aboutsummaryrefslogtreecommitdiff
path: root/openssl/crypto/rand/md_rand.c
diff options
context:
space:
mode:
Diffstat (limited to 'openssl/crypto/rand/md_rand.c')
-rw-r--r--openssl/crypto/rand/md_rand.c46
1 files changed, 26 insertions, 20 deletions
diff --git a/openssl/crypto/rand/md_rand.c b/openssl/crypto/rand/md_rand.c
index 0f8dd3e00..88088ce73 100644
--- a/openssl/crypto/rand/md_rand.c
+++ b/openssl/crypto/rand/md_rand.c
@@ -126,10 +126,6 @@
#include <openssl/crypto.h>
#include <openssl/err.h>
-#ifdef OPENSSL_FIPS
-#include <openssl/fips.h>
-#endif
-
#ifdef BN_DEBUG
# define PREDICT
@@ -149,7 +145,7 @@ static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
* holds CRYPTO_LOCK_RAND
* (to prevent double locking) */
/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
-static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
+static CRYPTO_THREADID locking_threadid; /* valid iff crypto_lock_rand is set */
#ifdef PREDICT
@@ -217,8 +213,10 @@ static void ssleay_rand_add(const void *buf, int num, double add)
/* check if we already have the lock */
if (crypto_lock_rand)
{
+ CRYPTO_THREADID cur;
+ CRYPTO_THREADID_current(&cur);
CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
- do_not_lock = (locking_thread == CRYPTO_thread_id());
+ do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
}
else
@@ -274,8 +272,16 @@ static void ssleay_rand_add(const void *buf, int num, double add)
}
else
MD_Update(&m,&(state[st_idx]),j);
-
+
+ /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
MD_Update(&m,buf,j);
+ /* We know that line may cause programs such as
+ purify and valgrind to complain about use of
+ uninitialized data. The problem is not, it's
+ with the caller. Removing that line will make
+ sure you get really bad randomness and thereby
+ other problems such as very insecure keys. */
+
MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
MD_Final(&m,local_md);
md_c[1]++;
@@ -336,14 +342,6 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
#endif
int do_stir_pool = 0;
-#ifdef OPENSSL_FIPS
- if(FIPS_mode())
- {
- FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD);
- return 0;
- }
-#endif
-
#ifdef PREDICT
if (rand_predictable)
{
@@ -384,7 +382,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
- locking_thread = CRYPTO_thread_id();
+ CRYPTO_THREADID_current(&locking_threadid);
CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
crypto_lock_rand = 1;
@@ -476,9 +474,15 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
#endif
MD_Update(&m,local_md,MD_DIGEST_LENGTH);
MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
-#ifndef PURIFY
- MD_Update(&m,buf,j); /* purify complains */
+
+#ifndef PURIFY /* purify complains */
+ /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
+ MD_Update(&m,buf,j);
+ /* We know that line may cause programs such as
+ purify and valgrind to complain about use of
+ uninitialized data. */
#endif
+
k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
if (k > 0)
{
@@ -539,15 +543,17 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
static int ssleay_rand_status(void)
{
+ CRYPTO_THREADID cur;
int ret;
int do_not_lock;
+ CRYPTO_THREADID_current(&cur);
/* check if we already have the lock
* (could happen if a RAND_poll() implementation calls RAND_status()) */
if (crypto_lock_rand)
{
CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
- do_not_lock = (locking_thread == CRYPTO_thread_id());
+ do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
}
else
@@ -559,7 +565,7 @@ static int ssleay_rand_status(void)
/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
- locking_thread = CRYPTO_thread_id();
+ CRYPTO_THREADID_cpy(&locking_threadid, &cur);
CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
crypto_lock_rand = 1;
}