Commit 810ef917 authored by Rich Salz's avatar Rich Salz
Browse files

Undo commit de02ec27 



Original text:
    Check if a random "file" is really a device file, and treat it
    specially if it is.
    Add a few OpenBSD-specific cases.
    This is part of a large change submitted by Markus Friedl <markus@openbsd.or

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3700)
parent f4725608

crypto/rand/rand_unix.c

+1 −18
Original line number Diff line number Diff line
@@ -121,24 +121,7 @@ int RAND_poll(void) 
    }

    return 1;

}

# elif defined __OpenBSD__

int RAND_poll(void)

{

    u_int32_t rnd = 0, i;

    unsigned char buf[ENTROPY_NEEDED];



    for (i = 0; i < sizeof(buf); i++) {

        if (i % 4 == 0)

            rnd = arc4random();

        buf[i] = rnd;

        rnd >>= 8;

    }

    RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);

    OPENSSL_cleanse(buf, sizeof(buf));



    return 1;

}

# else                          /* !defined(__OpenBSD__) */

# else

int RAND_poll(void)

{

    unsigned long l;

crypto/rand/randfile.c

+0 −41
Original line number Diff line number Diff line
@@ -145,17 +145,6 @@ int RAND_load_file(const char *file, long bytes) 
        goto err;

    RAND_add(&sb, sizeof(sb), 0.0);



# if defined(S_ISBLK) && defined(S_ISCHR)

    if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {

        /*

         * this file is a device. we don't want read an infinite number of

         * bytes from a random device, nor do we want to use buffered I/O

         * because we will waste system entropy.

         */

        bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */

        setbuf(in, NULL); /* don't do buffered reads */

    }

# endif

#endif

    for (;;) {

        if (bytes > 0)
@@ -188,7 +177,6 @@ int RAND_write_file(const char *file) 
    FILE *out = NULL;

    int n;

#ifndef OPENSSL_NO_POSIX_IO

    struct stat sb;



# if defined(S_ISBLK) && defined(S_ISCHR)

# ifdef _WIN32
@@ -197,18 +185,6 @@ int RAND_write_file(const char *file) 
     * because driver paths are always ASCII.

     */

# endif

    i = stat(file, &sb);

    if (i != -1) {

        if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {

            /*

             * this file is a device. we don't write back to it. we

             * "succeed" on the assumption this is some sort of random

             * device. Otherwise attempting to write to and chmod the device

             * causes problems.

             */

            return 1;

        }

    }

# endif

#endif
@@ -283,9 +259,6 @@ const char *RAND_file_name(char *buf, size_t size) 
{

    char *s = NULL;

    int use_randfile = 1;

#ifdef __OpenBSD__

    struct stat sb;

#endif



#if defined(_WIN32) && defined(CP_UTF8)

    DWORD len;
@@ -348,19 +321,5 @@ const char *RAND_file_name(char *buf, size_t size) 
        buf[0] = '\0';      /* no file name */

    }



#ifdef __OpenBSD__

    /*

     * given that all random loads just fail if the file can't be seen on a

     * stat, we stat the file we're returning, if it fails, use /dev/arandom

     * instead. this allows the user to use their own source for good random

     * data, but defaults to something hopefully decent if that isn't

     * available.

     */



    if (!buf[0] || stat(buf, &sb) == -1)

        if (OPENSSL_strlcpy(buf, "/dev/arandom", size) >= size) {

            return NULL;

        }

#endif

    return buf[0] ? buf : NULL;

}