|
 |
89a891 |
From 16c1bd61384e993fef13d7be88fdd34551a2b3ce Mon Sep 17 00:00:00 2001
|
|
|
89a891 |
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
|
|
|
89a891 |
Date: Wed, 23 Jan 2019 20:12:51 +0100
|
|
|
89a891 |
Subject: [PATCH] Use custom random generator only for bind build
|
|
|
89a891 |
|
|
|
89a891 |
Do not test random entropy on startup when used by DHCP. On most cases
|
|
|
89a891 |
random entropy is not even used by DHCP. In cases it is (LDAP SSL), fail
|
|
|
89a891 |
whenever it is not available.
|
|
|
89a891 |
|
|
|
89a891 |
Resolves: rhbz#1668682
|
|
|
89a891 |
---
|
|
|
89a891 |
lib/dns/openssl_link.c | 2 ++
|
|
|
89a891 |
1 file changed, 2 insertions(+)
|
|
|
89a891 |
|
|
|
89a891 |
diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c
|
|
|
89a891 |
index 91e87d0..2551b0a 100644
|
|
|
89a891 |
--- a/lib/dns/openssl_link.c
|
|
|
89a891 |
+++ b/lib/dns/openssl_link.c
|
|
|
89a891 |
@@ -289,6 +289,7 @@ dst__openssl_init(const char *engine) {
|
|
|
89a891 |
#endif
|
|
|
89a891 |
#endif /* !defined(OPENSSL_NO_ENGINE) */
|
|
|
89a891 |
|
|
|
89a891 |
+#ifdef ISC_PLATFORM_USETHREADS
|
|
|
89a891 |
/* Protect ourselves against unseeded PRNG */
|
|
|
89a891 |
if (RAND_status() != 1) {
|
|
|
89a891 |
FATAL_ERROR(__FILE__, __LINE__,
|
|
|
89a891 |
@@ -296,6 +297,7 @@ dst__openssl_init(const char *engine) {
|
|
|
89a891 |
"cannot be initialized (see the `PRNG not "
|
|
|
89a891 |
"seeded' message in the OpenSSL FAQ)");
|
|
|
89a891 |
}
|
|
|
89a891 |
+#endif /* ISC_PLATFORM_USETHREADS */
|
|
|
89a891 |
|
|
|
89a891 |
return (ISC_R_SUCCESS);
|
|
|
89a891 |
|
|
|
89a891 |
--
|
|
|
89a891 |
2.20.1
|
|
|
89a891 |
|