Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
e34aa5a3
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
e34aa5a3
编写于
6月 28, 2006
作者:
B
Bodo Möller
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
always read in RAND_poll() if we can't use select because of a too
large FD: it's non-blocking mode anyway
上级
985e4c41
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
85 addition
and
80 deletion
+85
-80
CHANGES
CHANGES
+6
-1
crypto/rand/rand_unix.c
crypto/rand/rand_unix.c
+79
-79
未找到文件。
CHANGES
浏览文件 @
e34aa5a3
...
...
@@ -339,6 +339,11 @@
Changes between 0.9.8b and 0.9.8c [xx XXX xxxx]
*) Change the Unix randomness entropy gathering to use poll() when
possible instead of select(), since the latter has some
undesirable limitations.
[Darryl Miles via Richard Levitte and Bodo Moeller]
*) Disable "ECCdraft" ciphersuites more thoroughly. Now special
treatment in ssl/ssl_ciph.s makes sure that these ciphersuites
cannot be implicitly activated as part of, e.g., the "AES" alias.
...
...
@@ -1292,7 +1297,7 @@
*) Change the Unix randomness entropy gathering to use poll() when
possible instead of select(), since the latter has some
undesirable limitations.
[Darryl Miles via Richard Levitte]
[Darryl Miles via Richard Levitte
and Bodo Moeller
]
*) Disable rogue ciphersuites:
...
...
crypto/rand/rand_unix.c
浏览文件 @
e34aa5a3
...
...
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
* Copyright (c) 1998-200
0
The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-200
6
The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
...
...
@@ -116,7 +116,7 @@
#include <openssl/rand.h>
#include "rand_lcl.h"
#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
#include <sys/types.h>
#include <sys/time.h>
...
...
@@ -125,53 +125,12 @@
#include <fcntl.h>
#include <unistd.h>
#include <time.h>
#if defined(OPENSSL_SYS_LINUX)
/* lets use poll() */
# include <sys/poll.h>
# define IOWAIT_VARS struct pollfd pset; struct timeval t
# define IOWAIT_INIT(f, t) do { \
pset.fd = (f); \
pset.events = POLLIN; \
pset.revents = 0; \
(t)->tv_sec = 0; \
(t)->tv_usec = 10*1000; \
/* Spend 10ms on each file. */
\
} while(0)
# define IOWAIT_FUNC(f, t) poll(&pset, 1, ((t)->tv_sec * 1000) + ((t)->tv_usec / 1000))
# define IOWAIT_CHECK(f) ((pset.revents & POLLIN) != 0)
#else
/* lets use select() */
/* For each platform we could do with making a guess at
* how many FDs we support. With glibc/Linux its possible
* to use FD_SETSIZE directly, but this may not be very
* portable. Another options was to use _POSIX_OPEN_MAX
* but that value is a tad dull on modern hardware. So
* I ended up trying sizeof(fd_set)*8 which should be
* closer to the real value.
* If this causes a problem on your platform because we
* can not guess correctly then set it to zero.
*/
# if defined(FD_SETSIZE)
# define IOWAIT_FD_SETSIZE (FD_SETSIZE)
# else
/* fallback method */
# define IOWAIT_FD_SETSIZE (sizeof(fd_set) * 8)
# endif
# define IOWAIT_VARS fd_set fset; struct timeval t
# define IOWAIT_INIT(f, t) do { \
FD_ZERO(&fset); \
if(IOWAIT_FD_SETSIZE > 0 \
&& (f) >= IOWAIT_FD_SETSIZE) \
{ break; } \
FD_SET((f), &fset); \
(t)->tv_sec = 0; \
(t)->tv_usec = 10*1000; \
/* Spend 10ms on each file. */
\
} while(0)
# define IOWAIT_FUNC(f, t) select((f)+1,&fset,NULL,NULL,(t))
# define IOWAIT_CHECK(f) FD_ISSET((f), &fset)
#endif
#include <limits.h>
#ifndef FD_SETSIZE
# define FD_SETSIZE (8*sizeof(fd_set))
#endif
#ifdef __OpenBSD__
...
...
@@ -191,7 +150,7 @@ int RAND_poll(void)
return
1
;
}
#else
#else
/* !defined(__OpenBSD__) */
int
RAND_poll
(
void
)
{
unsigned
long
l
;
...
...
@@ -233,9 +192,9 @@ int RAND_poll(void)
#endif
))
>=
0
)
{
int
usec
=
10
*
1000
;
/* spend 10ms on each file */
int
r
;
unsigned
int
j
;
IOWAIT_VARS
;
struct
stat
*
st
=&
randomstats
[
i
];
/* Avoid using same input... Used to be O_NOFOLLOW
...
...
@@ -251,44 +210,84 @@ int RAND_poll(void)
do
{
int
try_read
=
0
;
#if defined(OPENSSL_SYS_BEOS_R5)
/* select() is broken in BeOS R5, so we simply
* try to read something and snooze if we couldn't: */
r
=
read
(
fd
,(
unsigned
char
*
)
tmpbuf
+
n
,
ENTROPY_NEEDED
-
n
);
if
(
r
>
0
)
n
+=
r
;
else
if
(
r
==
0
)
snooze
(
t
.
tv_usec
);
/* select() is broken in BeOS R5, so we simply
* try to read something and snooze if we couldn't */
try_read
=
1
;
#elif defined(OPENSSL_SYS_LINUX)
/* use poll() */
struct
pollfd
pset
;
pset
.
fd
=
fd
;
pset
.
events
=
POLLIN
;
pset
.
revents
=
0
;
if
(
poll
(
&
pset
,
1
,
usec
/
1000
)
<
0
)
usec
=
0
;
else
try_read
=
(
pset
.
revents
&
POLLIN
)
!=
0
;
#else
IOWAIT_INIT
(
fd
,
&
t
);
r
=
-
1
;
/* use select() */
fd_set
fset
;
struct
timeval
t
;
t
.
tv_sec
=
0
;
t
.
tv_usec
=
usec
;
if
(
IOWAIT_FUNC
(
fd
,
&
t
)
<
0
)
t
.
tv_usec
=
0
;
else
if
(
IOWAIT_CHECK
(
fd
))
if
(
FD_SETSIZE
>
0
&&
fd
>=
FD_SETSIZE
)
{
/* can't use select, so just try to read once anyway */
try_read
=
1
;
}
else
{
FD_ZERO
(
&
fset
);
FD_SET
(
fd
,
&
fset
);
if
(
select
(
fd
+
1
,
&
fset
,
NULL
,
NULL
,
&
t
)
>=
0
)
{
usec
=
t
.
tv_usec
;
if
(
FD_ISSET
(
fd
,
&
fset
))
try_read
=
1
;
}
else
usec
=
0
;
}
#endif
if
(
try_read
)
{
r
=
read
(
fd
,(
unsigned
char
*
)
tmpbuf
+
n
,
ENTROPY_NEEDED
-
n
);
r
=
read
(
fd
,(
unsigned
char
*
)
tmpbuf
+
n
,
ENTROPY_NEEDED
-
n
);
if
(
r
>
0
)
n
+=
r
;
}
#if defined(OPENSSL_SYS_BEOS_R5)
if
(
r
==
0
)
snooze
(
t
.
tv_usec
);
#endif
/* Some Unixen will update t, some
won't. For those who won't, give
up here, otherwise, we will do
}
else
r
=
-
1
;
/* Some Unixen will update t in select(), some
won't. For those who won't, or if we
didn't use select() in the first place,
give up here, otherwise, we will do
this once again for the remaining
time. */
if
(
t
.
tv_
usec
==
10
*
1000
)
t
.
tv_usec
=
0
;
if
(
usec
==
10
*
1000
)
usec
=
0
;
}
while
((
r
>
0
||
(
errno
==
EINTR
||
errno
==
EAGAIN
))
&&
t
.
tv_
usec
!=
0
&&
n
<
ENTROPY_NEEDED
);
while
((
r
>
0
||
(
errno
==
EINTR
||
errno
==
EAGAIN
))
&&
usec
!=
0
&&
n
<
ENTROPY_NEEDED
);
close
(
fd
);
}
}
#endif
#endif
/* defined(DEVRANDOM) */
#ifdef DEVRANDOM_EGD
/* Use an EGD socket to read entropy from an EGD or PRNGD entropy
...
...
@@ -303,7 +302,7 @@ int RAND_poll(void)
if
(
r
>
0
)
n
+=
r
;
}
#endif
#endif
/* defined(DEVRANDOM_EGD) */
#if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
if
(
n
>
0
)
...
...
@@ -337,12 +336,13 @@ int RAND_poll(void)
#endif
}
#endif
#endif
#endif
/* defined(__OpenBSD__) */
#endif
/* !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)) */
#if defined(OPENSSL_SYS_VXWORKS)
int
RAND_poll
(
void
)
{
return
0
;
}
{
return
0
;
}
#endif
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录