mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 16:18:48 -05:00
ossl_seed: fix the last resort PRNG seeding
Instead of just abusing the pseudo-randomizer from Curl_FormBoundary(), this now uses Curl_ossl_random() to get entropy.
This commit is contained in:
parent
d09d08dc1f
commit
ad7291c1a9
25
lib/ssluse.c
25
lib/ssluse.c
@ -236,27 +236,14 @@ static int ossl_seed(struct SessionHandle *data)
|
|||||||
|
|
||||||
/* If we get here, it means we need to seed the PRNG using a "silly"
|
/* If we get here, it means we need to seed the PRNG using a "silly"
|
||||||
approach! */
|
approach! */
|
||||||
{
|
do {
|
||||||
int len;
|
int len;
|
||||||
char *area;
|
unsigned char randb[64];
|
||||||
|
Curl_ossl_random(data, randb, sizeof(randb));
|
||||||
|
|
||||||
/* Changed call to RAND_seed to use the underlying RAND_add implementation
|
len = sizeof(randb);
|
||||||
* directly. Do this in a loop, with the amount of additional entropy
|
RAND_add(randb, len, (len >> 1));
|
||||||
* being dependent upon the algorithm used by Curl_FormBoundary(): N bytes
|
} while(!RAND_status());
|
||||||
* of a 7-bit ascii set. -- Richard Gorton, March 11 2003.
|
|
||||||
*/
|
|
||||||
|
|
||||||
do {
|
|
||||||
area = Curl_FormBoundary();
|
|
||||||
if(!area)
|
|
||||||
return 3; /* out of memory */
|
|
||||||
|
|
||||||
len = curlx_uztosi(strlen(area));
|
|
||||||
RAND_add(area, len, (len >> 1));
|
|
||||||
|
|
||||||
free(area); /* now remove the random junk */
|
|
||||||
} while(!RAND_status());
|
|
||||||
}
|
|
||||||
|
|
||||||
/* generates a default path for the random seed file */
|
/* generates a default path for the random seed file */
|
||||||
buf[0]=0; /* blank it first */
|
buf[0]=0; /* blank it first */
|
||||||
|
Loading…
Reference in New Issue
Block a user