Make crypto_seed_rng() and crypto_rand() less scary.

These functions must really never fail; so have crypto_rand() assert that it's working okay, and have crypto_seed_rng() demand that callers check its return value. Also have crypto_seed_rng() check RAND_status() before returning.
author: Nick Mathewson <nickm@torproject.org> 2015-11-25 10:30:58 -0500
committer: Nick Mathewson <nickm@torproject.org> 2015-11-25 22:29:59 -0500
commit: dedea28c2ef59eb86f5d9704e5609ae13fa8b3c2 (patch)
tree: 92ddba2410a8a80aad28734be47c78c460bbd6e6 /src/or/main.c
parent: 232ccc18c40f0d0302b2e21b0f67885c548f8e63 (diff)
download: tor-dedea28c2ef59eb86f5d9704e5609ae13fa8b3c2.tar.gz
tor-dedea28c2ef59eb86f5d9704e5609ae13fa8b3c2.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/or/main.c b/src/or/main.c
index 9b3dbb5586..0f8d7ff3fa 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1389,7 +1389,10 @@ run_scheduled_events(time_t now)
   if (time_to.add_entropy < now) {
     if (time_to.add_entropy) {
       /* We already seeded once, so don't die on failure. */
-      crypto_seed_rng();
+      if (crypto_seed_rng() < 0) {
+        log_warn(LD_GENERAL, "Tried to re-seed RNG, but failed. We already "
+                 "seeded once, though, so we won't exit here.");
+      }
     }
 /** How often do we add more entropy to OpenSSL's RNG pool? */
 #define ENTROPY_INTERVAL (60*60)
author	Nick Mathewson <nickm@torproject.org>	2015-11-25 10:30:58 -0500
committer	Nick Mathewson <nickm@torproject.org>	2015-11-25 22:29:59 -0500
commit	dedea28c2ef59eb86f5d9704e5609ae13fa8b3c2 (patch)
tree	92ddba2410a8a80aad28734be47c78c460bbd6e6 /src/or/main.c
parent	232ccc18c40f0d0302b2e21b0f67885c548f8e63 (diff)
download	tor-dedea28c2ef59eb86f5d9704e5609ae13fa8b3c2.tar.gz tor-dedea28c2ef59eb86f5d9704e5609ae13fa8b3c2.zip