diff options
author | Nick Mathewson <nickm@torproject.org> | 2013-12-18 22:04:21 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2013-12-18 22:04:21 -0500 |
commit | 85284c33d1952711703087eb64149ef55ea775cf (patch) | |
tree | 5d14fb6a3fdb9e599625986ada5de994e43ab26e /src/common | |
parent | f12d3fe9aa3d2f97eb1750e30b812358ecdd9139 (diff) | |
parent | dabdc339fe5abc5949f087621996672c122101b6 (diff) | |
download | tor-85284c33d1952711703087eb64149ef55ea775cf.tar tor-85284c33d1952711703087eb64149ef55ea775cf.tar.gz |
Merge remote-tracking branch 'origin/maint-0.2.4'
Conflicts:
src/common/crypto.c
Diffstat (limited to 'src/common')
-rw-r--r-- | src/common/crypto.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index 5afb98e2c..347f27e13 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -168,8 +168,8 @@ log_engine(const char *fn, ENGINE *e) const char *name, *id; name = ENGINE_get_name(e); id = ENGINE_get_id(e); - log_notice(LD_CRYPTO, "Using OpenSSL engine %s [%s] for %s", - name?name:"?", id?id:"?", fn); + log_notice(LD_CRYPTO, "Default OpenSSL engine for %s is %s [%s]", + fn, name?name:"?", id?id:"?"); } else { log_info(LD_CRYPTO, "Using default implementation for %s", fn); } @@ -314,6 +314,7 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir) log_engine("ECDH", ENGINE_get_default_ECDH()); log_engine("ECDSA", ENGINE_get_default_ECDSA()); log_engine("RAND", ENGINE_get_default_RAND()); + log_engine("RAND (which we will not use)", ENGINE_get_default_RAND()); log_engine("SHA1", ENGINE_get_digest_engine(NID_sha1)); log_engine("3DES-CBC", ENGINE_get_cipher_engine(NID_des_ede3_cbc)); log_engine("AES-128-ECB", ENGINE_get_cipher_engine(NID_aes_128_ecb)); @@ -334,6 +335,13 @@ crypto_global_init(int useAccel, const char *accelName, const char *accelDir) log_info(LD_CRYPTO, "NOT using OpenSSL engine support."); } + if (RAND_get_rand_method() != RAND_SSLeay()) { + log_notice(LD_CRYPTO, "It appears that one of our engines has provided " + "a replacement the OpenSSL RNG. Resetting it to the default " + "implementation."); + RAND_set_rand_method(RAND_SSLeay()); + } + evaluate_evp_for_aes(-1); evaluate_ctr_for_aes(); |