Diff
Bounty program for improvements to Tcl and certain Tcl packages.

Differences From Artifact [6e0707c50a]:

To Artifact [1ee30f1327]:


1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811

1812
1813
 *
 *------------------------------------------------------*
 */
static int TlsLibInit (void) {
    static int initialized = 0;
    int i;
    char rnd_seed[16] = "GrzSlplKqUdnnzP!";	/* 16 bytes */
    int status=TCL_OK;

    if (initialized) {
        return status;
    }
    initialized = 1;

#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
    size_t num_locks;

    Tcl_MutexLock(&init_mx);
#endif

	    if (CRYPTO_set_mem_functions((void *(*)(size_t))Tcl_Alloc,
					 (void *(*)(void *, size_t))Tcl_Realloc,
					 (void(*)(void *))Tcl_Free) == 0) {
	       /* Not using Tcl's mem functions ... not critical */
	    }

#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
	    /* should we consider allocating mutexes? */
	    num_locks = CRYPTO_num_locks();
	    if (num_locks > CRYPTO_NUM_LOCKS) {
		status=TCL_ERROR;
		goto done;
	    }

	    CRYPTO_set_locking_callback(CryptoThreadLockCallback);
	    CRYPTO_set_id_callback(CryptoThreadIdCallback);
#endif

	    if (SSL_library_init() != 1) {
	    	status=TCL_ERROR;
		goto done;
	    }
	    SSL_load_error_strings();
	    ERR_load_crypto_strings();

	    /*
	     * Seed the random number generator in the SSL library,
	     * using the do/while construct because of the bug note in the
	     * OpenSSL FAQ at http://www.openssl.org/support/faq.html#USER1
	     *
	     * The crux of the problem is that Solaris 7 does not have a 
	     * /dev/random or /dev/urandom device so it cannot gather enough
	     * entropy from the RAND_seed() when TLS initializes and refuses
	     * to go further. Earlier versions of OpenSSL carried on regardless.
	     */
	    srand((unsigned int) time((time_t *) NULL));
	    do {
		for (i = 0; i < 16; i++) {
		    rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0));
		}
		RAND_seed(rnd_seed, sizeof(rnd_seed));
	    } while (RAND_status() != 1);
done:

#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
	Tcl_MutexUnlock(&init_mx);
#endif

    return status;
}






|


|









|
|
|
|
|


|
|
|
|
|
|

|
|


|
|
|
|
|
|

|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|



|

>


1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
 *
 *------------------------------------------------------*
 */
static int TlsLibInit (void) {
    static int initialized = 0;
    int i;
    char rnd_seed[16] = "GrzSlplKqUdnnzP!";	/* 16 bytes */
    int status = TCL_OK;

    if (initialized) {
        return(status);
    }
    initialized = 1;

#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
    size_t num_locks;

    Tcl_MutexLock(&init_mx);
#endif

    if (CRYPTO_set_mem_functions((void *(*)(size_t))Tcl_Alloc,
				 (void *(*)(void *, size_t))Tcl_Realloc,
				 (void(*)(void *))Tcl_Free) == 0) {
       /* Not using Tcl's mem functions ... not critical */
    }

#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
    /* should we consider allocating mutexes? */
    num_locks = CRYPTO_num_locks();
    if (num_locks > CRYPTO_NUM_LOCKS) {
	status = TCL_ERROR;
	goto done;
    }

    CRYPTO_set_locking_callback(CryptoThreadLockCallback);
    CRYPTO_set_id_callback(CryptoThreadIdCallback);
#endif

    if (SSL_library_init() != 1) {
    	status = TCL_ERROR;
	goto done;
    }
    SSL_load_error_strings();
    ERR_load_crypto_strings();

    /*
     * Seed the random number generator in the SSL library,
     * using the do/while construct because of the bug note in the
     * OpenSSL FAQ at http://www.openssl.org/support/faq.html#USER1
     *
     * The crux of the problem is that Solaris 7 does not have a 
     * /dev/random or /dev/urandom device so it cannot gather enough
     * entropy from the RAND_seed() when TLS initializes and refuses
     * to go further. Earlier versions of OpenSSL carried on regardless.
     */
    srand((unsigned int) time((time_t *) NULL));
    do {
	for (i = 0; i < 16; i++) {
	    rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0));
	}
	RAND_seed(rnd_seed, sizeof(rnd_seed));
    } while (RAND_status() != 1);
done:

#if defined(OPENSSL_THREADS) && defined(TCL_THREADS)
    Tcl_MutexUnlock(&init_mx);
#endif

    return status;
}