openssl: use Genode specific RAND backend

The backend merely provides simpler access to '/dev/random' because
on Genode the common random device checks are unnecessary.

Fixes #1236.
This commit is contained in:
Josef Söntgen 2014-08-18 12:17:57 +02:00 committed by Norman Feske
parent baa64bf795
commit e23a0c8a13
4 changed files with 35 additions and 2 deletions

View File

@ -6,7 +6,8 @@ SHARED_LIB = yes
LIBS += libc
CC_OPT += -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -DL_ENDIAN -DTERMIOS \
-DOPENSSL_NO_ASM
-DOPENSSL_NO_ASM -DGETPID_IS_MEANINGLESS
CC_OPT += -DRAND_GENODE
#
# crypto base source

View File

@ -1 +1 @@
50bfa7824abc38d4d1eecbc80d8433639c0cb731
7b4517a076012f43036912dcc693fb6b035ddf3c

View File

@ -37,3 +37,6 @@ src/lib/openssl/x86_64/rc4_md5.s:
$(VERBOSE)mkdir -p $(dir $@)
$(VERBOSE)perl src/lib/openssl/crypto/rc4/asm/rc4-md5-x86_64.pl \
src/lib/openssl/crypto/perlasm/x86as.pl > $@
PATCHES := src/lib/openssl/rand_unix_c.patch
PATCH_OPT := -p1 -d src/lib/openssl

View File

@ -0,0 +1,29 @@
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index e3a6557..27b26e4 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -233,6 +233,24 @@ int RAND_poll(void)
return 1;
}
+#elif defined RAND_GENODE
+int RAND_poll(void)
+{
+ unsigned char buf[ENTROPY_NEEDED];
+
+ int fd = open("/dev/random", O_RDONLY);
+ if (fd == -1) {
+ perror("open");
+ return 0;
+ }
+
+ read(fd, buf, sizeof(buf)); /* XXX check read */
+
+ RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
+ memset(buf, 0, sizeof(buf)); /* XXX make explicit */
+
+ return 1;
+}
#else /* !defined(__OpenBSD__) */
int RAND_poll(void)
{