Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-9]: src/crypto/external/bsd/openssl/dist/crypto/rand Pull up foll...
details: https://anonhg.NetBSD.org/src/rev/ceaa14ab449f
branches: netbsd-9
changeset: 963847:ceaa14ab449f
user: martin <martin%NetBSD.org@localhost>
date: Thu Apr 30 16:17:04 2020 +0000
description:
Pull up following revision(s) (requested by nia in ticket #878):
crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c: revision 1.16
Fix the detection of KERN_ARND by OpenSSL.
Firstly, include the correct headers. Then, make sure that requests
never exceed 256 bytes.
Disable a hack for old FreeBSD versions, just in case it actually gets
used.
This should mean that OpenSSL doesn't ever fall back to reading from
/dev/urandom.
XXX pullup, XXX upstream.
diffstat:
crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c | 9 ++++++---
1 files changed, 6 insertions(+), 3 deletions(-)
diffs (41 lines):
diff -r 3bc1205bea20 -r ceaa14ab449f crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c
--- a/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c Thu Apr 30 16:05:18 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c Thu Apr 30 16:17:04 2020 +0000
@@ -26,12 +26,12 @@
# include <sys/utsname.h>
# endif
#endif
-#if defined(__FreeBSD__) && !defined(OPENSSL_SYS_UEFI)
+#if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(OPENSSL_SYS_UEFI)
# include <sys/types.h>
# include <sys/sysctl.h>
# include <sys/param.h>
#endif
-#if defined(__OpenBSD__) || defined(__NetBSD__)
+#if defined(__OpenBSD__)
# include <sys/param.h>
#endif
@@ -247,10 +247,12 @@
* when the sysctl returns long and we want to request something not a
* multiple of longs, which should never be the case.
*/
+#if defined(__FreeBSD__)
if (!ossl_assert(buflen % sizeof(long) == 0)) {
errno = EINVAL;
return -1;
}
+#endif
/*
* On NetBSD before 4.0 KERN_ARND was an alias for KERN_URND, and only
@@ -268,7 +270,8 @@
mib[1] = KERN_ARND;
do {
- len = buflen;
+ /* On NetBSD, KERN_ARND fails if more than 256 bytes are requested */
+ len = buflen > 256 ? 256 : buflen;
if (sysctl(mib, 2, buf, &len, NULL, 0) == -1)
return done > 0 ? done : -1;
done += len;
Home |
Main Index |
Thread Index |
Old Index