diff options
| author |   miod <miod@openbsd.org> | 2014-04-13 15:25:20 +0000 |
|---|---|---|
| committer | miod <miod@openbsd.org> | 2014-04-13 15:25:20 +0000 |
| commit | 97222edd40cad3a6e51530425068b83c51d308b1 (patch) | |
| tree | 50438b2fbea63f81d6ac96e9bf4aa302b9538333 /lib/libssl/src/crypto/rand/md_rand.c | |
| parent | Import OpenSSL 1.0.1g (diff) | |
| download | wireguard-openbsd-97222edd40cad3a6e51530425068b83c51d308b1.tar.xz wireguard-openbsd-97222edd40cad3a6e51530425068b83c51d308b1.zip | |
Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.
Diffstat (limited to 'lib/libssl/src/crypto/rand/md_rand.c')
| -rw-r--r-- | lib/libssl/src/crypto/rand/md_rand.c | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/lib/libssl/src/crypto/rand/md_rand.c b/lib/libssl/src/crypto/rand/md_rand.c index fcdd3f2a845..aee1c30b0a9 100644 --- a/lib/libssl/src/crypto/rand/md_rand.c +++ b/lib/libssl/src/crypto/rand/md_rand.c @@ -123,10 +123,10 @@ #include "e_os.h" +#include <openssl/crypto.h> #include <openssl/rand.h> #include "rand_lcl.h" -#include <openssl/crypto.h> #include <openssl/err.h> #ifdef BN_DEBUG @@ -198,6 +198,9 @@ static void ssleay_rand_add(const void *buf, int num, double add) EVP_MD_CTX m; int do_not_lock; + if (!num) + return; + /* * (Based on the rand(3) manpage) * @@ -380,8 +383,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) * are fed into the hash function and the results are kept in the * global 'md'. */ - - CRYPTO_w_lock(CRYPTO_LOCK_RAND); +#ifdef OPENSSL_FIPS + /* NB: in FIPS mode we are already under a lock */ + if (!FIPS_mode()) +#endif + CRYPTO_w_lock(CRYPTO_LOCK_RAND); /* prevent ssleay_rand_bytes() from trying to obtain the lock again */ CRYPTO_w_lock(CRYPTO_LOCK_RAND2); @@ -460,7 +466,10 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) /* before unlocking, we must clear 'crypto_lock_rand' */ crypto_lock_rand = 0; - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); +#ifdef OPENSSL_FIPS + if (!FIPS_mode()) +#endif + CRYPTO_w_unlock(CRYPTO_LOCK_RAND); while (num > 0) { @@ -512,10 +521,16 @@ static int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo) MD_Init(&m); MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); MD_Update(&m,local_md,MD_DIGEST_LENGTH); - CRYPTO_w_lock(CRYPTO_LOCK_RAND); +#ifdef OPENSSL_FIPS + if (!FIPS_mode()) +#endif + CRYPTO_w_lock(CRYPTO_LOCK_RAND); MD_Update(&m,md,MD_DIGEST_LENGTH); MD_Final(&m,md); - CRYPTO_w_unlock(CRYPTO_LOCK_RAND); +#ifdef OPENSSL_FIPS + if (!FIPS_mode()) +#endif + CRYPTO_w_unlock(CRYPTO_LOCK_RAND); EVP_MD_CTX_cleanup(&m); if (ok) |