libgcrypt/libgcrypt-fix-rng.patch
Ismail Dönmez 31afb2af23 Accepting request 235418 from home:msmeissn:branches:devel:libraries:c_c++
- libgcrypt-fix-rng.patch: make drbg work again in FIPS mode.
- libgcrypt-1.6.1-use-fipscheck.patch: library to test is libgcrypt.so.20
  and not libgcrypt.so.11
- libgcrypt-init-at-elf-load-fips.patch: initialize globally on ELF 
  DSO loading to meet FIPS requirements.

OBS-URL: https://build.opensuse.org/request/show/235418
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=57
2014-05-27 18:06:59 +00:00

25 lines
913 B
Diff

Index: libgcrypt-1.6.1/random/random.c
===================================================================
--- libgcrypt-1.6.1.orig/random/random.c
+++ libgcrypt-1.6.1/random/random.c
@@ -440,6 +440,9 @@ _gcry_create_nonce (void *buffer, size_t
size_t n;
int err;
+ /* Make sure we are initialized. */
+ _gcry_random_initialize (1);
+
/* First check whether we shall use the FIPS nonce generator. This
is only done in FIPS mode, in all other modes, we use our own
nonce generator which is seeded by the RNG actual in use. */
@@ -455,9 +458,6 @@ _gcry_create_nonce (void *buffer, size_t
FIPS mode (not that this means it is also used if the FIPS RNG
has been selected but we are not in fips mode). */
- /* Make sure we are initialized. */
- _gcry_random_initialize (1);
-
/* Acquire the nonce buffer lock. */
err = ath_mutex_lock (&nonce_buffer_lock);
if (err)