summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/libcrypto/crypto/getentropy_linux.c12
-rw-r--r--lib/libcrypto/crypto/getentropy_solaris.c12
2 files changed, 12 insertions, 12 deletions
diff --git a/lib/libcrypto/crypto/getentropy_linux.c b/lib/libcrypto/crypto/getentropy_linux.c
index 3fd30316d20..f1320d24d50 100644
--- a/lib/libcrypto/crypto/getentropy_linux.c
+++ b/lib/libcrypto/crypto/getentropy_linux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: getentropy_linux.c,v 1.18 2014/07/08 09:38:55 beck Exp $ */
+/* $OpenBSD: getentropy_linux.c,v 1.19 2014/07/12 14:46:31 deraadt Exp $ */
/*
* Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
@@ -141,8 +141,8 @@ getentropy(void *buf, size_t len)
* sysctl ABI, or consider providing a new failsafe API which
* works in a chroot or when file descriptors are exhausted.
*/
-#undef FAIL_HARD_WHEN_LINUX_DEPRECATES_SYSCTL
-#ifdef FAIL_HARD_WHEN_LINUX_DEPRECATES_SYSCTL
+#undef FAIL_INSTEAD_OF_TRYING_FALLBACK
+#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK
raise(SIGKILL);
#endif
ret = getentropy_fallback(buf, len);
@@ -179,12 +179,12 @@ getentropy_urandom(void *buf, size_t len)
start:
- flags = O_RDONLY;
+ flags = O_RDONLY;
#ifdef O_NOFOLLOW
- flags |= O_NOFOLLOW;
+ flags |= O_NOFOLLOW;
#endif
#ifdef O_CLOEXEC
- flags |= O_CLOEXEC;
+ flags |= O_CLOEXEC;
#endif
fd = open("/dev/urandom", flags, 0);
if (fd == -1) {
diff --git a/lib/libcrypto/crypto/getentropy_solaris.c b/lib/libcrypto/crypto/getentropy_solaris.c
index 13afe7e3c9b..83cc30aac2a 100644
--- a/lib/libcrypto/crypto/getentropy_solaris.c
+++ b/lib/libcrypto/crypto/getentropy_solaris.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: getentropy_solaris.c,v 1.2 2014/07/12 13:19:44 beck Exp $ */
+/* $OpenBSD: getentropy_solaris.c,v 1.3 2014/07/12 14:46:31 deraadt Exp $ */
/*
* Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
@@ -43,7 +43,6 @@
#define SHA512_Update SHA512Update
#define SHA512_Final SHA512Final
-
#include <sys/vfs.h>
#include <sys/statfs.h>
#include <sys/loadavg.h>
@@ -81,7 +80,7 @@ getentropy(void *buf, size_t len)
}
/*
- * Try to get entropy with /dev/urandom...
+ * Try to get entropy with /dev/urandom
*
* Solaris provides /dev/urandom as a symbolic link to
* /devices/pseudo/random@0:urandom which is provided by
@@ -132,8 +131,8 @@ getentropy(void *buf, size_t len)
* providing a new failsafe API which works in a chroot or
* when file descriptors are exhausted.
*/
-#undef FAIL_WHEN_SYSTEM_ENTROPY_FAILS
-#ifdef FAIL_WHEN_SYSTEM_ENTROPY_FAILS
+#undef FAIL_INSTEAD_OF_TRYING_FALLBACK
+#ifdef FAIL_INSTEAD_OF_TRYING_FALLBACK
raise(SIGKILL);
#endif
ret = getentropy_fallback(buf, len);
@@ -215,7 +214,7 @@ nodevrandom:
return -1;
}
-static int cl[] = {
+static const int cl[] = {
CLOCK_REALTIME,
#ifdef CLOCK_MONOTONIC
CLOCK_MONOTONIC,
@@ -279,6 +278,7 @@ getentropy_fallback(void *buf, size_t len)
for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++)
HX(clock_gettime(cl[ii], &ts) == -1, ts);
+
HX((pid = getpid()) == -1, pid);
HX((pid = getsid(pid)) == -1, pid);
HX((pid = getppid()) == -1, pid);