diff options
Diffstat (limited to 'lib/vtls/vtls.c')
| -rw-r--r-- | lib/vtls/vtls.c | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index 6c2295a45..3c7bc9865 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -213,14 +213,12 @@ unsigned int Curl_rand(struct SessionHandle *data) } #endif -#ifndef have_curlssl_random - (void)data; -#else - if(data) { - curlssl_random(data, (unsigned char *)&r, sizeof(r)); + /* data may be NULL! */ + if(!Curl_ssl_random(data, (unsigned char *)&r, sizeof(r))) return r; - } -#endif + + /* If Curl_ssl_random() returns non-zero it couldn't offer randomness and we + instead perform a "best effort" */ #ifdef RANDOM_FILE if(!seeded) { @@ -238,6 +236,7 @@ unsigned int Curl_rand(struct SessionHandle *data) if(!seeded) { struct timeval now = curlx_tvnow(); + infof(data, "WARNING: Using weak random seed\n"); randseed += (unsigned int)now.tv_usec + (unsigned int)now.tv_sec; randseed = randseed * 1103515245 + 12345; randseed = randseed * 1103515245 + 12345; @@ -681,6 +680,13 @@ CURLcode Curl_ssl_push_certinfo(struct SessionHandle *data, return Curl_ssl_push_certinfo_len(data, certnum, label, value, valuelen); } +int Curl_ssl_random(struct SessionHandle *data, + unsigned char *entropy, + size_t length) +{ + return curlssl_random(data, entropy, length); +} + #ifdef have_curlssl_md5sum void Curl_ssl_md5sum(unsigned char *tmp, /* input */ size_t tmplen, |