Add a no-egd option to disable EGD-related code

The entropy-gathering daemon is used only on a small number of machines. Provide a configure knob so that EGD support can be disabled by default but re-enabled on those systems that do need it. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
author: Benjamin Kaduk <bkaduk@akamai.com> 2016-01-12 18:02:16 -0600
committer: Rich Salz <rsalz@openssl.org> 2016-01-14 13:02:51 -0500
commit: 0423f812dc61f70c6ae6643191259ca9e5692c7f (patch)
tree: 505fd5ca6269bf07f48d4375664ebb2af61aab7e /crypto/rand/rand_egd.c
parent: 47153c72536a53ecd8f428444b953db0631acc9b (diff)
1 files changed, 46 insertions, 38 deletions
diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c
index ea3621c44f..e65dc0917a 100644
--- a/crypto/rand/rand_egd.c
+++ b/crypto/rand/rand_egd.c
@@ -95,7 +95,9 @@
  *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
  */
 
-#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)
+#ifndef OPENSSL_NO_EGD
+
+# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI)
 int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
 {
     return (-1);
@@ -110,26 +112,26 @@ int RAND_egd_bytes(const char *path, int bytes)
 {
     return (-1);
 }
-#else
-# include <openssl/opensslconf.h>
-# include OPENSSL_UNISTD
-# include <stddef.h>
-# include <sys/types.h>
-# include <sys/socket.h>
-# ifndef NO_SYS_UN_H
-#  ifdef OPENSSL_SYS_VXWORKS
-#   include <streams/un.h>
-#  else
-#   include <sys/un.h>
-#  endif
 # else
+#  include <openssl/opensslconf.h>
+#  include OPENSSL_UNISTD
+#  include <stddef.h>
+#  include <sys/types.h>
+#  include <sys/socket.h>
+#  ifndef NO_SYS_UN_H
+#   ifdef OPENSSL_SYS_VXWORKS
+#    include <streams/un.h>
+#   else
+#    include <sys/un.h>
+#   endif
+#  else
 struct sockaddr_un {
     short sun_family;           /* AF_UNIX */
     char sun_path[108];         /* path name (gag) */
 };
-# endif                         /* NO_SYS_UN_H */
-# include <string.h>
-# include <errno.h>
+#  endif                         /* NO_SYS_UN_H */
+#  include <string.h>
+#  include <errno.h>
 
 int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
 {
@@ -155,25 +157,25 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
             success = 1;
         else {
             switch (errno) {
-# ifdef EINTR
+#  ifdef EINTR
             case EINTR:
-# endif
-# ifdef EAGAIN
+#  endif
+#  ifdef EAGAIN
             case EAGAIN:
-# endif
-# ifdef EINPROGRESS
+#  endif
+#  ifdef EINPROGRESS
             case EINPROGRESS:
-# endif
-# ifdef EALREADY
+#  endif
+#  ifdef EALREADY
             case EALREADY:
-# endif
+#  endif
                 /* No error, try again */
                 break;
-# ifdef EISCONN
+#  ifdef EISCONN
             case EISCONN:
                 success = 1;
                 break;
-# endif
+#  endif
             default:
                 goto err;       /* failure */
             }
@@ -190,12 +192,12 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
                 numbytes += num;
             else {
                 switch (errno) {
-# ifdef EINTR
+#  ifdef EINTR
                 case EINTR:
-# endif
-# ifdef EAGAIN
+#  endif
+#  ifdef EAGAIN
                 case EAGAIN:
-# endif
+#  endif
                     /* No error, try again */
                     break;
                 default:
@@ -213,12 +215,12 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
                 numbytes += num;
             else {
                 switch (errno) {
-# ifdef EINTR
+#  ifdef EINTR
                 case EINTR:
-# endif
-# ifdef EAGAIN
+#  endif
+#  ifdef EAGAIN
                 case EAGAIN:
-# endif
+#  endif
                     /* No error, try again */
                     break;
                 default:
@@ -242,12 +244,12 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
                 numbytes += num;
             else {
                 switch (errno) {
-# ifdef EINTR
+#  ifdef EINTR
                 case EINTR:
-# endif
-# ifdef EAGAIN
+#  endif
+#  ifdef EAGAIN
                 case EAGAIN:
-# endif
+#  endif
                     /* No error, try again */
                     break;
                 default:
@@ -285,4 +287,10 @@ int RAND_egd(const char *path)
     return (RAND_egd_bytes(path, 255));
 }
 
+# endif
+
+#else /* OPENSSL_NO_EGD */
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
 #endif
author	Benjamin Kaduk <bkaduk@akamai.com>	2016-01-12 18:02:16 -0600
committer	Rich Salz <rsalz@openssl.org>	2016-01-14 13:02:51 -0500
commit	0423f812dc61f70c6ae6643191259ca9e5692c7f (patch)
tree	505fd5ca6269bf07f48d4375664ebb2af61aab7e /crypto/rand/rand_egd.c
parent	47153c72536a53ecd8f428444b953db0631acc9b (diff)