summaryrefslogtreecommitdiff
path: root/crypto/rand
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/rand')
-rw-r--r--crypto/rand/Makefile.ssl2
-rw-r--r--crypto/rand/rand_egd.c8
-rw-r--r--crypto/rand/rand_unix.c35
-rw-r--r--crypto/rand/rand_vms.c11
-rw-r--r--crypto/rand/rand_win.c102
5 files changed, 100 insertions, 58 deletions
diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl
index ec043cf4fe..e5da96e865 100644
--- a/crypto/rand/Makefile.ssl
+++ b/crypto/rand/Makefile.ssl
@@ -55,7 +55,7 @@ links:
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install:
- @for i in $(EXHEADER) ; \
+ @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c
index e34f07c5e8..50bce6caba 100644
--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -216,7 +216,9 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
while (numbytes != 1)
{
num = read(fd, egdbuf, 1);
- if (num >= 0)
+ if (num == 0)
+ goto err; /* descriptor closed */
+ else if (num > 0)
numbytes += num;
else
{
@@ -246,7 +248,9 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
while (numbytes != egdbuf[0])
{
num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes);
- if (num >= 0)
+ if (num == 0)
+ goto err; /* descriptor closed */
+ else if (num > 0)
numbytes += num;
else
{
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index d2fdb35b56..14837a7a7d 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -121,6 +121,7 @@
#include <sys/types.h>
#include <sys/time.h>
#include <sys/times.h>
+#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <time.h>
@@ -152,9 +153,9 @@ int RAND_poll(void)
int n = 0;
#endif
#ifdef DEVRANDOM
- static const char *randomfiles[] = { DEVRANDOM, NULL };
- const char **randomfile = NULL;
- int fd;
+ static const char *randomfiles[] = { DEVRANDOM };
+ struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])];
+ int fd,i;
#endif
#ifdef DEVRANDOM_EGD
static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
@@ -162,26 +163,42 @@ int RAND_poll(void)
#endif
#ifdef DEVRANDOM
+ memset(randomstats,0,sizeof(randomstats));
/* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
* have this. Use /dev/urandom if you can as /dev/random may block
* if it runs out of random entries. */
- for (randomfile = randomfiles; *randomfile && n < ENTROPY_NEEDED; randomfile++)
+ for (i=0; i<sizeof(randomfiles)/sizeof(randomfiles[0]) && n < ENTROPY_NEEDED; i++)
{
- if ((fd = open(*randomfile, O_RDONLY|O_NONBLOCK
+ if ((fd = open(randomfiles[i], O_RDONLY
+#ifdef O_NONBLOCK
+ |O_NONBLOCK
+#endif
+#ifdef O_BINARY
+ |O_BINARY
+#endif
#ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it
our controlling tty */
|O_NOCTTY
#endif
-#ifdef O_NOFOLLOW /* Fail if the file is a symbolic link */
- |O_NOFOLLOW
-#endif
)) >= 0)
{
struct timeval t = { 0, 10*1000 }; /* Spend 10ms on
each file. */
- int r;
+ int r,j;
fd_set fset;
+ struct stat *st=&randomstats[i];
+
+ /* Avoid using same input... Used to be O_NOFOLLOW
+ * above, but it's not universally appropriate... */
+ if (fstat(fd,st) != 0) { close(fd); continue; }
+ for (j=0;j<i;j++)
+ {
+ if (randomstats[j].st_ino==st->st_ino &&
+ randomstats[j].st_dev==st->st_dev)
+ break;
+ }
+ if (j<i) { close(fd); continue; }
do
{
diff --git a/crypto/rand/rand_vms.c b/crypto/rand/rand_vms.c
index 00cf6bb29d..3274ea79da 100644
--- a/crypto/rand/rand_vms.c
+++ b/crypto/rand/rand_vms.c
@@ -171,7 +171,8 @@ int RAND_poll(void)
pitem = item;
/* Setup */
- while (pitems_data->length)
+ while (pitems_data->length
+ && (total_length + pitems_data->length <= 256))
{
#if __INITIAL_POINTER_SIZE == 64
@@ -179,14 +180,14 @@ int RAND_poll(void)
pitem->ileb_64$w_code = pitems_data->code;
pitem->ileb_64$l_mbmo = -1;
pitem->ileb_64$q_length = pitems_data->length;
- pitem->ileb_64$pq_bufaddr = &data_buffer[total_length];
+ pitem->ileb_64$pq_bufaddr = (long *)&data_buffer[total_length];
pitem->ileb_64$pq_retlen_addr = 0;
total_length += pitems_data->length/4;
#else
- pitem->ile3$w_length = (short)pitems_data->length;
- pitem->ile3$w_code = (short)pitems_data->code;
- pitem->ile3$ps_bufaddr = &data_buffer[total_length];
+ pitem->ile3$w_length = pitems_data->length;
+ pitem->ile3$w_code = pitems_data->code;
+ pitem->ile3$ps_bufaddr = (long *)&data_buffer[total_length];
pitem->ile3$ps_retlen_addr = 0;
total_length += pitems_data->length/4;
diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c
index 3584842224..aaea92c8fd 100644
--- a/crypto/rand/rand_win.c
+++ b/crypto/rand/rand_win.c
@@ -125,7 +125,7 @@
* http://developer.intel.com/design/security/rng/redist_license.htm
*/
#define PROV_INTEL_SEC 22
-#define INTEL_DEF_PROV TEXT("Intel Hardware Cryptographic Service Provider")
+#define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
static void readtimer(void);
static void readscreen(void);
@@ -152,7 +152,7 @@ typedef struct tagCURSORINFO
#define CURSOR_SHOWING 0x00000001
#endif /* CURSOR_SHOWING */
-typedef BOOL (WINAPI *CRYPTACQUIRECONTEXT)(HCRYPTPROV *, LPCTSTR, LPCTSTR,
+typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTW)(HCRYPTPROV *, LPCWSTR, LPCWSTR,
DWORD, DWORD);
typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV, DWORD, BYTE *);
typedef BOOL (WINAPI *CRYPTRELEASECONTEXT)(HCRYPTPROV, DWORD);
@@ -194,7 +194,7 @@ int RAND_poll(void)
HWND h;
HMODULE advapi, kernel, user, netapi;
- CRYPTACQUIRECONTEXT acquire = 0;
+ CRYPTACQUIRECONTEXTW acquire = 0;
CRYPTGENRANDOM gen = 0;
CRYPTRELEASECONTEXT release = 0;
#if 1 /* There was previously a problem with NETSTATGET. Currently, this
@@ -213,6 +213,9 @@ int RAND_poll(void)
GetVersionEx( &osverinfo ) ;
#if defined(OPENSSL_SYS_WINCE) && WCEPLATFORM!=MS_HPC_PRO
+#ifndef CryptAcquireContext
+#define CryptAcquireContext CryptAcquireContextW
+#endif
/* poll the CryptoAPI PRNG */
/* The CryptoAPI returns sizeof(buf) bytes of randomness */
if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
@@ -223,21 +226,35 @@ int RAND_poll(void)
}
#endif
+#ifndef OPENSSL_SYS_WINCE
+ /*
+ * None of below libraries are present on Windows CE, which is
+ * why we #ifndef the whole section. This also excuses us from
+ * handling the GetProcAddress issue. The trouble is that in
+ * real Win32 API GetProcAddress is available in ANSI flavor
+ * only. In WinCE on the other hand GetProcAddress is a macro
+ * most commonly defined as GetProcAddressW, which accepts
+ * Unicode argument. If we were to call GetProcAddress under
+ * WinCE, I'd recommend to either redefine GetProcAddress as
+ * GetProcAddressA (there seem to be one in common CE spec) or
+ * implement own shim routine, which would accept ANSI argument
+ * and expand it to Unicode.
+ */
+
/* load functions dynamically - not available on all systems */
advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
user = LoadLibrary(TEXT("USER32.DLL"));
netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
-#ifndef OPENSSL_SYS_WINCE
#if 1 /* There was previously a problem with NETSTATGET. Currently, this
* section is still experimental, but if all goes well, this conditional
* will be removed
*/
if (netapi)
{
- netstatget = (NETSTATGET) GetProcAddress(netapi,TEXT("NetStatisticsGet"));
- netfree = (NETFREE) GetProcAddress(netapi,TEXT("NetApiBufferFree"));
+ netstatget = (NETSTATGET) GetProcAddress(netapi,"NetStatisticsGet");
+ netfree = (NETFREE) GetProcAddress(netapi,"NetApiBufferFree");
}
if (netstatget && netfree)
@@ -264,9 +281,7 @@ int RAND_poll(void)
if (netapi)
FreeLibrary(netapi);
#endif /* 1 */
-#endif /* !OPENSSL_SYS_WINCE */
-
-#ifndef OPENSSL_SYS_WINCE
+
/* It appears like this can cause an exception deep within ADVAPI32.DLL
* at random times on Windows 2000. Reported by Jeffrey Altman.
* Only use it on NT.
@@ -321,16 +336,20 @@ int RAND_poll(void)
free(buf);
}
#endif
-#endif /* !OPENSSL_SYS_WINCE */
if (advapi)
{
- acquire = (CRYPTACQUIRECONTEXT) GetProcAddress(advapi,
- TEXT("CryptAcquireContextA"));
+ /*
+ * If it's available, then it's available in both ANSI
+ * and UNICODE flavors even in Win9x, documentation says.
+ * We favor Unicode...
+ */
+ acquire = (CRYPTACQUIRECONTEXTW) GetProcAddress(advapi,
+ "CryptAcquireContextW");
gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
- TEXT("CryptGenRandom"));
+ "CryptGenRandom");
release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
- TEXT("CryptReleaseContext"));
+ "CryptReleaseContext");
}
if (acquire && gen && release)
@@ -367,26 +386,15 @@ int RAND_poll(void)
if (advapi)
FreeLibrary(advapi);
- /* timer data */
- readtimer();
-
- /* memory usage statistics */
- GlobalMemoryStatus(&m);
- RAND_add(&m, sizeof(m), 1);
-
- /* process ID */
- w = GetCurrentProcessId();
- RAND_add(&w, sizeof(w), 1);
-
if (user)
{
GETCURSORINFO cursor;
GETFOREGROUNDWINDOW win;
GETQUEUESTATUS queue;
- win = (GETFOREGROUNDWINDOW) GetProcAddress(user, TEXT("GetForegroundWindow"));
- cursor = (GETCURSORINFO) GetProcAddress(user, TEXT("GetCursorInfo"));
- queue = (GETQUEUESTATUS) GetProcAddress(user, TEXT("GetQueueStatus"));
+ win = (GETFOREGROUNDWINDOW) GetProcAddress(user, "GetForegroundWindow");
+ cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
+ queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
if (win)
{
@@ -458,19 +466,19 @@ int RAND_poll(void)
MODULEENTRY32 m;
snap = (CREATETOOLHELP32SNAPSHOT)
- GetProcAddress(kernel, TEXT("CreateToolhelp32Snapshot"));
+ GetProcAddress(kernel, "CreateToolhelp32Snapshot");
close_snap = (CLOSETOOLHELP32SNAPSHOT)
- GetProcAddress(kernel, TEXT("CloseToolhelp32Snapshot"));
- heap_first = (HEAP32FIRST) GetProcAddress(kernel, TEXT("Heap32First"));
- heap_next = (HEAP32NEXT) GetProcAddress(kernel, TEXT("Heap32Next"));
- heaplist_first = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListFirst"));
- heaplist_next = (HEAP32LIST) GetProcAddress(kernel, TEXT("Heap32ListNext"));
- process_first = (PROCESS32) GetProcAddress(kernel, TEXT("Process32First"));
- process_next = (PROCESS32) GetProcAddress(kernel, TEXT("Process32Next"));
- thread_first = (THREAD32) GetProcAddress(kernel, TEXT("Thread32First"));
- thread_next = (THREAD32) GetProcAddress(kernel, TEXT("Thread32Next"));
- module_first = (MODULE32) GetProcAddress(kernel, TEXT("Module32First"));
- module_next = (MODULE32) GetProcAddress(kernel, TEXT("Module32Next"));
+ GetProcAddress(kernel, "CloseToolhelp32Snapshot");
+ heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
+ heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
+ heaplist_first = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
+ heaplist_next = (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
+ process_first = (PROCESS32) GetProcAddress(kernel, "Process32First");
+ process_next = (PROCESS32) GetProcAddress(kernel, "Process32Next");
+ thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
+ thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
+ module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
+ module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
if (snap && heap_first && heap_next && heaplist_first &&
heaplist_next && process_first && process_next &&
@@ -546,6 +554,18 @@ int RAND_poll(void)
FreeLibrary(kernel);
}
+#endif /* !OPENSSL_SYS_WINCE */
+
+ /* timer data */
+ readtimer();
+
+ /* memory usage statistics */
+ GlobalMemoryStatus(&m);
+ RAND_add(&m, sizeof(m), 1);
+
+ /* process ID */
+ w = GetCurrentProcessId();
+ RAND_add(&w, sizeof(w), 1);
#if 0
printf("Exiting RAND_poll\n");
@@ -607,7 +627,7 @@ static void readtimer(void)
DWORD w;
LARGE_INTEGER l;
static int have_perfc = 1;
-#if defined(_MSC_VER) && !defined(OPENSSL_SYS_WINCE)
+#if defined(_MSC_VER) && defined(_M_X86)
static int have_tsc = 1;
DWORD cyclecount;
View Lorry Controller Status