ossl_prov_drbg_generate(): Move syscalls out of the write locked section

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28141)

diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c
index aa7f2afd90d8288cda67b02a187323a4394784b0..a932263a495e612d9f48a0f8c076f5464f941bfb 100644 (file)
--- a/providers/implementations/rands/drbg.c
+++ b/providers/implementations/rands/drbg.c
@@ -629,10 +629,17 @@ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen,
     int fork_id;
     int reseed_required = 0;
     int ret = 0;
+    time_t reseed_time_interval = drbg->reseed_time_interval;
+    time_t now = 0;
 
     if (!ossl_prov_is_running())
         return 0;
 
+    fork_id = openssl_get_fork_id();
+
+    if (reseed_time_interval > 0)
+        now = time(NULL);
+
     if (drbg->lock != NULL && !CRYPTO_THREAD_write_lock(drbg->lock))
         return 0;
 
@@ -663,8 +670,6 @@ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen,
         goto err;
     }
 
-    fork_id = openssl_get_fork_id();
-
     if (drbg->fork_id != fork_id) {
         drbg->fork_id = fork_id;
         reseed_required = 1;
@@ -674,10 +679,9 @@ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen,
         if (drbg->generate_counter >= drbg->reseed_interval)
             reseed_required = 1;
     }
-    if (drbg->reseed_time_interval > 0) {
-        time_t now = time(NULL);
+    if (reseed_time_interval > 0) {
         if (now < drbg->reseed_time
-            || now - drbg->reseed_time >= drbg->reseed_time_interval)
+            || now - drbg->reseed_time >= reseed_time_interval)
             reseed_required = 1;
     }
     if (drbg->parent != NULL