[openssl] OpenSSL_1_1_1-stable update
matthias.st.pierre at ncp-e.com
matthias.st.pierre at ncp-e.com
Wed Oct 14 06:00:16 UTC 2020
The branch OpenSSL_1_1_1-stable has been updated
via b316d06dd99ec55f0a5275ca8ca4188848227b3b (commit)
from 11358e0e3c583fe2ce34d9ab719e49127fc2bd46 (commit)
- Log -----------------------------------------------------------------
commit b316d06dd99ec55f0a5275ca8ca4188848227b3b
Author: Yury Is <yury.coder at gmail.com>
Date: Tue Oct 13 02:28:26 2020 +0300
syscall_random(): don't fail if the getentropy() function is a dummy
Several embedded toolchains may provide dummy implemented getentropy()
function which always returns -1 and sets errno to the ENOSYS.
As a result the function SSL_CTX_new() fails to create a new context.
Fixes #13002
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/13112)
-----------------------------------------------------------------------
Summary of changes:
crypto/rand/rand_unix.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index da66773e4a..ec6be791b3 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -365,12 +365,19 @@ static ssize_t syscall_random(void *buf, size_t buflen)
* - OpenBSD since 5.6
* - Linux since 3.17 with glibc 2.25
* - FreeBSD since 12.0 (1200061)
+ *
+ * Note: Sometimes getentropy() can be provided but not implemented
+ * internally. So we need to check errno for ENOSYS
*/
# if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux)
extern int getentropy(void *buffer, size_t length) __attribute__((weak));
- if (getentropy != NULL)
- return getentropy(buf, buflen) == 0 ? (ssize_t)buflen : -1;
+ if (getentropy != NULL) {
+ if (getentropy(buf, buflen) == 0)
+ return (ssize_t)buflen;
+ if (errno != ENOSYS)
+ return -1;
+ }
# else
union {
void *p;
More information about the openssl-commits
mailing list