0aeb93b9fc
The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10. ok beck@ deraadt@
16 lines
337 B
Smarty
16 lines
337 B
Smarty
include $(top_srcdir)/Makefile.am.common
|
|
|
|
bin_PROGRAMS = openssl
|
|
|
|
openssl_CFLAGS = $(USER_CFLAGS)
|
|
openssl_LDADD = $(PLATFORM_LDADD) $(PROG_LDADD)
|
|
openssl_LDADD += $(top_builddir)/ssl/libssl.la
|
|
openssl_LDADD += $(top_builddir)/crypto/libcrypto.la
|
|
|
|
openssl_SOURCES =
|
|
noinst_HEADERS =
|
|
|
|
if !HAVE_STRTONUM
|
|
openssl_SOURCES += strtonum.c
|
|
endif
|