openssl: use Genode specific RAND backend

The backend merely provides simpler access to '/dev/random' because on Genode the common random device checks are unnecessary. Fixes #1236.
2024-12-22 06:57:51 +00:00 · 2014-08-18 12:17:57 +02:00 · 2014-08-18 12:17:57 +02:00 · e23a0c8a13
commit e23a0c8a13
parent baa64bf795
4 changed files with 35 additions and 2 deletions
--- a/repos/libports/lib/mk/libcrypto.mk
+++ b/repos/libports/lib/mk/libcrypto.mk
@ -6,7 +6,8 @@ SHARED_LIB = yes
 LIBS += libc

 CC_OPT += -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -DL_ENDIAN -DTERMIOS \
-          -DOPENSSL_NO_ASM
+          -DOPENSSL_NO_ASM -DGETPID_IS_MEANINGLESS
+CC_OPT += -DRAND_GENODE

 #
 # crypto base source
--- a/repos/libports/ports/openssl.hash
+++ b/repos/libports/ports/openssl.hash
@ -1 +1 @@
-50bfa7824abc38d4d1eecbc80d8433639c0cb731
+7b4517a076012f43036912dcc693fb6b035ddf3c
--- a/repos/libports/ports/openssl.port
+++ b/repos/libports/ports/openssl.port
@ -37,3 +37,6 @@ src/lib/openssl/x86_64/rc4_md5.s:
 	$(VERBOSE)mkdir -p $(dir $@)
 	$(VERBOSE)perl src/lib/openssl/crypto/rc4/asm/rc4-md5-x86_64.pl \
 		src/lib/openssl/crypto/perlasm/x86as.pl > $@
+
+PATCHES := src/lib/openssl/rand_unix_c.patch
+PATCH_OPT := -p1 -d src/lib/openssl
--- a/repos/libports/src/lib/openssl/rand_unix_c.patch
+++ b/repos/libports/src/lib/openssl/rand_unix_c.patch
@ -0,0 +1,29 @@
+diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
+index e3a6557..27b26e4 100644
+--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
+@@ -233,6 +233,24 @@ int RAND_poll(void)
+ 
+ 	return 1;
+ }
+#elif defined RAND_GENODE
+int RAND_poll(void)
+{
+	unsigned char buf[ENTROPY_NEEDED];
+
+	int fd = open("/dev/random", O_RDONLY);
+	if (fd == -1) {
+		perror("open");
+		return 0;
+	}
+
+	read(fd, buf, sizeof(buf)); /* XXX check read */
+
+	RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
+	memset(buf, 0, sizeof(buf)); /* XXX make explicit */
+
+	return 1;
+}
+ #else /* !defined(__OpenBSD__) */
+ int RAND_poll(void)
+ {