mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-20 10:12:15 +01:00
Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args
It needed an argument before because it wasn't safe to call RAND_poll() on openssl 0.9.8c if you had already opened more fds than would fit in fd_set.
This commit is contained in:
parent
971f0f8e18
commit
f8f407d66a
@ -302,7 +302,7 @@ crypto_early_init(void)
|
||||
|
||||
crypto_force_rand_ssleay();
|
||||
|
||||
if (crypto_seed_rng(1) < 0)
|
||||
if (crypto_seed_rng() < 0)
|
||||
return -1;
|
||||
if (crypto_init_siphash_key() < 0)
|
||||
return -1;
|
||||
@ -384,7 +384,7 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
|
||||
}
|
||||
|
||||
if (crypto_force_rand_ssleay()) {
|
||||
if (crypto_seed_rng(1) < 0)
|
||||
if (crypto_seed_rng() < 0)
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -2485,13 +2485,11 @@ crypto_strongest_rand(uint8_t *out, size_t out_len)
|
||||
* have not yet allocated a bunch of fds. Return 0 on success, -1 on failure.
|
||||
*/
|
||||
int
|
||||
crypto_seed_rng(int startup)
|
||||
crypto_seed_rng(void)
|
||||
{
|
||||
int rand_poll_ok = 0, load_entropy_ok = 0;
|
||||
uint8_t buf[ADD_ENTROPY];
|
||||
|
||||
(void) startup;
|
||||
|
||||
/* OpenSSL has a RAND_poll function that knows about more kinds of
|
||||
* entropy than we do. We'll try calling that, *and* calling our own entropy
|
||||
* functions. If one succeeds, we'll accept the RNG as seeded. */
|
||||
|
@ -251,7 +251,7 @@ int crypto_expand_key_material_rfc5869_sha256(
|
||||
uint8_t *key_out, size_t key_out_len);
|
||||
|
||||
/* random numbers */
|
||||
int crypto_seed_rng(int startup);
|
||||
int crypto_seed_rng(void);
|
||||
MOCK_DECL(int,crypto_rand,(char *to, size_t n));
|
||||
int crypto_strongest_rand(uint8_t *out, size_t out_len);
|
||||
int crypto_rand_int(unsigned int max);
|
||||
|
@ -1317,7 +1317,7 @@ run_scheduled_events(time_t now)
|
||||
if (time_to_add_entropy < now) {
|
||||
if (time_to_add_entropy) {
|
||||
/* We already seeded once, so don't die on failure. */
|
||||
crypto_seed_rng(0);
|
||||
crypto_seed_rng();
|
||||
}
|
||||
/** How often do we add more entropy to OpenSSL's RNG pool? */
|
||||
#define ENTROPY_INTERVAL (60*60)
|
||||
|
@ -624,7 +624,7 @@ main(int argc, const char **argv)
|
||||
|
||||
reset_perftime();
|
||||
|
||||
crypto_seed_rng(1);
|
||||
crypto_seed_rng();
|
||||
crypto_init_siphash_key();
|
||||
options = options_new();
|
||||
init_logging(1);
|
||||
|
@ -72,7 +72,7 @@ test_crypto_rng(void *arg)
|
||||
|
||||
/* Try out RNG. */
|
||||
(void)arg;
|
||||
tt_assert(! crypto_seed_rng(0));
|
||||
tt_assert(! crypto_seed_rng());
|
||||
crypto_rand(data1, 100);
|
||||
crypto_rand(data2, 100);
|
||||
tt_mem_op(data1,OP_NE, data2,100);
|
||||
|
@ -356,7 +356,7 @@ main(int argc, char **argv)
|
||||
|
||||
init_logging(1);
|
||||
crypto_global_init(1, NULL, NULL);
|
||||
crypto_seed_rng(1);
|
||||
crypto_seed_rng();
|
||||
|
||||
rq = replyqueue_new(as_flags);
|
||||
tor_assert(rq);
|
||||
|
@ -270,7 +270,7 @@ main(int c, const char **v)
|
||||
return 1;
|
||||
}
|
||||
crypto_set_tls_dh_prime(NULL);
|
||||
crypto_seed_rng(1);
|
||||
crypto_seed_rng();
|
||||
rep_hist_init();
|
||||
network_init();
|
||||
setup_directory();
|
||||
|
@ -532,7 +532,7 @@ main(int argc, char **argv)
|
||||
fprintf(stderr, "Couldn't initialize crypto library.\n");
|
||||
return 1;
|
||||
}
|
||||
if (crypto_seed_rng(1)) {
|
||||
if (crypto_seed_rng()) {
|
||||
fprintf(stderr, "Couldn't seed RNG.\n");
|
||||
goto done;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user