OPENSSL_info(): add the item OPENSSL_INFO_SEED_SOURCE and use it

'openssl version -r' prints the seed source based on compiler macros.
This does not necessarily reflect the library's idea of what seed
sources to use, so we reimplement the list of seed sources as a
OPENSSL_info() item and display that instead.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9689)

1 files changed, 71 insertions, 0 deletions

diff --git a/crypto/info.c b/crypto/info.c
index 5a929ddd03..c5eb1fcba9 100644
--- a/crypto/info.c
+++ b/crypto/info.c
@@ -11,9 +11,78 @@
 #include <openssl/crypto.h>
 #include "internal/dso_conf.h"
 #include "e_os.h"
+#include "buildinf.h"
+#include "internal/thread_once.h"
+
+static char *seed_sources = NULL;
+static CRYPTO_ONCE init_info = CRYPTO_ONCE_STATIC_INIT;
+
+DEFINE_RUN_ONCE_STATIC(init_info_strings)
+{
+    {
+        static char seeds[512] = "";
+
+#define add_seeds_string(str)                                           \
+        do {                                                            \
+            if (seeds[0] != '\0')                                       \
+                OPENSSL_strlcat(seeds, " ", sizeof(seeds));             \
+            OPENSSL_strlcat(seeds, str, sizeof(seeds));                 \
+        } while (0)
+#define add_seeds_stringlist(label, strlist)                            \
+        do {                                                            \
+            add_seeds_string(label "(");                                \
+            {                                                           \
+                const char *dev[] = strlist;                            \
+                int first = 1;                                          \
+                                                                        \
+                for (; *dev != NULL; dev++) {                           \
+                    if (!first)                                         \
+                        OPENSSL_strlcat(seeds, " ", sizeof(seeds));     \
+                    first = 0;                                          \
+                    OPENSSL_strlcat(seeds, *dev, sizeof(seeds));        \
+                }                                                       \
+            }                                                           \
+            OPENSSL_strlcat(seeds, ")", sizeof(seeds));                 \
+        } while (0)
+
+#ifdef OPENSSL_RAND_SEED_NONE
+        add_seeds_string("none");
+#endif
+#ifdef OPENSSL_RAND_SEED_RTDSC
+        add_seeds_string("stdsc");
+#endif
+#ifdef OPENSSL_RAND_SEED_RDCPU
+        add_seeds_string("rdrand ( rdseed rdrand )");
+#endif
+#ifdef OPENSSL_RAND_SEED_LIBRANDOM
+        add_seeds_string("C-library-random");
+#endif
+#ifdef OPENSSL_RAND_SEED_GETRANDOM
+        add_seeds_string("getrandom-syscall");
+#endif
+#ifdef OPENSSL_RAND_SEED_DEVRANDOM
+        add_seeds_stringlist("random-device", { DEVRANDOM, NULL });
+#endif
+#ifdef OPENSSL_RAND_SEED_EGD
+        add_seeds_stringlist("EGD", { DEVRANDOM_EGD, NULL });
+#endif
+#ifdef OPENSSL_RAND_SEED_OS
+        add_seeds_string("os-specific");
+#endif
+        seed_sources = seeds;
+    }
+    return 1;
+}
 
 const char *OPENSSL_info(int t)
 {
+    /*
+     * We don't care about the result.  Worst case scenario, the strings
+     * won't be initialised, i.e. remain NULL, which means that the info
+     * isn't available anyway...
+     */
+    (void)RUN_ONCE(&init_info, init_info_strings);
+
     switch (t) {
     case OPENSSL_INFO_CONFIG_DIR:
         return OPENSSLDIR;
@@ -36,6 +105,8 @@ const char *OPENSSL_info(int t)
             static const char list_sep[] = { LIST_SEPARATOR_CHAR, '\0' };
             return list_sep;
         }
+    case OPENSSL_INFO_SEED_SOURCE:
+        return seed_sources;
     default:
         break;
     }