+# if (defined(__FreeBSD__) || defined(__NetBSD__)) && defined(KERN_ARND)
+ return (int)sysctl_random(buf, buflen);
+# endif
+
+ return -1;
+}
+
+/*
+ * Try the various seeding methods in turn, exit when successful.
+ *
+ * TODO(DRBG): If more than one entropy source is available, is it
+ * preferable to stop as soon as enough entropy has been collected
+ * (as favored by @rsalz) or should one rather be defensive and add
+ * more entropy than requested and/or from different sources?
+ *
+ * Currently, the user can select multiple entropy sources in the
+ * configure step, yet in practice only the first available source
+ * will be used. A more flexible solution has been requested, but
+ * currently it is not clear how this can be achieved without
+ * overengineering the problem. There are many parameters which
+ * could be taken into account when selecting the order and amount
+ * of input from the different entropy sources (trust, quality,
+ * possibility of blocking).
+ */
+size_t rand_pool_acquire_entropy(RAND_POOL *pool)
+{
+# ifdef OPENSSL_RAND_SEED_NONE
+ return rand_pool_entropy_available(pool);
+# else
+ size_t bytes_needed;
+ size_t entropy_available = 0;
+ unsigned char *buffer;
+
+# ifdef OPENSSL_RAND_SEED_GETRANDOM
+ bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
+ buffer = rand_pool_add_begin(pool, bytes_needed);
+ if (buffer != NULL) {
+ size_t bytes = 0;
+
+ if (syscall_random(buffer, bytes_needed) == (int)bytes_needed)
+ bytes = bytes_needed;
+
+ rand_pool_add_end(pool, bytes, 8 * bytes);
+ entropy_available = rand_pool_entropy_available(pool);
+ }
+ if (entropy_available > 0)
+ return entropy_available;
+# endif
+
+# if defined(OPENSSL_RAND_SEED_LIBRANDOM)
+ {
+ /* Not yet implemented. */
+ }
+# endif
+
+# ifdef OPENSSL_RAND_SEED_DEVRANDOM
+ bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
+ if (bytes_needed > 0) {
+ static const char *paths[] = { DEVRANDOM, NULL };
+ FILE *fp;
+ int i;
+
+ for (i = 0; paths[i] != NULL; i++) {
+ if ((fp = fopen(paths[i], "rb")) == NULL)
+ continue;
+ setbuf(fp, NULL);
+ buffer = rand_pool_add_begin(pool, bytes_needed);
+ if (buffer != NULL) {
+ size_t bytes = 0;
+ if (fread(buffer, 1, bytes_needed, fp) == bytes_needed)
+ bytes = bytes_needed;
+
+ rand_pool_add_end(pool, bytes, 8 * bytes);
+ entropy_available = rand_pool_entropy_available(pool);
+ }
+ fclose(fp);
+ if (entropy_available > 0)
+ return entropy_available;
+
+ bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
+ }
+ }
+# endif
+
+# ifdef OPENSSL_RAND_SEED_RDTSC
+ entropy_available = rand_acquire_entropy_from_tsc(pool);
+ if (entropy_available > 0)
+ return entropy_available;
+# endif
+
+# ifdef OPENSSL_RAND_SEED_RDCPU
+ entropy_available = rand_acquire_entropy_from_cpu(pool);
+ if (entropy_available > 0)
+ return entropy_available;
+# endif
+
+# ifdef OPENSSL_RAND_SEED_EGD
+ bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
+ if (bytes_needed > 0) {
+ static const char *paths[] = { DEVRANDOM_EGD, NULL };
+ int i;
+
+ for (i = 0; paths[i] != NULL; i++) {
+ buffer = rand_pool_add_begin(pool, bytes_needed);
+ if (buffer != NULL) {
+ size_t bytes = 0;
+ int num = RAND_query_egd_bytes(paths[i],
+ buffer, (int)bytes_needed);
+ if (num == (int)bytes_needed)
+ bytes = bytes_needed;
+
+ rand_pool_add_end(pool, bytes, 8 * bytes);
+ entropy_available = rand_pool_entropy_available(pool);
+ }
+ if (entropy_available > 0)
+ return entropy_available;
+ }
+ }
+# endif
+
+ return rand_pool_entropy_available(pool);
+# endif
+}
+# endif