Refactor crypto RNG; add getrandom() support

[tinc] / src / openssl / crypto.c

diff --git a/src/openssl/crypto.c b/src/openssl/crypto.c
index db921d6..3960c3e 100644 (file)
--- a/src/openssl/crypto.c
+++ b/src/openssl/crypto.c
@@ -1,6 +1,6 @@
 /*
     crypto.c -- Cryptographic miscellaneous functions and initialisation
-    Copyright (C) 2007 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 2007-2021 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -17,27 +17,20 @@
     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
 
-#include "system.h"
+#include "../system.h"
 
 #include <openssl/rand.h>
-#include <openssl/evp.h>
 #include <openssl/engine.h>
 
-#include "crypto.h"
+#include "../crypto.h"
 
 void crypto_init(void) {
-        RAND_load_file("/dev/urandom", 1024);
-
-        ENGINE_load_builtin_engines();
-        ENGINE_register_all_complete();
-
-        OpenSSL_add_all_algorithms();
-}
-
-void crypto_exit(void) {
-       EVP_cleanup();
-}
-
-void randomize(void *out, size_t outlen) {
-       RAND_pseudo_bytes(out, outlen);
+#if OPENSSL_VERSION_MAJOR < 3
+       ENGINE_load_builtin_engines();
+#endif
+
+       if(!RAND_status()) {
+               fprintf(stderr, "Not enough entropy for the PRNG!\n");
+               abort();
+       }
 }