This patch should solve all of the entropy failures on NT4 as reported
to openssl-users. The patch:
. corrects prototypes for NET API functions to work with VC6 headers
. ensures that Registry Performance Data will not be queried on W2K
. provides a conservative non-zero value for the number of bytes of
entropy that may be provided by each block of data fed to
RAND_add() based upon an examination of the data structures.
zhu qun-ying, would you please apply this patch and confirm to
[EMAIL PROTECTED] that it compiles on VC6 and mwing32 and that
it solves the problem on your NT4 SP6 system. If you can confirm this
before Richard needs to start building Beta 3 it would be appreciated.
- Jeff
174c174
< #if 0 /* Some compilers use LMSTR, others (VC6, for example) use LPTSTR.
---
> #if 1 /* Some compilers use LMSTR, others (VC6, for example) use LPTSTR.
175a176,181
> *
> * The NET API is Unicode only. It requires the use of the UNICODE
> * macro. When UNICODE is defined LPTSTR becomes LPWSTR. LMSTR was
> * was added to the Platform SDK to allow the NET API to be used in
> * non-Unicode applications provided that Unicode strings were still
> * used for input. LMSTR is defined as LPWSTR.
178c184
< (LMSTR, LMSTR, DWORD, DWORD, LPBYTE*);
---
> (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE*);
180c186
< #endif /* 0 */
---
> #endif /* 1 */
194c200
< #if 0 /* This part is disabled until a fix for the problem with the
---
> #if 1 /* This part is disabled until a fix for the problem with the
199c205
< #endif /* 0 */
---
> #endif /* 1 */
200a207,213
> /* Determine the OS version we are on so we can turn off things
> * that do not work properly.
> */
> OSVERSIONINFO osverinfo ;
> osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ;
> GetVersionEx( &osverinfo ) ;
>
207c220
< #if 0 /* This part is disabled until a fix for the problem with the
---
> #if 1 /* This part is disabled until a fix for the problem with the
209a223,225
> *
> * VC6 does recognize strings beginning with L". The definition of
> * TEXT() when UNICODE is defined is L##"x" which evaluates to L"x".
220c236,240
< /* NetStatisticsGet() is a Unicode only function */
---
> /* NetStatisticsGet() is a Unicode only function
> * STAT_WORKSTATION_0 contains 45 fields and STAT_SERVER_0 contains
> * 17 fields. We treat each field as a source of one byte of
> * entropy.
> */
223c243
< RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 0);
---
> RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 45);
228c248
< RAND_add(outbuf, sizeof(STAT_SERVER_0), 0);
---
> RAND_add(outbuf, sizeof(STAT_SERVER_0), 17);
235c255
< #endif /* 0 */
---
> #endif /* 1 */
237,238c257,259
< #if 0 /* It appears like this can cause an exception deep within ADVAPI32.DLL
< * at random times. Reported by Jeffrey Altman.
---
> /* It appears like this can cause an exception deep within ADVAPI32.DLL
> * at random times on Windows 2000. Reported by Jeffrey Altman.
> * Only use it on NT.
239a261,263
> if ( osverinfo.dwPlatformId == VER_PLATFORM_WIN32_NT &&
> osverinfo.dwMajorVersion < 5)
> {
245d268
< {
263a287,289
> /* For entropy count assume only least significant byte
> * of each DWORD is random.
> */
265c291
< RAND_add(buf, length, 0);
---
> RAND_add(buf, length, length / 4.0);
270d295
< #endif /* 0 */
284a310
> /* The CryptoAPI returns sizeof(buf) bytes of randomness */
290c316
< RAND_add(buf, sizeof(buf), 0);
---
> RAND_add(buf, sizeof(buf), sizeof(buf));
303c329
< RAND_add(buf, sizeof(buf), 0);
---
> RAND_add(buf, sizeof(buf), sizeof(buf));
324c350
< RAND_add(&w, sizeof(w), 0);
---
> RAND_add(&w, sizeof(w), 1);
349,352d374
< OSVERSIONINFO osverinfo ;
< osverinfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO) ;
< GetVersionEx( &osverinfo ) ;
<
360a383
> /* assume 2 bytes of entropy */
364c387
< RAND_add(&ci, ci.cbSize, 0);
---
> RAND_add(&ci, ci.cbSize, 2);
369a393
> /* assume 1 byte of entropy */
371c395
< RAND_add(&w, sizeof(w), 0);
---
> RAND_add(&w, sizeof(w), 1);
427a452,458
> /* HEAPLIST32 contains 3 fields that will change with
> * each entry. Consider each field a source of 1 byte
> * of entropy.
> * HEAPENTRY32 contains 5 fields that will change with
> * each entry. Consider each field a source of 1 byte
> * of entropy.
> */
432c463
< RAND_add(&hlist, hlist.dwSize, 0);
---
> RAND_add(&hlist, hlist.dwSize, 3);
441c472
< hentry.dwSize, 0);
---
> hentry.dwSize, 5);
448a480,483
> /* PROCESSENTRY32 contains 9 fields that will change
> * with each entry. Consider each field a source of
> * 1 byte of entropy.
> */
452c487
< RAND_add(&p, p.dwSize, 0);
---
> RAND_add(&p, p.dwSize, 9);
455a491,494
> /* THREADENTRY32 contains 6 fields that will change
> * with each entry. Consider each field a source of
> * 1 byte of entropy.
> */
459c498
< RAND_add(&t, t.dwSize, 0);
---
> RAND_add(&t, t.dwSize, 6);
462a502,505
> /* MODULEENTRY32 contains 9 fields that will change
> * with each entry. Consider each field a source of
> * 1 byte of entropy.
> */
466c509
< RAND_add(&m, m.dwSize, 1);
---
> RAND_add(&m, m.dwSize, 9);
Jeffrey Altman * Sr.Software Designer
The Kermit Project * Columbia University
612 West 115th St * New York, NY * 10025 * USA
http://www.kermit-project.org/ * [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
