[tor-commits] [tor/master] Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args
nickm at torproject.org
nickm at torproject.org
Wed May 20 19:35:55 UTC 2015
commit f8f407d66a4389035852a229a6945cc08a64b198
Author: Nick Mathewson <nickm at torproject.org>
Date: Tue May 19 16:17:03 2015 -0400
Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args
It needed an argument before because it wasn't safe to call
RAND_poll() on openssl 0.9.8c if you had already opened more fds
than would fit in fd_set.
---
src/common/crypto.c | 8 +++-----
src/common/crypto.h | 2 +-
src/or/main.c | 2 +-
src/test/bench.c | 2 +-
src/test/test_crypto.c | 2 +-
src/test/test_workqueue.c | 2 +-
src/test/testing_common.c | 2 +-
src/tools/tor-gencert.c | 2 +-
8 files changed, 10 insertions(+), 12 deletions(-)
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 0feed1c..f980d7e 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -302,7 +302,7 @@ crypto_early_init(void)
crypto_force_rand_ssleay();
- if (crypto_seed_rng(1) < 0)
+ if (crypto_seed_rng() < 0)
return -1;
if (crypto_init_siphash_key() < 0)
return -1;
@@ -384,7 +384,7 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
}
if (crypto_force_rand_ssleay()) {
- if (crypto_seed_rng(1) < 0)
+ if (crypto_seed_rng() < 0)
return -1;
}
@@ -2485,13 +2485,11 @@ crypto_strongest_rand(uint8_t *out, size_t out_len)
* have not yet allocated a bunch of fds. Return 0 on success, -1 on failure.
*/
int
-crypto_seed_rng(int startup)
+crypto_seed_rng(void)
{
int rand_poll_ok = 0, load_entropy_ok = 0;
uint8_t buf[ADD_ENTROPY];
- (void) startup;
-
/* OpenSSL has a RAND_poll function that knows about more kinds of
* entropy than we do. We'll try calling that, *and* calling our own entropy
* functions. If one succeeds, we'll accept the RNG as seeded. */
diff --git a/src/common/crypto.h b/src/common/crypto.h
index d305bc1..5a08045 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -251,7 +251,7 @@ int crypto_expand_key_material_rfc5869_sha256(
uint8_t *key_out, size_t key_out_len);
/* random numbers */
-int crypto_seed_rng(int startup);
+int crypto_seed_rng(void);
MOCK_DECL(int,crypto_rand,(char *to, size_t n));
int crypto_strongest_rand(uint8_t *out, size_t out_len);
int crypto_rand_int(unsigned int max);
diff --git a/src/or/main.c b/src/or/main.c
index 651291b..3f785a2 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1317,7 +1317,7 @@ run_scheduled_events(time_t now)
if (time_to_add_entropy < now) {
if (time_to_add_entropy) {
/* We already seeded once, so don't die on failure. */
- crypto_seed_rng(0);
+ crypto_seed_rng();
}
/** How often do we add more entropy to OpenSSL's RNG pool? */
#define ENTROPY_INTERVAL (60*60)
diff --git a/src/test/bench.c b/src/test/bench.c
index 6909e73..a74fc77 100644
--- a/src/test/bench.c
+++ b/src/test/bench.c
@@ -624,7 +624,7 @@ main(int argc, const char **argv)
reset_perftime();
- crypto_seed_rng(1);
+ crypto_seed_rng();
crypto_init_siphash_key();
options = options_new();
init_logging(1);
diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c
index e9fb8bf..5c263ba 100644
--- a/src/test/test_crypto.c
+++ b/src/test/test_crypto.c
@@ -72,7 +72,7 @@ test_crypto_rng(void *arg)
/* Try out RNG. */
(void)arg;
- tt_assert(! crypto_seed_rng(0));
+ tt_assert(! crypto_seed_rng());
crypto_rand(data1, 100);
crypto_rand(data2, 100);
tt_mem_op(data1,OP_NE, data2,100);
diff --git a/src/test/test_workqueue.c b/src/test/test_workqueue.c
index aaff506..c524b24 100644
--- a/src/test/test_workqueue.c
+++ b/src/test/test_workqueue.c
@@ -356,7 +356,7 @@ main(int argc, char **argv)
init_logging(1);
crypto_global_init(1, NULL, NULL);
- crypto_seed_rng(1);
+ crypto_seed_rng();
rq = replyqueue_new(as_flags);
tor_assert(rq);
diff --git a/src/test/testing_common.c b/src/test/testing_common.c
index 403c83b..e0c0046 100644
--- a/src/test/testing_common.c
+++ b/src/test/testing_common.c
@@ -270,7 +270,7 @@ main(int c, const char **v)
return 1;
}
crypto_set_tls_dh_prime(NULL);
- crypto_seed_rng(1);
+ crypto_seed_rng();
rep_hist_init();
network_init();
setup_directory();
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c
index c599822..b83682a 100644
--- a/src/tools/tor-gencert.c
+++ b/src/tools/tor-gencert.c
@@ -532,7 +532,7 @@ main(int argc, char **argv)
fprintf(stderr, "Couldn't initialize crypto library.\n");
return 1;
}
- if (crypto_seed_rng(1)) {
+ if (crypto_seed_rng()) {
fprintf(stderr, "Couldn't seed RNG.\n");
goto done;
}
More information about the tor-commits
mailing list