summaryrefslogtreecommitdiff
path: root/lib/server
diff options
context:
space:
mode:
authorChris Wilson <chris+github@qwirx.com>2008-10-08 22:22:00 +0000
committerChris Wilson <chris+github@qwirx.com>2008-10-08 22:22:00 +0000
commit146baf7e2035e3e426b6106b381c0c2784e5b281 (patch)
tree9e713bc1f61fc5b6bad2a55691badeb25aeb427a /lib/server
parent177146a9191c01ee0108cfc8974a9fc658a8fa17 (diff)
Use Windows Crypto API to seed the random number generator, and remove
warning that it hasn't been seeded on Windows.
Diffstat (limited to 'lib/server')
-rw-r--r--lib/server/SSLLib.cpp36
1 files changed, 35 insertions, 1 deletions
diff --git a/lib/server/SSLLib.cpp b/lib/server/SSLLib.cpp
index 7ae93ee6..71ebb78e 100644
--- a/lib/server/SSLLib.cpp
+++ b/lib/server/SSLLib.cpp
@@ -14,6 +14,10 @@
#include <openssl/err.h>
#include <openssl/rand.h>
+#ifdef WIN32
+ #include <wincrypt.h>
+#endif
+
#include "SSLLib.h"
#include "ServerException.h"
@@ -43,7 +47,37 @@ void SSLLib::Initialise()
::SSL_load_error_strings();
// Extra seeding over and above what's already done by the library
-#ifdef HAVE_RANDOM_DEVICE
+#ifdef WIN32
+ HCRYPTPROV provider;
+ if(!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL,
+ CRYPT_VERIFYCONTEXT))
+ {
+ BOX_LOG_WIN_ERROR("Failed to acquire crypto context");
+ BOX_WARNING("No random device -- additional seeding of "
+ "random number generator not performed.");
+ }
+ else
+ {
+ // must free provider
+ BYTE buf[1024];
+
+ if(!CryptGenRandom(provider, sizeof(buf), buf))
+ {
+ BOX_LOG_WIN_ERROR("Failed to get random data");
+ BOX_WARNING("No random device -- additional seeding of "
+ "random number generator not performed.");
+ }
+ else
+ {
+ RAND_seed(buf, sizeof(buf));
+ }
+
+ if(!CryptReleaseContext(provider, 0))
+ {
+ BOX_LOG_WIN_ERROR("Failed to release crypto context");
+ }
+ }
+#elif HAVE_RANDOM_DEVICE
if(::RAND_load_file(RANDOM_DEVICE, 1024) != 1024)
{
THROW_EXCEPTION(ServerException, SSLRandomInitFailed)