commit f8f407d66a4389035852a229a6945cc08a64b198 Author: Nick Mathewson nickm@torproject.org Date: Tue May 19 16:17:03 2015 -0400
Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args
It needed an argument before because it wasn't safe to call RAND_poll() on openssl 0.9.8c if you had already opened more fds than would fit in fd_set. --- src/common/crypto.c | 8 +++----- src/common/crypto.h | 2 +- src/or/main.c | 2 +- src/test/bench.c | 2 +- src/test/test_crypto.c | 2 +- src/test/test_workqueue.c | 2 +- src/test/testing_common.c | 2 +- src/tools/tor-gencert.c | 2 +- 8 files changed, 10 insertions(+), 12 deletions(-)
diff --git a/src/common/crypto.c b/src/common/crypto.c index 0feed1c..f980d7e 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -302,7 +302,7 @@ crypto_early_init(void)
crypto_force_rand_ssleay();
- if (crypto_seed_rng(1) < 0) + if (crypto_seed_rng() < 0) return -1; if (crypto_init_siphash_key() < 0) return -1; @@ -384,7 +384,7 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir) }
if (crypto_force_rand_ssleay()) { - if (crypto_seed_rng(1) < 0) + if (crypto_seed_rng() < 0) return -1; }
@@ -2485,13 +2485,11 @@ crypto_strongest_rand(uint8_t *out, size_t out_len) * have not yet allocated a bunch of fds. Return 0 on success, -1 on failure. */ int -crypto_seed_rng(int startup) +crypto_seed_rng(void) { int rand_poll_ok = 0, load_entropy_ok = 0; uint8_t buf[ADD_ENTROPY];
- (void) startup; - /* OpenSSL has a RAND_poll function that knows about more kinds of * entropy than we do. We'll try calling that, *and* calling our own entropy * functions. If one succeeds, we'll accept the RNG as seeded. */ diff --git a/src/common/crypto.h b/src/common/crypto.h index d305bc1..5a08045 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -251,7 +251,7 @@ int crypto_expand_key_material_rfc5869_sha256( uint8_t *key_out, size_t key_out_len);
/* random numbers */ -int crypto_seed_rng(int startup); +int crypto_seed_rng(void); MOCK_DECL(int,crypto_rand,(char *to, size_t n)); int crypto_strongest_rand(uint8_t *out, size_t out_len); int crypto_rand_int(unsigned int max); diff --git a/src/or/main.c b/src/or/main.c index 651291b..3f785a2 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -1317,7 +1317,7 @@ run_scheduled_events(time_t now) if (time_to_add_entropy < now) { if (time_to_add_entropy) { /* We already seeded once, so don't die on failure. */ - crypto_seed_rng(0); + crypto_seed_rng(); } /** How often do we add more entropy to OpenSSL's RNG pool? */ #define ENTROPY_INTERVAL (60*60) diff --git a/src/test/bench.c b/src/test/bench.c index 6909e73..a74fc77 100644 --- a/src/test/bench.c +++ b/src/test/bench.c @@ -624,7 +624,7 @@ main(int argc, const char **argv)
reset_perftime();
- crypto_seed_rng(1); + crypto_seed_rng(); crypto_init_siphash_key(); options = options_new(); init_logging(1); diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c index e9fb8bf..5c263ba 100644 --- a/src/test/test_crypto.c +++ b/src/test/test_crypto.c @@ -72,7 +72,7 @@ test_crypto_rng(void *arg)
/* Try out RNG. */ (void)arg; - tt_assert(! crypto_seed_rng(0)); + tt_assert(! crypto_seed_rng()); crypto_rand(data1, 100); crypto_rand(data2, 100); tt_mem_op(data1,OP_NE, data2,100); diff --git a/src/test/test_workqueue.c b/src/test/test_workqueue.c index aaff506..c524b24 100644 --- a/src/test/test_workqueue.c +++ b/src/test/test_workqueue.c @@ -356,7 +356,7 @@ main(int argc, char **argv)
init_logging(1); crypto_global_init(1, NULL, NULL); - crypto_seed_rng(1); + crypto_seed_rng();
rq = replyqueue_new(as_flags); tor_assert(rq); diff --git a/src/test/testing_common.c b/src/test/testing_common.c index 403c83b..e0c0046 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -270,7 +270,7 @@ main(int c, const char **v) return 1; } crypto_set_tls_dh_prime(NULL); - crypto_seed_rng(1); + crypto_seed_rng(); rep_hist_init(); network_init(); setup_directory(); diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c index c599822..b83682a 100644 --- a/src/tools/tor-gencert.c +++ b/src/tools/tor-gencert.c @@ -532,7 +532,7 @@ main(int argc, char **argv) fprintf(stderr, "Couldn't initialize crypto library.\n"); return 1; } - if (crypto_seed_rng(1)) { + if (crypto_seed_rng()) { fprintf(stderr, "Couldn't seed RNG.\n"); goto done; }