upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 12:40:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge branch '280-provide-diagnostic-on-failed-RAND_bytes' into 'master'

Browse source 
Provide more diagnostic output on failed RAND_bytes() call

See merge request isc-projects/bind9!306
This commit is contained in:
Ondřej Surý 2018-05-22 06:27:05 -04:00
commit 9bde348ae8
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
lib/isc/random.c
View file

@ -36,6 +36,7 @@
#ifdef OPENSSL
#include <openssl/rand.h>
#include <openssl/err.h>
#endif /* ifdef OPENSSL */
#ifdef PKCS11CRYPTO
@ -164,7 +165,9 @@ isc_random_buf(void *buf, size_t buflen)
/* Use crypto library as fallback when no other CSPRNG is available */
# if defined(OPENSSL)
RUNTIME_CHECK(RAND_bytes(buf, buflen) < 1);
if (RAND_bytes(buf, buflen) < 1) {
FATAL_ERROR(__FILE__, __LINE__, "FATAL: RAND_bytes(): %s\n", ERR_error_string(ERR_get_error(), NULL));
}
# elif defined(PKCS11CRYPTO)
RUNTIME_CHECK(pk11_rand_bytes(buf, buflen) == ISC_R_SUCCESS);
# endif /* if defined(HAVE_ARC4RANDOM_BUF) */