/* Copyright (c) 2016-2017 Dovecot authors, see the included COPYING file */
#include "lib.h"
+#include "randgen.h"
#include "dovecot-openssl-common.h"
#include <openssl/ssl.h>
void dovecot_openssl_common_global_ref(void)
{
- unsigned char buf;
-
if (openssl_init_refcount++ > 0)
return;
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
-
- /* PRNG initialization might want to use /dev/urandom, make sure it
- does it before chrooting. We might not have enough entropy at
- the first try, so this function may fail. It's still been
- initialized though. */
- (void)RAND_bytes(&buf, 1);
}
bool dovecot_openssl_common_global_unref(void)
#include "ostream-private.h"
#include "iostream-openssl.h"
+#include <openssl/rand.h>
#include <openssl/err.h>
static void openssl_iostream_free(struct ssl_iostream *ssl_io);
void ssl_iostream_openssl_init(void)
{
+ unsigned char buf;
+ if (RAND_bytes(&buf, 1) < 1)
+ i_fatal("OpenSSL RNG failed to initialize");
iostream_ssl_module_init(&ssl_vfuncs);
}
projects / thirdparty / dovecot / core.git / commitdiff
