RAND_load_file(..., -1) now means "read the complete file";

this is what we now use to read $RANDFILE / $HOME/.rnd.
(Previously, after 'cat'ting lots of stuff into .rnd
only the first MB would be looked at.)

Bugfix for apps/enc.c: Continue if RAND_pseudo_bytes returns 0
(only -1 is an error).

diff --git a/apps/app_rand.c b/apps/app_rand.c
index 9e29e54954d7ef9654c2200cb54de6ca22565e08..6384dd0be5c7267a84a57064abddc200f8c51ca9 100644 (file)
--- a/apps/app_rand.c
+++ b/apps/app_rand.c
@@ -130,7 +130,7 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
 
        if (file == NULL)
                file = RAND_file_name(buffer, sizeof buffer);
-       if (file == NULL || !RAND_load_file(file, 1024L*1024L))
+       if (file == NULL || !RAND_load_file(file, -1))
                {
                if (!dont_warn)
                        {

diff --git a/apps/enc.c b/apps/enc.c
index 842036697c30631611ce8f7aae3fa030e431fd09..d5db3bf0e1907173ebf216fdf24513b77c1fb358 100644 (file)
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -448,7 +448,7 @@ bad:
                                                                "invalid hex salt value\n");
                                                        goto end;
                                                }
-                                       } else if (RAND_pseudo_bytes(salt, PKCS5_SALT_LEN) <= 0)
+                                       } else if (RAND_pseudo_bytes(salt, PKCS5_SALT_LEN) < 0)
                                                goto end;
                                        /* If -P option then don't bother writing */
                                        if((printkey != 2)

diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index 375c339e5c3c6b5776f44afafa5e0a09754cd9ab..cea9f54e731388f1e4209ca60649fb2ee0d18835 100644 (file)
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -82,6 +82,9 @@
 
 int RAND_load_file(const char *file, long bytes)
        {
+       /* If bytes >= 0, read up to 'bytes' bytes.
+        * if bytes == -1, read complete file. */
+
        MS_STATIC unsigned char buf[BUFSIZE];
        struct stat sb;
        int i,ret=0,n;
@@ -93,20 +96,26 @@ int RAND_load_file(const char *file, long bytes)
        /* If the state fails, put some crap in anyway */
        RAND_add(&sb,sizeof(sb),0);
        if (i < 0) return(0);
-       if (bytes <= 0) return(ret);
+       if (bytes == 0) return(ret);
 
        in=fopen(file,"rb");
        if (in == NULL) goto err;
        for (;;)
                {
-               n=(bytes < BUFSIZE)?(int)bytes:BUFSIZE;
+               if (bytes > 0)
+                       n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE;
+               else
+                       n = BUFSIZE;
                i=fread(buf,1,n,in);
                if (i <= 0) break;
                /* even if n != i, use the full array */
                RAND_add(buf,n,i);
                ret+=i;
-               bytes-=n;
-               if (bytes <= 0) break;
+               if (bytes > 0)
+                       {
+                       bytes-=n;
+                       if (bytes == 0) break;
+                       }
                }
        fclose(in);
        memset(buf,0,BUFSIZE);

diff --git a/doc/crypto/RAND_load_file.pod b/doc/crypto/RAND_load_file.pod
index 8fc985ee3e9e185ad1aa363b549f223cf82725ea..c6a00a240ed7eb541f91a2b5b2b5e811fff7481a 100644 (file)
--- a/doc/crypto/RAND_load_file.pod
+++ b/doc/crypto/RAND_load_file.pod
@@ -18,12 +18,14 @@ RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file
 
 RAND_file_name() generates a default path for the random seed
 file. B<buf> points to a buffer of size B<num> in which to store the
-filename. The seed file is $RANDFILE, if that environment variable is
-set, $HOME/.rand otherwise. If $HOME is not set either, or B<num> is
+filename. The seed file is $RANDFILE if that environment variable is
+set, $HOME/.rnd otherwise. If $HOME is not set either, or B<num> is
 too small for the path name, an error occurs.
 
-RAND_load_file() reads up to B<max_bytes> from file B<filename> and
-adds them to the PRNG.
+RAND_load_file() reads a number of bytes from file B<filename> and
+adds them to the PRNG. If B<max_bytes> is non-negative,
+up to to B<max_bytes> are read; if B<max_bytes> is -1, the complete file
+is read.
 
 RAND_write_file() writes a number of random bytes (currently 1024) to
 file B<filename> which can be used to initialze the PRNG by calling