[openssl] OpenSSL_1_1_1-stable update

Dr. Paul Dale pauli at openssl.org
Thu Aug 29 21:58:10 UTC 2019


The branch OpenSSL_1_1_1-stable has been updated
       via  f493bd6f94c646ba1d96d95f4e5c2a828c668f42 (commit)
      from  51e236df41871871dabd2f5f7156e27a0eef3b3b (commit)


- Log -----------------------------------------------------------------
commit f493bd6f94c646ba1d96d95f4e5c2a828c668f42
Author: Pauli <paul.dale at oracle.com>
Date:   Fri Aug 30 07:29:35 2019 +1000

    Fix NITs in comments and CHANGES for DEVRANDOM seeded check.
    
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/9734)
    
    (cherry picked from commit 46a9cc9451213039fd53f62733b2ccd04e853bb2)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES                 | 9 +++++++++
 crypto/rand/rand_unix.c | 4 ++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index 4f979c4826..42504be4ac 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,15 @@
 
  Changes between 1.1.1c and 1.1.1d [xx XXX xxxx]
 
+  *) Early start up entropy quality from the DEVRANDOM seed source has been
+     improved for older Linux systems.  The RAND subsystem will wait for
+     /dev/random to be producing output before seeding from /dev/urandom.
+     The seeded state is stored for future library initialisations using
+     a system global shared memory segment.  The shared memory identifier
+     can be configured by defining OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID to
+     the desired value.  The default identifier is 114.
+     [Paul Dale]
+
    *) Early start up entropy quality from the DEVRANDOM seed source has been
       improved for older Linux systems.  The RAND subsystem will wait for
       /dev/random to be producing output before seeding from /dev/urandom.
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 258fef7eb0..e57b6dd893 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -388,7 +388,7 @@ static int wait_random_seeded(void)
     fd_set fds;
 
     if (!seeded) {
-        /* See if anthing has created the global seeded indication */
+        /* See if anything has created the global seeded indication */
         if ((shm_id = shmget(OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID, 1, 0)) == -1) {
             /*
              * Check the kernel's version and fail if it is too recent.
@@ -422,7 +422,7 @@ static int wait_random_seeded(void)
                 close(fd);
                 if (r == 1) {
                     seeded = 1;
-                    /* Craete the shared memory indicator */
+                    /* Create the shared memory indicator */
                     shm_id = shmget(OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID, 1,
                                     IPC_CREAT | S_IRUSR | S_IRGRP | S_IROTH);
                 }


More information about the openssl-commits mailing list