Use poll() when possible to gather Unix randomness entropy

diff --git a/CHANGES b/CHANGES
index 8e7cf614ff438ba38e159b7a67664cfd4e1419f3..92f912bbe34478eced961f8e15892d6fb839f598 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1289,6 +1289,11 @@
 
  Changes between 0.9.7j and 0.9.7k  [xx XXX xxxx]
 
+  *) Change the Unix randomness entropy gathering to use poll() when
+     possible instead of select(), since the latter has some
+     undesirable limitations.
+     [Darryl Miles via Richard Levitte]
+
   *) Disable rogue ciphersuites:
 
       - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")

diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index c4838b6b2e67918f5b3ad8819598479f3c388d6f..bf0bfa76deaf17ef1bb7f80e6a9fa08a4f7f34c8 100644 (file)
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -126,6 +126,54 @@
 #include <unistd.h>
 #include <time.h>
 
+#if defined(OPENSSL_SYS_LINUX)
+ /* lets use poll() */
+# include <sys/poll.h>
+# define IOWAIT_VARS           struct pollfd pset; struct timeval t
+# define IOWAIT_INIT(f, t)     do {                                    \
+                                       pset.fd = (f);                  \
+                                       pset.events = POLLIN;           \
+                                       pset.revents = 0;               \
+                                       (t)->tv_sec = 0;                \
+                                       (t)->tv_usec = 10*1000;         \
+                                       /* Spend 10ms on each file. */  \
+                               } while(0)
+# define IOWAIT_FUNC(f, t)     poll(&pset, 1, ((t)->tv_sec * 1000) + ((t)->tv_usec / 1000))
+# define IOWAIT_CHECK(f)       ((pset.revents & POLLIN) != 0)
+#else
+ /* lets use select() */
+
+ /* For each platform we could do with making a guess at
+  *  how many FDs we support.  With glibc/Linux its possible
+  *  to use FD_SETSIZE directly, but this may not be very
+  *  portable. Another options was to use _POSIX_OPEN_MAX
+  *  but that value is a tad dull on modern hardware.  So
+  *  I ended up trying sizeof(fd_set)*8 which should be
+  *  closer to the real value.
+  * If this causes a problem on your platform because we
+  *  can not guess correctly then set it to zero.
+  */
+# if defined(FD_SETSIZE)
+#  define IOWAIT_FD_SETSIZE    (FD_SETSIZE)
+# else
+  /* fallback method */
+#  define IOWAIT_FD_SETSIZE    (sizeof(fd_set) * 8)
+# endif
+# define IOWAIT_VARS           fd_set fset; struct timeval t
+# define IOWAIT_INIT(f, t)     do {                                    \
+                                       FD_ZERO(&fset);                 \
+                                       if(IOWAIT_FD_SETSIZE > 0        \
+                                          && (f) >= IOWAIT_FD_SETSIZE) \
+                                               { break; }              \
+                                       FD_SET((f), &fset);             \
+                                       (t)->tv_sec = 0;                \
+                                       (t)->tv_usec = 10*1000;         \
+                                       /* Spend 10ms on each file. */  \
+                               } while(0)
+# define IOWAIT_FUNC(f, t)     select((f)+1,&fset,NULL,NULL,(t))
+# define IOWAIT_CHECK(f)       FD_ISSET((f), &fset)
+#endif
+
 #ifdef __OpenBSD__
 int RAND_poll(void)
 {
@@ -185,11 +233,9 @@ int RAND_poll(void)
 #endif
                        )) >= 0)
                        {
-                       struct timeval t = { 0, 10*1000 }; /* Spend 10ms on
-                                                             each file. */
                        int r;
                        unsigned int j;
-                       fd_set fset;
+                       IOWAIT_VARS;
                        struct stat *st=&randomstats[i];
 
                        /* Avoid using same input... Used to be O_NOFOLLOW
@@ -215,13 +261,12 @@ int RAND_poll(void)
                                else if (r == 0)
                                        snooze(t.tv_usec);
 #else
-                               FD_ZERO(&fset);
-                               FD_SET(fd, &fset);
+                               IOWAIT_INIT(fd, &t);
                                r = -1;
 
-                               if (select(fd+1,&fset,NULL,NULL,&t) < 0)
+                               if (IOWAIT_FUNC(fd, &t) < 0)
                                        t.tv_usec=0;
-                               else if (FD_ISSET(fd, &fset))
+                               else if (IOWAIT_CHECK(fd))
                                        {
                                        r=read(fd,(unsigned char *)tmpbuf+n,
                                               ENTROPY_NEEDED-n);