[tor-commits] [tor/master] Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args

nickm at torproject.org nickm at torproject.org
Wed May 20 19:35:55 UTC 2015


commit f8f407d66a4389035852a229a6945cc08a64b198
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue May 19 16:17:03 2015 -0400

    Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args
    
    It needed an argument before because it wasn't safe to call
    RAND_poll() on openssl 0.9.8c if you had already opened more fds
    than would fit in fd_set.
---
 src/common/crypto.c       |    8 +++-----
 src/common/crypto.h       |    2 +-
 src/or/main.c             |    2 +-
 src/test/bench.c          |    2 +-
 src/test/test_crypto.c    |    2 +-
 src/test/test_workqueue.c |    2 +-
 src/test/testing_common.c |    2 +-
 src/tools/tor-gencert.c   |    2 +-
 8 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 0feed1c..f980d7e 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -302,7 +302,7 @@ crypto_early_init(void)
 
     crypto_force_rand_ssleay();
 
-    if (crypto_seed_rng(1) < 0)
+    if (crypto_seed_rng() < 0)
       return -1;
     if (crypto_init_siphash_key() < 0)
       return -1;
@@ -384,7 +384,7 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
     }
 
     if (crypto_force_rand_ssleay()) {
-      if (crypto_seed_rng(1) < 0)
+      if (crypto_seed_rng() < 0)
         return -1;
     }
 
@@ -2485,13 +2485,11 @@ crypto_strongest_rand(uint8_t *out, size_t out_len)
  * have not yet allocated a bunch of fds.  Return 0 on success, -1 on failure.
  */
 int
-crypto_seed_rng(int startup)
+crypto_seed_rng(void)
 {
   int rand_poll_ok = 0, load_entropy_ok = 0;
   uint8_t buf[ADD_ENTROPY];
 
-  (void) startup;
-
   /* OpenSSL has a RAND_poll function that knows about more kinds of
    * entropy than we do.  We'll try calling that, *and* calling our own entropy
    * functions.  If one succeeds, we'll accept the RNG as seeded. */
diff --git a/src/common/crypto.h b/src/common/crypto.h
index d305bc1..5a08045 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -251,7 +251,7 @@ int crypto_expand_key_material_rfc5869_sha256(
                                     uint8_t *key_out, size_t key_out_len);
 
 /* random numbers */
-int crypto_seed_rng(int startup);
+int crypto_seed_rng(void);
 MOCK_DECL(int,crypto_rand,(char *to, size_t n));
 int crypto_strongest_rand(uint8_t *out, size_t out_len);
 int crypto_rand_int(unsigned int max);
diff --git a/src/or/main.c b/src/or/main.c
index 651291b..3f785a2 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1317,7 +1317,7 @@ run_scheduled_events(time_t now)
   if (time_to_add_entropy < now) {
     if (time_to_add_entropy) {
       /* We already seeded once, so don't die on failure. */
-      crypto_seed_rng(0);
+      crypto_seed_rng();
     }
 /** How often do we add more entropy to OpenSSL's RNG pool? */
 #define ENTROPY_INTERVAL (60*60)
diff --git a/src/test/bench.c b/src/test/bench.c
index 6909e73..a74fc77 100644
--- a/src/test/bench.c
+++ b/src/test/bench.c
@@ -624,7 +624,7 @@ main(int argc, const char **argv)
 
   reset_perftime();
 
-  crypto_seed_rng(1);
+  crypto_seed_rng();
   crypto_init_siphash_key();
   options = options_new();
   init_logging(1);
diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c
index e9fb8bf..5c263ba 100644
--- a/src/test/test_crypto.c
+++ b/src/test/test_crypto.c
@@ -72,7 +72,7 @@ test_crypto_rng(void *arg)
 
   /* Try out RNG. */
   (void)arg;
-  tt_assert(! crypto_seed_rng(0));
+  tt_assert(! crypto_seed_rng());
   crypto_rand(data1, 100);
   crypto_rand(data2, 100);
   tt_mem_op(data1,OP_NE, data2,100);
diff --git a/src/test/test_workqueue.c b/src/test/test_workqueue.c
index aaff506..c524b24 100644
--- a/src/test/test_workqueue.c
+++ b/src/test/test_workqueue.c
@@ -356,7 +356,7 @@ main(int argc, char **argv)
 
   init_logging(1);
   crypto_global_init(1, NULL, NULL);
-  crypto_seed_rng(1);
+  crypto_seed_rng();
 
   rq = replyqueue_new(as_flags);
   tor_assert(rq);
diff --git a/src/test/testing_common.c b/src/test/testing_common.c
index 403c83b..e0c0046 100644
--- a/src/test/testing_common.c
+++ b/src/test/testing_common.c
@@ -270,7 +270,7 @@ main(int c, const char **v)
     return 1;
   }
   crypto_set_tls_dh_prime(NULL);
-  crypto_seed_rng(1);
+  crypto_seed_rng();
   rep_hist_init();
   network_init();
   setup_directory();
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c
index c599822..b83682a 100644
--- a/src/tools/tor-gencert.c
+++ b/src/tools/tor-gencert.c
@@ -532,7 +532,7 @@ main(int argc, char **argv)
     fprintf(stderr, "Couldn't initialize crypto library.\n");
     return 1;
   }
-  if (crypto_seed_rng(1)) {
+  if (crypto_seed_rng()) {
     fprintf(stderr, "Couldn't seed RNG.\n");
     goto done;
   }





More information about the tor-commits mailing list