vendor/openssl/1.1.1c

4 files changed, 37 insertions, 14 deletions

diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index a13282181d6d..abbe0a8ba30f 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2011-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -188,8 +188,8 @@ static RAND_DRBG *rand_drbg_new(int secure,
                                 unsigned int flags,
                                 RAND_DRBG *parent)
 {
-    RAND_DRBG *drbg = secure ?
-        OPENSSL_secure_zalloc(sizeof(*drbg)) : OPENSSL_zalloc(sizeof(*drbg));
+    RAND_DRBG *drbg = secure ? OPENSSL_secure_zalloc(sizeof(*drbg))
+                             : OPENSSL_zalloc(sizeof(*drbg));
 
     if (drbg == NULL) {
         RANDerr(RAND_F_RAND_DRBG_NEW, ERR_R_MALLOC_FAILURE);
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index d8639c4a03f3..108b4f51634d 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -137,7 +137,7 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
     size_t entropy_available = 0;
     RAND_POOL *pool;
 
-    if (drbg->parent && drbg->strength > drbg->parent->strength) {
+    if (drbg->parent != NULL && drbg->strength > drbg->parent->strength) {
         /*
          * We currently don't support the algorithm from NIST SP 800-90C
          * 10.1.2 to use a weaker DRBG as source
@@ -155,7 +155,7 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
             return 0;
     }
 
-    if (drbg->parent) {
+    if (drbg->parent != NULL) {
         size_t bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
         unsigned char *buffer = rand_pool_add_begin(pool, bytes_needed);
 
@@ -235,7 +235,7 @@ size_t rand_drbg_get_nonce(RAND_DRBG *drbg,
     struct {
         void * instance;
         int count;
-    } data = { 0 };
+    } data = { NULL, 0 };
 
     pool = rand_pool_new(0, min_len, max_len);
     if (pool == NULL)
@@ -402,7 +402,7 @@ int RAND_poll(void)
     } else {
         /* fill random pool and seed the current legacy RNG */
         pool = rand_pool_new(RAND_DRBG_STRENGTH,
-                             RAND_DRBG_STRENGTH / 8,
+                             (RAND_DRBG_STRENGTH + 7) / 8,
                              RAND_POOL_MAX_LENGTH);
         if (pool == NULL)
             return 0;
@@ -689,7 +689,7 @@ unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len)
 
     if (pool->buffer == NULL) {
         RANDerr(RAND_F_RAND_POOL_ADD_BEGIN, ERR_R_INTERNAL_ERROR);
-        return 0;
+        return NULL;
     }
 
     return pool->buffer + pool->len;
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 9cbc9ade77fa..4710dbb2d101 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -19,7 +19,7 @@
 #include <stdio.h>
 #include "internal/dso.h"
 #if defined(__linux)
-# include <sys/syscall.h>
+# include <asm/unistd.h>
 #endif
 #if defined(__FreeBSD__)
 # include <sys/types.h>
@@ -324,8 +324,8 @@ static ssize_t syscall_random(void *buf, size_t buflen)
 #  endif
 
     /* Linux supports this since version 3.17 */
-#  if defined(__linux) && defined(SYS_getrandom)
-    return syscall(SYS_getrandom, buf, buflen, 0);
+#  if defined(__linux) && defined(__NR_getrandom)
+    return syscall(__NR_getrandom, buf, buflen, 0);
 #  elif (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
     return sysctl_random(buf, buflen);
 #  else
@@ -510,6 +510,29 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool)
     bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
     {
         size_t i;
+#ifdef DEVRANDOM_WAIT
+        static int wait_done = 0;
+
+        /*
+         * On some implementations reading from /dev/urandom is possible
+         * before it is initialized. Therefore we wait for /dev/random
+         * to be readable to make sure /dev/urandom is initialized.
+         */
+        if (!wait_done && bytes_needed > 0) {
+             int f = open(DEVRANDOM_WAIT, O_RDONLY);
+
+             if (f >= 0) {
+                 fd_set fds;
+
+                 FD_ZERO(&fds);
+                 FD_SET(f, &fds);
+                 while (select(f+1, &fds, NULL, NULL, NULL) < 0
+                        && errno == EINTR);
+                 close(f);
+             }
+             wait_done = 1;
+        }
+#endif
 
         for (i = 0; bytes_needed > 0 && i < OSSL_NELEM(random_device_paths); i++) {
             ssize_t bytes = 0;
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 1b737d1ba2ba..ba121eefbf09 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -254,7 +254,7 @@ const char *RAND_file_name(char *buf, size_t size)
     size_t len;
     int use_randfile = 1;
 
-#if defined(_WIN32) && defined(CP_UTF8)
+#if defined(_WIN32) && defined(CP_UTF8) && !defined(_WIN32_WCE)
     DWORD envlen;
     WCHAR *var;