diff options
author | Richard Levitte <levitte@openssl.org> | 2018-04-04 18:31:50 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2018-04-04 20:14:51 +0200 |
commit | 8e2bec9b8aaba602af6fda2523a15238aa49aade (patch) | |
tree | de4bb0311df3e56f8f5e3813e2ec9037b7040923 /crypto/rand/rand_unix.c | |
parent | dbcfd9025f86e997f6246d51e4700a0560ce3977 (diff) |
Remove ambiguity in rand_pool_add[_end] return value
When these two functions returned zero, it could mean:
1. that an error occured. In their case, the error is an overflow of
the pool, i.e. the correct response from the caller would be to
stop trying to fill the pool.
2. that there isn't enought entropy acquired yet, i.e. the correct
response from the caller would be to try and add more entropy to
the pool.
Because of this ambiguity, the returned zero turns out to be useless.
This change makes the returned value more consistent. 1 means the
addition of new entropy was successful, 0 means it wasn't. To know if
the pool has been filled enough, the caller will have to call some
other function, such as rand_pool_entropy_available().
Fixes #5846
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5876)
Diffstat (limited to 'crypto/rand/rand_unix.c')
-rw-r--r-- | crypto/rand/rand_unix.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index b86f94ab72..0f9407f3ff 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -174,7 +174,8 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool) if (getrandom(buffer, bytes_needed, 0) == (int)bytes_needed) bytes = bytes_needed; - entropy_available = rand_pool_add_end(pool, bytes, 8 * bytes); + rand_pool_add_end(pool, bytes, 8 * bytes); + entropy_available = rand_pool_entropy_available(pool); } if (entropy_available > 0) return entropy_available; @@ -203,7 +204,8 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool) if (fread(buffer, 1, bytes_needed, fp) == bytes_needed) bytes = bytes_needed; - entropy_available = rand_pool_add_end(pool, bytes, 8 * bytes); + rand_pool_add_end(pool, bytes, 8 * bytes); + entropy_available = rand_pool_entropy_available(pool); } fclose(fp); if (entropy_available > 0) @@ -241,7 +243,8 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool) if (num == (int)bytes_needed) bytes = bytes_needed; - entropy_available = rand_pool_add_end(pool, bytes, 8 * bytes); + rand_pool_add_end(pool, bytes, 8 * bytes); + entropy_available = rand_pool_entropy_available(pool); } if (entropy_available > 0) return entropy_available; |