Modify the DEVRANDOM source so that the files are kept open persistently.
authorPauli <paul.dale@oracle.com>
Wed, 6 Jun 2018 23:31:44 +0000 (09:31 +1000)
committerPauli <paul.dale@oracle.com>
Tue, 26 Jun 2018 21:15:36 +0000 (07:15 +1000)
commitc7504aeb640a88949dfe3146f7e0f275f517464c
treea94b2a6fdcc9c108d22178cebe54de391f204cb9
parent41145c35bfee8f2b0822288fcb23a807d06d8e89
Modify the DEVRANDOM source so that the files are kept open persistently.
This allows operation inside a chroot environment without having the
random device present.

A new call, RAND_keep_random_devices_open(), has been introduced that can
be used to control file descriptor use by the random seed sources. Some
seed sources maintain open file descriptors by default, which allows
such sources to operate in a chroot(2) jail without the associated device
nodes being available.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6432)
CHANGES
crypto/include/internal/rand_int.h
crypto/rand/rand_lib.c
crypto/rand/rand_unix.c
crypto/rand/rand_vms.c
crypto/rand/rand_win.c
doc/man3/RAND_add.pod
include/openssl/rand.h
util/libcrypto.num