Don't auto-instantiate a DRBG when trying to use it and it's not

The one creating the DRBG should instantiate it, it's there that we know which parameters we should use to instantiate it. This splits the rand init in two parts to avoid a deadlock because when the global drbg is created it wands to call rand_add on the global rand method. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> GH: #4268
author: Kurt Roeckx <kurt@roeckx.be> 2017-08-27 17:46:33 +0200
committer: Kurt Roeckx <kurt@roeckx.be> 2017-08-28 23:15:52 +0200
commit: 0b14a5b7ccd1618fe47d74a51c4873144c57ac83 (patch)
tree: ded12ac2db33ca847dc4d22ccb93a138e2c18120 /ssl/ssl_lib.c
parent: b23171744b01e473ebbfd6edad70c1c3825ffbcd (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index ed2113caa5..501a12ce50 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -630,7 +630,8 @@ SSL *SSL_new(SSL_CTX *ctx)
     if (RAND_get_rand_method() == RAND_OpenSSL()) {
         s->drbg = RAND_DRBG_new(NID_aes_128_ctr, RAND_DRBG_FLAG_CTR_USE_DF,
                                 RAND_DRBG_get0_global());
-        if (s->drbg == NULL) {
+        if (s->drbg == NULL
+            || RAND_DRBG_instantiate(s->drbg, NULL, 0) == 0) {
             CRYPTO_THREAD_lock_free(s->lock);
             goto err;
         }
author	Kurt Roeckx <kurt@roeckx.be>	2017-08-27 17:46:33 +0200
committer	Kurt Roeckx <kurt@roeckx.be>	2017-08-28 23:15:52 +0200
commit	0b14a5b7ccd1618fe47d74a51c4873144c57ac83 (patch)
tree	ded12ac2db33ca847dc4d22ccb93a138e2c18120 /ssl/ssl_lib.c
parent	b23171744b01e473ebbfd6edad70c1c3825ffbcd (diff)