提交 05ccd698 编写于 作者: B Bodo Möller

RAND_load_file(..., -1) now means "read the complete file";

this is what we now use to read $RANDFILE / $HOME/.rnd.
(Previously, after 'cat'ting lots of stuff into .rnd
only the first MB would be looked at.)

Bugfix for apps/enc.c: Continue if RAND_pseudo_bytes returns 0
(only -1 is an error).
上级 f13b93d3
...@@ -130,7 +130,7 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn) ...@@ -130,7 +130,7 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
if (file == NULL) if (file == NULL)
file = RAND_file_name(buffer, sizeof buffer); file = RAND_file_name(buffer, sizeof buffer);
if (file == NULL || !RAND_load_file(file, 1024L*1024L)) if (file == NULL || !RAND_load_file(file, -1))
{ {
if (!dont_warn) if (!dont_warn)
{ {
......
...@@ -448,7 +448,7 @@ bad: ...@@ -448,7 +448,7 @@ bad:
"invalid hex salt value\n"); "invalid hex salt value\n");
goto end; goto end;
} }
} else if (RAND_pseudo_bytes(salt, PKCS5_SALT_LEN) <= 0) } else if (RAND_pseudo_bytes(salt, PKCS5_SALT_LEN) < 0)
goto end; goto end;
/* If -P option then don't bother writing */ /* If -P option then don't bother writing */
if((printkey != 2) if((printkey != 2)
......
...@@ -82,6 +82,9 @@ ...@@ -82,6 +82,9 @@
int RAND_load_file(const char *file, long bytes) int RAND_load_file(const char *file, long bytes)
{ {
/* If bytes >= 0, read up to 'bytes' bytes.
* if bytes == -1, read complete file. */
MS_STATIC unsigned char buf[BUFSIZE]; MS_STATIC unsigned char buf[BUFSIZE];
struct stat sb; struct stat sb;
int i,ret=0,n; int i,ret=0,n;
...@@ -93,20 +96,26 @@ int RAND_load_file(const char *file, long bytes) ...@@ -93,20 +96,26 @@ int RAND_load_file(const char *file, long bytes)
/* If the state fails, put some crap in anyway */ /* If the state fails, put some crap in anyway */
RAND_add(&sb,sizeof(sb),0); RAND_add(&sb,sizeof(sb),0);
if (i < 0) return(0); if (i < 0) return(0);
if (bytes <= 0) return(ret); if (bytes == 0) return(ret);
in=fopen(file,"rb"); in=fopen(file,"rb");
if (in == NULL) goto err; if (in == NULL) goto err;
for (;;) for (;;)
{ {
n=(bytes < BUFSIZE)?(int)bytes:BUFSIZE; if (bytes > 0)
n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE;
else
n = BUFSIZE;
i=fread(buf,1,n,in); i=fread(buf,1,n,in);
if (i <= 0) break; if (i <= 0) break;
/* even if n != i, use the full array */ /* even if n != i, use the full array */
RAND_add(buf,n,i); RAND_add(buf,n,i);
ret+=i; ret+=i;
bytes-=n; if (bytes > 0)
if (bytes <= 0) break; {
bytes-=n;
if (bytes == 0) break;
}
} }
fclose(in); fclose(in);
memset(buf,0,BUFSIZE); memset(buf,0,BUFSIZE);
......
...@@ -18,12 +18,14 @@ RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file ...@@ -18,12 +18,14 @@ RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file
RAND_file_name() generates a default path for the random seed RAND_file_name() generates a default path for the random seed
file. B<buf> points to a buffer of size B<num> in which to store the file. B<buf> points to a buffer of size B<num> in which to store the
filename. The seed file is $RANDFILE, if that environment variable is filename. The seed file is $RANDFILE if that environment variable is
set, $HOME/.rand otherwise. If $HOME is not set either, or B<num> is set, $HOME/.rnd otherwise. If $HOME is not set either, or B<num> is
too small for the path name, an error occurs. too small for the path name, an error occurs.
RAND_load_file() reads up to B<max_bytes> from file B<filename> and RAND_load_file() reads a number of bytes from file B<filename> and
adds them to the PRNG. adds them to the PRNG. If B<max_bytes> is non-negative,
up to to B<max_bytes> are read; if B<max_bytes> is -1, the complete file
is read.
RAND_write_file() writes a number of random bytes (currently 1024) to RAND_write_file() writes a number of random bytes (currently 1024) to
file B<filename> which can be used to initialze the PRNG by calling file B<filename> which can be used to initialze the PRNG by calling
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册