generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Port from 0.9.8-stable

Browse Source
This commit is contained in:
Lutz Jänicke 2007-09-24 11:01:18 +00:00
parent 870d6541f2
commit 7bbce69721
3 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
FAQ
View File

@ -67,6 +67,7 @@ OpenSSL - Frequently Asked Questions
* Why doesn't my server application receive a client certificate? * Why doesn't my server application receive a client certificate?
* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier? * Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
* I think I've detected a memory leak, is this a bug? * I think I've detected a memory leak, is this a bug?
* Why does Valgrind complain about the use of uninitialized data?
* Why doesn't a memory BIO work when a file does? * Why doesn't a memory BIO work when a file does?
=============================================================================== ===============================================================================
@ -917,6 +918,16 @@ thread-safe):
ERR_free_strings(), EVP_cleanup() and CRYPTO_cleanup_all_ex_data(). ERR_free_strings(), EVP_cleanup() and CRYPTO_cleanup_all_ex_data().
* Why does Valgrind complain about the use of uninitialized data?
When OpenSSL's PRNG routines are called to generate random numbers the supplied
buffer contents are mixed into the entropy pool: so it technically does not
matter whether the buffer is initialized at this point or not. Valgrind (and
other test tools) will complain about this. When using Valgrind, make sure the
OpenSSL library has been compiled with the PURIFY macro defined (-DPURIFY)
to get rid of these warnings.
* Why doesn't a memory BIO work when a file does? * Why doesn't a memory BIO work when a file does?
This can occur in several cases for example reading an S/MIME email message. This can occur in several cases for example reading an S/MIME email message.

2
crypto/rand/rand_lib.c
View File

@ -154,7 +154,6 @@ void RAND_add(const void *buf, int num, double entropy)
int RAND_bytes(unsigned char *buf, int num) int RAND_bytes(unsigned char *buf, int num)
{ {
const RAND_METHOD *meth = RAND_get_rand_method(); const RAND_METHOD *meth = RAND_get_rand_method();
memset(buf, 0, num);
if (meth && meth->bytes) if (meth && meth->bytes)
return meth->bytes(buf,num); return meth->bytes(buf,num);
return(-1); return(-1);
@ -163,7 +162,6 @@ int RAND_bytes(unsigned char *buf, int num)
int RAND_pseudo_bytes(unsigned char *buf, int num) int RAND_pseudo_bytes(unsigned char *buf, int num)
{ {
const RAND_METHOD *meth = RAND_get_rand_method(); const RAND_METHOD *meth = RAND_get_rand_method();
memset(buf, 0, num);
if (meth && meth->pseudorand) if (meth && meth->pseudorand)
return meth->pseudorand(buf,num); return meth->pseudorand(buf,num);
return(-1); return(-1);

3
doc/crypto/RAND_bytes.pod
View File

@ -25,6 +25,9 @@ unpredictable. They can be used for non-cryptographic purposes and for
certain purposes in cryptographic protocols, but usually not for key certain purposes in cryptographic protocols, but usually not for key
generation etc. generation etc.
The contents of B<buf> is mixed into the entropy pool before retrieving
the new pseudo-random bytes unless disabled at compile time (see FAQ).
=head1 RETURN VALUES =head1 RETURN VALUES
RAND_bytes() returns 1 on success, 0 otherwise. The error code can be RAND_bytes() returns 1 on success, 0 otherwise. The error code can be