From 0423f812dc61f70c6ae6643191259ca9e5692c7f Mon Sep 17 00:00:00 2001 From: Benjamin Kaduk Date: Tue, 12 Jan 2016 18:02:16 -0600 Subject: Add a no-egd option to disable EGD-related code The entropy-gathering daemon is used only on a small number of machines. Provide a configure knob so that EGD support can be disabled by default but re-enabled on those systems that do need it. Reviewed-by: Dr. Stephen Henson --- crypto/rand/rand_egd.c | 84 +++++++++++++++++++++++++++----------------------- 1 file changed, 46 insertions(+), 38 deletions(-) (limited to 'crypto/rand/rand_egd.c') diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c index ea3621c44f..e65dc0917a 100644 --- a/crypto/rand/rand_egd.c +++ b/crypto/rand/rand_egd.c @@ -95,7 +95,9 @@ * RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255. */ -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI) +#ifndef OPENSSL_NO_EGD + +# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_UEFI) int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { return (-1); @@ -110,26 +112,26 @@ int RAND_egd_bytes(const char *path, int bytes) { return (-1); } -#else -# include -# include OPENSSL_UNISTD -# include -# include -# include -# ifndef NO_SYS_UN_H -# ifdef OPENSSL_SYS_VXWORKS -# include -# else -# include -# endif # else +# include +# include OPENSSL_UNISTD +# include +# include +# include +# ifndef NO_SYS_UN_H +# ifdef OPENSSL_SYS_VXWORKS +# include +# else +# include +# endif +# else struct sockaddr_un { short sun_family; /* AF_UNIX */ char sun_path[108]; /* path name (gag) */ }; -# endif /* NO_SYS_UN_H */ -# include -# include +# endif /* NO_SYS_UN_H */ +# include +# include int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) { @@ -155,25 +157,25 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) success = 1; else { switch (errno) { -# ifdef EINTR +# ifdef EINTR case EINTR: -# endif -# ifdef EAGAIN +# endif +# ifdef EAGAIN case EAGAIN: -# endif -# ifdef EINPROGRESS +# endif +# ifdef EINPROGRESS case EINPROGRESS: -# endif -# ifdef EALREADY +# endif +# ifdef EALREADY case EALREADY: -# endif +# endif /* No error, try again */ break; -# ifdef EISCONN +# ifdef EISCONN case EISCONN: success = 1; break; -# endif +# endif default: goto err; /* failure */ } @@ -190,12 +192,12 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) numbytes += num; else { switch (errno) { -# ifdef EINTR +# ifdef EINTR case EINTR: -# endif -# ifdef EAGAIN +# endif +# ifdef EAGAIN case EAGAIN: -# endif +# endif /* No error, try again */ break; default: @@ -213,12 +215,12 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) numbytes += num; else { switch (errno) { -# ifdef EINTR +# ifdef EINTR case EINTR: -# endif -# ifdef EAGAIN +# endif +# ifdef EAGAIN case EAGAIN: -# endif +# endif /* No error, try again */ break; default: @@ -242,12 +244,12 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes) numbytes += num; else { switch (errno) { -# ifdef EINTR +# ifdef EINTR case EINTR: -# endif -# ifdef EAGAIN +# endif +# ifdef EAGAIN case EAGAIN: -# endif +# endif /* No error, try again */ break; default: @@ -285,4 +287,10 @@ int RAND_egd(const char *path) return (RAND_egd_bytes(path, 255)); } +# endif + +#else /* OPENSSL_NO_EGD */ +# if PEDANTIC +static void *dummy = &dummy; +# endif #endif -- cgit v1.2.3