[openssl] OpenSSL_1_1_1-stable update

matthias.st.pierre at ncp-e.com matthias.st.pierre at ncp-e.com
Fri Oct 18 22:09:01 UTC 2019


The branch OpenSSL_1_1_1-stable has been updated
       via  7b18d1a53f932391bbc599a4717d6f98a597849c (commit)
       via  10cb54d75b401f034ead4e59fe1e2fba166085d3 (commit)
      from  aa20a9b3e098f8ed95184a33ffbf2166039f2fd1 (commit)


- Log -----------------------------------------------------------------
commit 7b18d1a53f932391bbc599a4717d6f98a597849c
Author: Dr. Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
Date:   Mon Sep 30 01:00:59 2019 +0200

    Move random-related defines from e_os.h to rand_unix.c
    
    Fixes #10049
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/10050)
    
    (cherry picked from commit 01036e2afbe116d608be048ed15930fc885ab2a8)

commit 10cb54d75b401f034ead4e59fe1e2fba166085d3
Author: Dr. Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
Date:   Mon Sep 30 09:05:44 2019 +0200

    rand_unix.c: correct include guard comments
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/10050)
    
    (cherry picked from commit 2a7e6ed86be20bd472696a3eafe5d20ec9579dab)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rand/rand_unix.c | 56 +++++++++++++++++++++++++++++++++++++++++++++++--
 e_os.h                  | 45 ---------------------------------------
 2 files changed, 54 insertions(+), 47 deletions(-)

diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index f88470d35f..c60a457d8c 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -19,6 +19,56 @@
 #include "crypto/rand.h"
 #include <stdio.h>
 #include "internal/dso.h"
+
+/*
+ * Defines related to seed sources
+ */
+#ifndef DEVRANDOM
+/*
+ * set this to a comma-separated list of 'random' device files to try out. By
+ * default, we will try to read at least one of these files
+ */
+# define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom"
+# if defined(__linux) && !defined(__ANDROID__)
+#  ifndef DEVRANDOM_WAIT
+#   define DEVRANDOM_WAIT   "/dev/random"
+#  endif
+/*
+ * Linux kernels 4.8 and later changes how their random device works and there
+ * is no reliable way to tell that /dev/urandom has been seeded -- getentropy(2)
+ * should be used instead.
+ */
+#  ifndef DEVRANDOM_SAFE_KERNEL
+#   define DEVRANDOM_SAFE_KERNEL        4, 8
+#  endif
+/*
+ * Some operating systems do not permit select(2) on their random devices,
+ * defining this to zero will force the use of read(2) to extract one byte
+ * from /dev/random.
+ */
+#  ifndef DEVRANDM_WAIT_USE_SELECT
+#   define DEVRANDM_WAIT_USE_SELECT     1
+#  endif
+/*
+ * Define the shared memory identifier used to indicate if the operating
+ * system has properly seeded the DEVRANDOM source.
+ */
+#  ifndef OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID
+#   define OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID 114
+#  endif
+
+# endif
+#endif
+
+#if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD)
+/*
+ * set this to a comma-separated list of 'egd' sockets to try out. These
+ * sockets will be tried in the order listed in case accessing the device
+ * files listed in DEVRANDOM did not return enough randomness.
+ */
+# define DEVRANDOM_EGD "/var/run/egd-pool", "/dev/egd-pool", "/etc/egd-pool", "/etc/entropy"
+#endif
+
 #ifdef __linux
 # include <sys/syscall.h>
 # ifdef DEVRANDOM_WAIT
@@ -80,7 +130,8 @@ static uint64_t get_timer_bits(void);
 #   define OSSL_POSIX_TIMER_OKAY
 #  endif
 # endif
-#endif /* defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__) */
+#endif /* (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS))
+          || defined(__DJGPP__) */
 
 #if defined(OPENSSL_RAND_SEED_NONE)
 /* none means none. this simplifies the following logic */
@@ -860,4 +911,5 @@ static uint64_t get_timer_bits(void)
 # endif
     return time(NULL);
 }
-#endif /* defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__) */
+#endif /* (defined(OPENSSL_SYS_UNIX) && !defined(OPENSSL_SYS_VXWORKS))
+          || defined(__DJGPP__) */
diff --git a/e_os.h b/e_os.h
index f607045e14..336c821c3b 100644
--- a/e_os.h
+++ b/e_os.h
@@ -22,51 +22,6 @@
  * outside; this file e_os.h is not part of the exported interface.
  */
 
-# ifndef DEVRANDOM
-/*
- * set this to a comma-separated list of 'random' device files to try out. By
- * default, we will try to read at least one of these files
- */
-#  define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom"
-#  if defined(__linux) && !defined(__ANDROID__)
-#   ifndef DEVRANDOM_WAIT
-#    define DEVRANDOM_WAIT   "/dev/random"
-#   endif
-/*
- * Linux kernels 4.8 and later changes how their random device works and there
- * is no reliable way to tell that /dev/urandom has been seeded -- getentropy(2)
- * should be used instead.
- */
-#   ifndef DEVRANDOM_SAFE_KERNEL
-#    define DEVRANDOM_SAFE_KERNEL        4, 8
-#   endif
-/*
- * Some operating systems do not permit select(2) on their random devices,
- * defining this to zero will force the use of read(2) to extract one byte
- * from /dev/random.
- */
-#   ifndef DEVRANDM_WAIT_USE_SELECT
-#    define DEVRANDM_WAIT_USE_SELECT     1
-#   endif
-/*
- * Define the shared memory identifier used to indicate if the operating
- * system has properly seeded the DEVRANDOM source.
- */
-#   ifndef OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID
-#    define OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID 114
-#   endif
-
-#  endif
-# endif
-# if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD)
-/*
- * set this to a comma-separated list of 'egd' sockets to try out. These
- * sockets will be tried in the order listed in case accessing the device
- * files listed in DEVRANDOM did not return enough randomness.
- */
-#  define DEVRANDOM_EGD "/var/run/egd-pool", "/dev/egd-pool", "/etc/egd-pool", "/etc/entropy"
-# endif
-
 # if defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
 #  define NO_CHMOD
 #  define NO_SYSLOG


More information about the openssl-commits mailing list