From: Tomas Mraz <tomas@openssl.org>
Date: Thu, 31 Jul 2025 19:24:55 +0000 (+0200)
Subject: ossl_prov_drbg_generate(): Move syscalls out of the write locked section
X-Git-Tag: openssl-3.6.0-alpha1~191
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c4c1f6c7e6b34de806f09a6207243d90a0c7a912;p=thirdparty%2Fopenssl.git

ossl_prov_drbg_generate(): Move syscalls out of the write locked section

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28141)
---

diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c
index aa7f2afd90d..a932263a495 100644
--- a/providers/implementations/rands/drbg.c
+++ b/providers/implementations/rands/drbg.c
@@ -629,10 +629,17 @@ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen,
     int fork_id;
     int reseed_required = 0;
     int ret = 0;
+    time_t reseed_time_interval = drbg->reseed_time_interval;
+    time_t now = 0;
 
     if (!ossl_prov_is_running())
         return 0;
 
+    fork_id = openssl_get_fork_id();
+
+    if (reseed_time_interval > 0)
+        now = time(NULL);
+
     if (drbg->lock != NULL && !CRYPTO_THREAD_write_lock(drbg->lock))
         return 0;
 
@@ -663,8 +670,6 @@ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen,
         goto err;
     }
 
-    fork_id = openssl_get_fork_id();
-
     if (drbg->fork_id != fork_id) {
         drbg->fork_id = fork_id;
         reseed_required = 1;
@@ -674,10 +679,9 @@ int ossl_prov_drbg_generate(PROV_DRBG *drbg, unsigned char *out, size_t outlen,
         if (drbg->generate_counter >= drbg->reseed_interval)
             reseed_required = 1;
     }
-    if (drbg->reseed_time_interval > 0) {
-        time_t now = time(NULL);
+    if (reseed_time_interval > 0) {
         if (now < drbg->reseed_time
-            || now - drbg->reseed_time >= drbg->reseed_time_interval)
+            || now - drbg->reseed_time >= reseed_time_interval)
             reseed_required = 1;
     }
     if (drbg->parent != NULL