diff options
| author | Kurt Roeckx <kurt@roeckx.be> | 2018-02-10 00:30:29 +0100 |
|---|---|---|
| committer | Kurt Roeckx <kurt@roeckx.be> | 2018-02-13 21:15:30 +0100 |
| commit | 72960279562e9af53264155a46b4a0b6a40f9590 (patch) | |
| tree | 3e68eb72997f1a8b1598a6836c8dea4c9c64fd24 /crypto/rand | |
| parent | f11a023adaae8ba037f952fd72dfbcc34733c993 (diff) | |
| download | openssl-new-72960279562e9af53264155a46b4a0b6a40f9590.tar.gz | |
Use both getrandom() and /dev/urandom by default on Linux.
getrandom() is now used on Linux by default when using Linux >= 3.17
and glibc >= 2.25
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #5314
Diffstat (limited to 'crypto/rand')
| -rw-r--r-- | crypto/rand/rand_unix.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index f5a59cb28a..bfd7ef0455 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -14,10 +14,6 @@ #include "rand_lcl.h" #include <stdio.h> -#ifdef OPENSSL_RAND_SEED_GETRANDOM -# include <linux/random.h> -#endif - #if (defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)) && \ !defined(OPENSSL_RAND_SEED_NONE) # error "UEFI and VXWorks only support seeding NONE" @@ -123,11 +119,19 @@ size_t RAND_POOL_acquire_entropy(RAND_POOL *pool) # endif # if defined(OPENSSL_RAND_SEED_OS) -# if defined(DEVRANDOM) -# define OPENSSL_RAND_SEED_DEVRANDOM -# else +# if !defined(DEVRANDOM) # error "OS seeding requires DEVRANDOM to be configured" # endif +# define OPENSSL_RAND_SEED_DEVRANDOM +# if defined(__GLIBC__) && defined(__GLIBC_PREREQ) +# if __GLIBC_PREREQ(2, 25) +# define OPENSSL_RAND_SEED_GETRANDOM +# endif +# endif +# endif + +# ifdef OPENSSL_RAND_SEED_GETRANDOM +# include <sys/random.h> # endif # if defined(OPENSSL_RAND_SEED_LIBRANDOM) |