diff options
| -rw-r--r-- | lib/nettle/rnd-fips.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/nettle/rnd-fips.c b/lib/nettle/rnd-fips.c index 4f67eafa52..254cb3b83d 100644 --- a/lib/nettle/rnd-fips.c +++ b/lib/nettle/rnd-fips.c @@ -227,6 +227,15 @@ static void _rngfips_deinit(void *_ctx) free(ctx); } +/* This is called when gnutls_global_init() is called for second time. + * It must check whether any resources are still available. + * The particular problem it solves is to verify that the urandom fd is still + * open (for applications that for some reason closed all fds */ +static int _rndfips_check(void **ctx) +{ + return _rnd_system_entropy_check(); +} + static void _rngfips_refresh(void *_ctx) { /* this is predictable RNG. Don't refresh */ @@ -252,6 +261,7 @@ static int selftest_kat(void) gnutls_crypto_rnd_st _gnutls_fips_rnd_ops = { .init = _rngfips_init, + .check = _rndfips_check, .deinit = _rngfips_deinit, .rnd = _rngfips_rnd, .rnd_refresh = _rngfips_refresh, |