X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fapp_rand.c;h=28caad41a7d8f124a29a25d2876537b72aed4e92;hp=0d44af903b813518a44257207f6771763376e206;hb=a0abb6a10f4c5fc6dd20c487aa0db085fbfb3562;hpb=888db7f224fec4ead34c32e82fa591dea61d14a2

diff --git a/apps/app_rand.c b/apps/app_rand.c
index 0d44af903b..28caad41a7 100644
--- a/apps/app_rand.c
+++ b/apps/app_rand.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -9,107 +9,86 @@
 
 #include "apps.h"
 #include <openssl/bio.h>
+#include <openssl/err.h>
 #include <openssl/rand.h>
+#include <openssl/conf.h>
 
-static int seeded = 0;
-static int egdsocket = 0;
+static char *save_rand_file;
 
-int app_RAND_load_file(const char *file, int dont_warn)
+void app_RAND_load_conf(CONF *c, const char *section)
 {
-    int consider_randfile = (file == NULL);
-    char buffer[200];
+    const char *randfile = NCONF_get_string(c, section, "RANDFILE");
 
-    if (file == NULL)
-        file = RAND_file_name(buffer, sizeof buffer);
-#ifndef OPENSSL_NO_EGD
-    else if (RAND_egd(file) > 0) {
-        /*
-         * we try if the given filename is an EGD socket. if it is, we don't
-         * write anything back to the file.
-         */
-        egdsocket = 1;
-        return 1;
+    if (randfile == NULL) {
+        ERR_clear_error();
+        return;
     }
-#endif
-    if (file == NULL || !RAND_load_file(file, -1)) {
-        if (RAND_status() == 0) {
-            if (!dont_warn) {
-                BIO_printf(bio_err, "unable to load 'random state'\n");
-                BIO_printf(bio_err,
-                           "This means that the random number generator has not been seeded\n");
-                BIO_printf(bio_err, "with much random data.\n");
-                if (consider_randfile) { /* explanation does not apply when a
-                                          * file is explicitly named */
-                    BIO_printf(bio_err,
-                               "Consider setting the RANDFILE environment variable to point at a file that\n");
-                    BIO_printf(bio_err,
-                               "'random' data can be kept in (the file will be overwritten).\n");
-                }
-            }
-            return 0;
-        }
+    if (RAND_load_file(randfile, -1) < 0) {
+        BIO_printf(bio_err, "Can't load %s into RNG\n", randfile);
+        ERR_print_errors(bio_err);
+        return;
     }
-    seeded = 1;
-    return 1;
+    if (save_rand_file == NULL)
+        save_rand_file = OPENSSL_strdup(randfile);
 }
 
-long app_RAND_load_files(char *name)
+static int loadfiles(char *name)
 {
-    char *p, *n;
-    int last;
-    long tot = 0;
-#ifndef OPENSSL_NO_EGD
-    int egd;
-#endif
+    char *p;
+    int last, ret = 1;
 
-    for (;;) {
+    for ( ; ; ) {
         last = 0;
-        for (p = name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++) ;
+        for (p = name; *p != '\0' && *p != LIST_SEPARATOR_CHAR; p++)
+            continue;
         if (*p == '\0')
             last = 1;
         *p = '\0';
-        n = name;
-        name = p + 1;
-        if (*n == '\0')
-            break;
-
-#ifndef OPENSSL_NO_EGD
-        egd = RAND_egd(n);
-        if (egd > 0)
-            tot += egd;
-        else
-#endif
-            tot += RAND_load_file(n, -1);
+        if (RAND_load_file(name, -1) < 0) {
+            BIO_printf(bio_err, "Can't load %s into RNG\n", name);
+            ERR_print_errors(bio_err);
+            ret = 0;
+        }
         if (last)
             break;
+        name = p + 1;
+        if (*name == '\0')
+            break;
     }
-    if (tot > 512)
-        app_RAND_allow_write_file();
-    return (tot);
+    return ret;
 }
 
-int app_RAND_write_file(const char *file)
+void app_RAND_write(void)
 {
-    char buffer[200];
-
-    if (egdsocket || !seeded)
-        /*
-         * If we did not manage to read the seed file, we should not write a
-         * low-entropy seed file back -- it would suppress a crucial warning
-         * the next time we want to use it.
-         */
-        return 0;
-
-    if (file == NULL)
-        file = RAND_file_name(buffer, sizeof buffer);
-    if (file == NULL || !RAND_write_file(file)) {
-        BIO_printf(bio_err, "unable to write 'random state'\n");
-        return 0;
+    if (save_rand_file == NULL)
+        return;
+    if (RAND_write_file(save_rand_file) == -1) {
+        BIO_printf(bio_err, "Cannot write random bytes:\n");
+        ERR_print_errors(bio_err);
     }
-    return 1;
+    OPENSSL_free(save_rand_file);
+    save_rand_file =  NULL;
 }
 
-void app_RAND_allow_write_file(void)
+
+/*
+ * See comments in opt_verify for explanation of this.
+ */
+enum r_range { OPT_R_ENUM };
+
+int opt_rand(int opt)
 {
-    seeded = 1;
+    switch ((enum r_range)opt) {
+    case OPT_R__FIRST:
+    case OPT_R__LAST:
+        break;
+    case OPT_R_RAND:
+        return loadfiles(opt_arg());
+        break;
+    case OPT_R_WRITERAND:
+        OPENSSL_free(save_rand_file);
+        save_rand_file = OPENSSL_strdup(opt_arg());
+        break;
+    }
+    return 1;
 }