[Box Backup-commit] COMMIT r2343 - box/trunk/lib/server
boxbackup-dev at boxbackup.org
boxbackup-dev at boxbackup.org
Wed Oct 8 23:22:01 BST 2008
Author: chris
Date: 2008-10-08 23:22:00 +0100 (Wed, 08 Oct 2008)
New Revision: 2343
Modified:
box/trunk/lib/server/SSLLib.cpp
Log:
Use Windows Crypto API to seed the random number generator, and remove
warning that it hasn't been seeded on Windows.
Modified: box/trunk/lib/server/SSLLib.cpp
===================================================================
--- box/trunk/lib/server/SSLLib.cpp 2008-10-08 20:42:52 UTC (rev 2342)
+++ box/trunk/lib/server/SSLLib.cpp 2008-10-08 22:22:00 UTC (rev 2343)
@@ -14,6 +14,10 @@
#include <openssl/err.h>
#include <openssl/rand.h>
+#ifdef WIN32
+ #include <wincrypt.h>
+#endif
+
#include "SSLLib.h"
#include "ServerException.h"
@@ -43,7 +47,37 @@
::SSL_load_error_strings();
// Extra seeding over and above what's already done by the library
-#ifdef HAVE_RANDOM_DEVICE
+#ifdef WIN32
+ HCRYPTPROV provider;
+ if(!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL,
+ CRYPT_VERIFYCONTEXT))
+ {
+ BOX_LOG_WIN_ERROR("Failed to acquire crypto context");
+ BOX_WARNING("No random device -- additional seeding of "
+ "random number generator not performed.");
+ }
+ else
+ {
+ // must free provider
+ BYTE buf[1024];
+
+ if(!CryptGenRandom(provider, sizeof(buf), buf))
+ {
+ BOX_LOG_WIN_ERROR("Failed to get random data");
+ BOX_WARNING("No random device -- additional seeding of "
+ "random number generator not performed.");
+ }
+ else
+ {
+ RAND_seed(buf, sizeof(buf));
+ }
+
+ if(!CryptReleaseContext(provider, 0))
+ {
+ BOX_LOG_WIN_ERROR("Failed to release crypto context");
+ }
+ }
+#elif HAVE_RANDOM_DEVICE
if(::RAND_load_file(RANDOM_DEVICE, 1024) != 1024)
{
THROW_EXCEPTION(ServerException, SSLRandomInitFailed)
More information about the Boxbackup-commit
mailing list