diff options
| author | Pauli <paul.dale@oracle.com> | 2019-08-30 07:29:35 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2019-08-30 07:57:55 +1000 |
| commit | f493bd6f94c646ba1d96d95f4e5c2a828c668f42 (patch) | |
| tree | 68fa77279ea3d48926e8d2362e9e22203264cd50 | |
| parent | 51e236df41871871dabd2f5f7156e27a0eef3b3b (diff) | |
Fix NITs in comments and CHANGES for DEVRANDOM seeded check.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9734)
(cherry picked from commit 46a9cc9451213039fd53f62733b2ccd04e853bb2)
| -rw-r--r-- | CHANGES | 9 | ||||
| -rw-r--r-- | crypto/rand/rand_unix.c | 4 |
2 files changed, 11 insertions, 2 deletions
@@ -9,6 +9,15 @@ Changes between 1.1.1c and 1.1.1d [xx XXX xxxx] + *) Early start up entropy quality from the DEVRANDOM seed source has been + improved for older Linux systems. The RAND subsystem will wait for + /dev/random to be producing output before seeding from /dev/urandom. + The seeded state is stored for future library initialisations using + a system global shared memory segment. The shared memory identifier + can be configured by defining OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID to + the desired value. The default identifier is 114. + [Paul Dale] + *) Early start up entropy quality from the DEVRANDOM seed source has been improved for older Linux systems. The RAND subsystem will wait for /dev/random to be producing output before seeding from /dev/urandom. diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 258fef7eb0..e57b6dd893 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -388,7 +388,7 @@ static int wait_random_seeded(void) fd_set fds; if (!seeded) { - /* See if anthing has created the global seeded indication */ + /* See if anything has created the global seeded indication */ if ((shm_id = shmget(OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID, 1, 0)) == -1) { /* * Check the kernel's version and fail if it is too recent. @@ -422,7 +422,7 @@ static int wait_random_seeded(void) close(fd); if (r == 1) { seeded = 1; - /* Craete the shared memory indicator */ + /* Create the shared memory indicator */ shm_id = shmget(OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID, 1, IPC_CREAT | S_IRUSR | S_IRGRP | S_IROTH); } |