Rename our getentropy to prevent possible loops.

Since arc4random seeds from getentropy, and we use OpenSSL for that if enabled, there's the possibility that if we build on a system that does not have getentropy then run on a system that does have it, then OpenSSL could end up calling our getentropy and getting stuck in a loop. Pointed out by deraadt@, ok djm@
author: Darren Tucker <dtucker@dtucker.net> 2022-08-10 17:25:24 +1000
committer: Darren Tucker <dtucker@dtucker.net> 2022-08-10 17:36:44 +1000
commit: 7e2f51940ba48a1c0fae1107801ea643fa83c971 (patch)
tree: c68041342e100b4b3bde3a4a81f13854d425cf76 /openbsd-compat/arc4random.c
parent: 7a01f61be8d0aca0e975e7417f26371495fe7674 (diff)
download: openssh-git-7e2f51940ba48a1c0fae1107801ea643fa83c971.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
index f43b5c7c..2f91c2b2 100644
--- a/openbsd-compat/arc4random.c
+++ b/openbsd-compat/arc4random.c
@@ -35,6 +35,15 @@
 
 #ifndef HAVE_ARC4RANDOM
 
+/*
+ * If we're not using a native getentropy, use the one from bsd-getentropy.c
+ * under a different name, so that if in future these binaries are run on
+ * a system that has a native getentropy OpenSSL cannot call the wrong one.
+ */
+#ifndef HAVE_GETENTROPY
+# define getentropy(x, y) (_ssh_compat_getentropy((x), (y)))
+#endif
+
 #define MINIMUM(a, b)    (((a) < (b)) ? (a) : (b))
 
 #include "log.h"
author	Darren Tucker <dtucker@dtucker.net>	2022-08-10 17:25:24 +1000
committer	Darren Tucker <dtucker@dtucker.net>	2022-08-10 17:36:44 +1000
commit	7e2f51940ba48a1c0fae1107801ea643fa83c971 (patch)
tree	c68041342e100b4b3bde3a4a81f13854d425cf76 /openbsd-compat/arc4random.c
parent	7a01f61be8d0aca0e975e7417f26371495fe7674 (diff)
download	openssh-git-7e2f51940ba48a1c0fae1107801ea643fa83c971.tar.gz