/rev/d2af6819ac7b
branches:  trunk
changeset: 788916:d2af6819ac7b
user:      tls <tls%NetBSD.org@localhost>
date:      Sun Jul 28 14:13:29 2013 +0000

description:
Re-check the entropy level after we call RAND_poll(), so that we do
not continuously suck data out of /dev/urandom if we receive a stream
of requests larger than the initial-entropy threshold (hi Roland!).

diffstat:

 crypto/external/bsd/openssl/dist/crypto/rand/md_rand.c |  5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

diffs (15 lines):

diff -r d1c96521c0e1 -r d2af6819ac7b crypto/external/bsd/openssl/dist/crypto/rand/md_rand.c
--- a/crypto/external/bsd/openssl/dist/crypto/rand/md_rand.c    Sun Jul 28 14:02:56 2013 +0000
+++ b/crypto/external/bsd/openssl/dist/crypto/rand/md_rand.c    Sun Jul 28 14:13:29 2013 +0000
@@ -397,6 +397,11 @@
                RAND_poll();
                ok = (entropy >= ENTROPY_NEEDED);
 
+               }
+
+       if (!ok)
+               {
+
                /* If the PRNG state is not yet unpredictable, then seeing
                 * the PRNG output may help attackers to determine the new
                 * state; thus we have to decrease the entropy estimate.

Prev by Date: [src/trunk]: src/lib/libc/sys Add unlinkat(2) specific errors.
Next by Date: [src/trunk]: src/distrib/sets/lists/base Update sets lists for new bind9 and ...
Previous by Thread: [src/trunk]: src/lib/libc/sys Add unlinkat(2) specific errors.
Next by Thread: [src/trunk]: src/distrib/sets/lists/base Update sets lists for new bind9 and ...
Indexes:

Home | Main Index | Thread Index | Old Index