X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Frand%2Fmd_rand.c;h=0f8dd3e00faf3d8afcfc11944577ea579af08d67;hb=e852835da62e256c9e9873467ab8d9d174c4f2d6;hp=841631d3cafcbf60553ea0e58255f9d987bffce8;hpb=ea7150b070125c56835bae670d18adb052074a87;p=oweals%2Fopenssl.git

diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 841631d3ca..0f8dd3e00f 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 /* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -126,6 +126,10 @@
 
 #include <openssl/crypto.h>
 #include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
 
 #ifdef BN_DEBUG
 # define PREDICT
@@ -152,7 +156,7 @@ static unsigned long locking_thread = 0; /* valid iff crypto_lock_rand is set */
 int rand_predictable=0;
 #endif
 
-const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
+const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT;
 
 static void ssleay_rand_cleanup(void);
 static void ssleay_rand_seed(const void *buf, int num);
@@ -177,10 +181,10 @@ RAND_METHOD *RAND_SSLeay(void)
 
 static void ssleay_rand_cleanup(void)
 	{
-	memset(state,0,sizeof(state));
+	OPENSSL_cleanse(state,sizeof(state));
 	state_num=0;
 	state_index=0;
-	memset(md,0,MD_DIGEST_LENGTH);
+	OPENSSL_cleanse(md,MD_DIGEST_LENGTH);
 	md_count[0]=0;
 	md_count[1]=0;
 	entropy=0;
@@ -300,7 +304,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 	 * other thread's seeding remains without effect (except for
 	 * the incremented counter).  By XORing it we keep at least as
 	 * much entropy as fits into md. */
-	for (k = 0; k < sizeof md; k++)
+	for (k = 0; k < (int)sizeof(md); k++)
 		{
 		md[k] ^= local_md[k];
 		}
@@ -315,7 +319,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 
 static void ssleay_rand_seed(const void *buf, int num)
 	{
-	ssleay_rand_add(buf, num, num);
+	ssleay_rand_add(buf, num, (double)num);
 	}
 
 static int ssleay_rand_bytes(unsigned char *buf, int num)
@@ -332,6 +336,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 #endif
 	int do_stir_pool = 0;
 
+#ifdef OPENSSL_FIPS
+	if(FIPS_mode())
+	    {
+	    FIPSerr(FIPS_F_SSLEAY_RAND_BYTES,FIPS_R_NON_FIPS_METHOD);
+	    return 0;
+	    }
+#endif
+
 #ifdef PREDICT
 	if (rand_predictable)
 		{
@@ -520,7 +532,7 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
 		err = ERR_peek_error();
 		if (ERR_GET_LIB(err) == ERR_LIB_RAND &&
 		    ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED)
-			(void)ERR_get_error();
+			ERR_clear_error();
 		}
 	return (ret);
 	}