mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-14 07:03:44 +01:00
Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args
It needed an argument before because it wasn't safe to call RAND_poll() on openssl 0.9.8c if you had already opened more fds than would fit in fd_set.
This commit is contained in:
parent
971f0f8e18
commit
f8f407d66a
@ -302,7 +302,7 @@ crypto_early_init(void)
|
|||||||
|
|
||||||
crypto_force_rand_ssleay();
|
crypto_force_rand_ssleay();
|
||||||
|
|
||||||
if (crypto_seed_rng(1) < 0)
|
if (crypto_seed_rng() < 0)
|
||||||
return -1;
|
return -1;
|
||||||
if (crypto_init_siphash_key() < 0)
|
if (crypto_init_siphash_key() < 0)
|
||||||
return -1;
|
return -1;
|
||||||
@ -384,7 +384,7 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (crypto_force_rand_ssleay()) {
|
if (crypto_force_rand_ssleay()) {
|
||||||
if (crypto_seed_rng(1) < 0)
|
if (crypto_seed_rng() < 0)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2485,13 +2485,11 @@ crypto_strongest_rand(uint8_t *out, size_t out_len)
|
|||||||
* have not yet allocated a bunch of fds. Return 0 on success, -1 on failure.
|
* have not yet allocated a bunch of fds. Return 0 on success, -1 on failure.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
crypto_seed_rng(int startup)
|
crypto_seed_rng(void)
|
||||||
{
|
{
|
||||||
int rand_poll_ok = 0, load_entropy_ok = 0;
|
int rand_poll_ok = 0, load_entropy_ok = 0;
|
||||||
uint8_t buf[ADD_ENTROPY];
|
uint8_t buf[ADD_ENTROPY];
|
||||||
|
|
||||||
(void) startup;
|
|
||||||
|
|
||||||
/* OpenSSL has a RAND_poll function that knows about more kinds of
|
/* OpenSSL has a RAND_poll function that knows about more kinds of
|
||||||
* entropy than we do. We'll try calling that, *and* calling our own entropy
|
* entropy than we do. We'll try calling that, *and* calling our own entropy
|
||||||
* functions. If one succeeds, we'll accept the RNG as seeded. */
|
* functions. If one succeeds, we'll accept the RNG as seeded. */
|
||||||
|
@ -251,7 +251,7 @@ int crypto_expand_key_material_rfc5869_sha256(
|
|||||||
uint8_t *key_out, size_t key_out_len);
|
uint8_t *key_out, size_t key_out_len);
|
||||||
|
|
||||||
/* random numbers */
|
/* random numbers */
|
||||||
int crypto_seed_rng(int startup);
|
int crypto_seed_rng(void);
|
||||||
MOCK_DECL(int,crypto_rand,(char *to, size_t n));
|
MOCK_DECL(int,crypto_rand,(char *to, size_t n));
|
||||||
int crypto_strongest_rand(uint8_t *out, size_t out_len);
|
int crypto_strongest_rand(uint8_t *out, size_t out_len);
|
||||||
int crypto_rand_int(unsigned int max);
|
int crypto_rand_int(unsigned int max);
|
||||||
|
@ -1317,7 +1317,7 @@ run_scheduled_events(time_t now)
|
|||||||
if (time_to_add_entropy < now) {
|
if (time_to_add_entropy < now) {
|
||||||
if (time_to_add_entropy) {
|
if (time_to_add_entropy) {
|
||||||
/* We already seeded once, so don't die on failure. */
|
/* We already seeded once, so don't die on failure. */
|
||||||
crypto_seed_rng(0);
|
crypto_seed_rng();
|
||||||
}
|
}
|
||||||
/** How often do we add more entropy to OpenSSL's RNG pool? */
|
/** How often do we add more entropy to OpenSSL's RNG pool? */
|
||||||
#define ENTROPY_INTERVAL (60*60)
|
#define ENTROPY_INTERVAL (60*60)
|
||||||
|
@ -624,7 +624,7 @@ main(int argc, const char **argv)
|
|||||||
|
|
||||||
reset_perftime();
|
reset_perftime();
|
||||||
|
|
||||||
crypto_seed_rng(1);
|
crypto_seed_rng();
|
||||||
crypto_init_siphash_key();
|
crypto_init_siphash_key();
|
||||||
options = options_new();
|
options = options_new();
|
||||||
init_logging(1);
|
init_logging(1);
|
||||||
|
@ -72,7 +72,7 @@ test_crypto_rng(void *arg)
|
|||||||
|
|
||||||
/* Try out RNG. */
|
/* Try out RNG. */
|
||||||
(void)arg;
|
(void)arg;
|
||||||
tt_assert(! crypto_seed_rng(0));
|
tt_assert(! crypto_seed_rng());
|
||||||
crypto_rand(data1, 100);
|
crypto_rand(data1, 100);
|
||||||
crypto_rand(data2, 100);
|
crypto_rand(data2, 100);
|
||||||
tt_mem_op(data1,OP_NE, data2,100);
|
tt_mem_op(data1,OP_NE, data2,100);
|
||||||
|
@ -356,7 +356,7 @@ main(int argc, char **argv)
|
|||||||
|
|
||||||
init_logging(1);
|
init_logging(1);
|
||||||
crypto_global_init(1, NULL, NULL);
|
crypto_global_init(1, NULL, NULL);
|
||||||
crypto_seed_rng(1);
|
crypto_seed_rng();
|
||||||
|
|
||||||
rq = replyqueue_new(as_flags);
|
rq = replyqueue_new(as_flags);
|
||||||
tor_assert(rq);
|
tor_assert(rq);
|
||||||
|
@ -270,7 +270,7 @@ main(int c, const char **v)
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
crypto_set_tls_dh_prime(NULL);
|
crypto_set_tls_dh_prime(NULL);
|
||||||
crypto_seed_rng(1);
|
crypto_seed_rng();
|
||||||
rep_hist_init();
|
rep_hist_init();
|
||||||
network_init();
|
network_init();
|
||||||
setup_directory();
|
setup_directory();
|
||||||
|
@ -532,7 +532,7 @@ main(int argc, char **argv)
|
|||||||
fprintf(stderr, "Couldn't initialize crypto library.\n");
|
fprintf(stderr, "Couldn't initialize crypto library.\n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if (crypto_seed_rng(1)) {
|
if (crypto_seed_rng()) {
|
||||||
fprintf(stderr, "Couldn't seed RNG.\n");
|
fprintf(stderr, "Couldn't seed RNG.\n");
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user