[src/netbsd-9]: src/crypto/external/bsd/openssl/dist/crypto/rand Pull up foll...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/netbsd-9]: src/crypto/external/bsd/openssl/dist/crypto/rand Pull up foll...
From: martin <martin%NetBSD.org@localhost>
Date: Thu, 30 Apr 2020 19:41:43 +0000

details:   https://anonhg.NetBSD.org/src/rev/7f2a2bec0aeb
branches:  netbsd-9
changeset: 931785:7f2a2bec0aeb
user:      martin <martin%NetBSD.org@localhost>
date:      Thu Apr 30 16:17:04 2020 +0000

description:
Pull up following revision(s) (requested by nia in ticket #878):

        crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c: revision 1.16

Fix the detection of KERN_ARND by OpenSSL.

Firstly, include the correct headers. Then, make sure that requests
never exceed 256 bytes.

Disable a hack for old FreeBSD versions, just in case it actually gets
used.

This should mean that OpenSSL doesn't ever fall back to reading from
/dev/urandom.

XXX pullup, XXX upstream.

diffstat:

 crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c |  9 ++++++---
 1 files changed, 6 insertions(+), 3 deletions(-)

diffs (41 lines):

diff -r 6078993a897d -r 7f2a2bec0aeb crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c
--- a/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c  Thu Apr 30 16:05:18 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c  Thu Apr 30 16:17:04 2020 +0000
@@ -26,12 +26,12 @@
 #  include <sys/utsname.h>
 # endif
 #endif
-#if defined(__FreeBSD__) && !defined(OPENSSL_SYS_UEFI)
+#if (defined(__FreeBSD__) || defined(__NetBSD__)) && !defined(OPENSSL_SYS_UEFI)
 # include <sys/types.h>
 # include <sys/sysctl.h>
 # include <sys/param.h>
 #endif
-#if defined(__OpenBSD__) || defined(__NetBSD__)
+#if defined(__OpenBSD__)
 # include <sys/param.h>
 #endif
 
@@ -247,10 +247,12 @@
      * when the sysctl returns long and we want to request something not a
      * multiple of longs, which should never be the case.
      */
+#if   defined(__FreeBSD__)
     if (!ossl_assert(buflen % sizeof(long) == 0)) {
         errno = EINVAL;
         return -1;
     }
+#endif
 
     /*
      * On NetBSD before 4.0 KERN_ARND was an alias for KERN_URND, and only
@@ -268,7 +270,8 @@
     mib[1] = KERN_ARND;
 
     do {
-        len = buflen;
+        /* On NetBSD, KERN_ARND fails if more than 256 bytes are requested */
+        len = buflen > 256 ? 256 : buflen;
         if (sysctl(mib, 2, buf, &len, NULL, 0) == -1)
             return done > 0 ? done : -1;
         done += len;

Prev by Date: [src/netbsd-9]: src/sys/dev/audio Pull up following revision(s) (requested by...
Next by Date: [src/netbsd-9]: src/games/fortune Pull up following revision(s) (requested by...
Previous by Thread: [src/netbsd-9]: src/sys/dev/audio Pull up following revision(s) (requested by...
Next by Thread: [src/netbsd-9]: src/games/fortune Pull up following revision(s) (requested by...
Indexes:

Home | Main Index | Thread Index | Old Index