isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use the OpenSSL RAND_bytes() function if getrandom() fails.

Browse Source
This commit is contained in:
Todd C. Miller
2021-10-20 09:51:17 -06:00
parent badd6267bd
commit de4fd4a31d
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/util/getentropy.c
View File

@@ -64,6 +64,9 @@
#ifdef HAVE_DL_ITERATE_PHDR #ifdef HAVE_DL_ITERATE_PHDR
# include <link.h> # include <link.h>
#endif #endif
#ifdef HAVE_OPENSSL
# include <openssl/rand.h>
#endif
#include "sudo_compat.h" #include "sudo_compat.h"
#include "sudo_digest.h" #include "sudo_digest.h"
@@ -130,6 +133,11 @@ sudo_getentropy(void *buf, size_t len)
if (ret != -1) if (ret != -1)
return (ret); return (ret);
#ifdef HAVE_OPENSSL
if (RAND_bytes(buf, len) == 1)
return (0);
#endif
ret = getentropy_sysctl(buf, len); ret = getentropy_sysctl(buf, len);
if (ret != -1) if (ret != -1)
return (ret); return (ret);