[openssl] OpenSSL_1_1_1-stable update

Matt Caswell matt at openssl.org
Mon May 4 08:27:15 UTC 2020


The branch OpenSSL_1_1_1-stable has been updated
       via  352933bd664e6145366b51b50821c8aefd652aa8 (commit)
       via  3c64c50bcf848bd341dd4c4541a70a76883f5147 (commit)
       via  78ed03986f39a5b85ebf04e5e97eaa9602dee0a3 (commit)
      from  1632a6854cc594901018f9490426b26e893aae43 (commit)


- Log -----------------------------------------------------------------
commit 352933bd664e6145366b51b50821c8aefd652aa8
Author: nia <nia at netbsd.org>
Date:   Thu Apr 30 14:43:04 2020 +0100

    rand_unix.c: Ensure requests to KERN_ARND don't exceed 256 bytes.
    
    Requests for more than 256 bytes will fail.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11689)
    
    (cherry picked from commit 7421f085005e0d7a1dd2fe61b991ff23cef91c22)

commit 3c64c50bcf848bd341dd4c4541a70a76883f5147
Author: nia <nia at netbsd.org>
Date:   Thu Apr 30 14:42:09 2020 +0100

    rand_unix.c: Only enable hack for old FreeBSD versions on FreeBSD
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11689)
    
    (cherry picked from commit 0c27ce7322e15a7e0733d48aaf9c8e1d1249541f)

commit 78ed03986f39a5b85ebf04e5e97eaa9602dee0a3
Author: nia <nia at netbsd.org>
Date:   Thu Apr 30 14:41:07 2020 +0100

    rand_unix.c: Include correct headers for sysctl() on NetBSD
    
    This allows sysctl(KERN_ARND) to be detected properly.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/11689)
    
    (cherry picked from commit e2e4b784e65eaafb133a7db3d344446c43112d41)

-----------------------------------------------------------------------

Summary of changes:
 crypto/rand/rand_unix.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index fe457cab4a..19b6138a1f 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -26,12 +26,12 @@
 #  include <sys/utsname.h>
 # endif
 #endif
-#if defined(__FreeBSD__) && !defined(OPENSSL_SYS_UEFI)
+#if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(OPENSSL_SYS_UEFI)
 # include <sys/types.h>
 # include <sys/sysctl.h>
 # include <sys/param.h>
 #endif
-#if defined(__OpenBSD__) || defined(__NetBSD__)
+#if defined(__OpenBSD__)
 # include <sys/param.h>
 #endif
 
@@ -247,10 +247,12 @@ static ssize_t sysctl_random(char *buf, size_t buflen)
      * when the sysctl returns long and we want to request something not a
      * multiple of longs, which should never be the case.
      */
+#if   defined(__FreeBSD__)
     if (!ossl_assert(buflen % sizeof(long) == 0)) {
         errno = EINVAL;
         return -1;
     }
+#endif
 
     /*
      * On NetBSD before 4.0 KERN_ARND was an alias for KERN_URND, and only
@@ -268,7 +270,7 @@ static ssize_t sysctl_random(char *buf, size_t buflen)
     mib[1] = KERN_ARND;
 
     do {
-        len = buflen;
+        len = buflen > 256 ? 256 : buflen;
         if (sysctl(mib, 2, buf, &len, NULL, 0) == -1)
             return done > 0 ? done : -1;
         done += len;


More information about the openssl-commits mailing list