diff options
author | Richard J. Moore <rich@kde.org> | 2015-05-26 10:45:57 +0100 |
---|---|---|
committer | Richard J. Moore <rich@kde.org> | 2015-05-29 21:34:29 +0000 |
commit | 21ec751cdcf2f5aa4c14a040edbe26b0cb3b2540 (patch) | |
tree | f39a3e8dd3d969b6bb2d3850ea3b564105f94a07 /src/network/ssl | |
parent | aff3f7f767617c9f569ed5101a12d677233be901 (diff) |
Remove unsafe random seeding fallback path.
OpenSSL should automatically seed the random number generator, and the
current fallback code does not offer strong guarantees. It should
never actually be used, so let's remove it entirely.
Change-Id: I9a0a70345fe8df5913871bcac644623b687aea01
Reviewed-by: Peter Hartmann <peter-qt@hartmann.tk>
Diffstat (limited to 'src/network/ssl')
-rw-r--r-- | src/network/ssl/qsslsocket_openssl.cpp | 26 |
1 files changed, 2 insertions, 24 deletions
diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp index 00e13e449b..0bb153516c 100644 --- a/src/network/ssl/qsslsocket_openssl.cpp +++ b/src/network/ssl/qsslsocket_openssl.cpp @@ -494,30 +494,8 @@ bool QSslSocketPrivate::ensureLibraryLoaded() // Initialize OpenSSL's random seed. if (!q_RAND_status()) { - struct { - int msec; - int sec; - void *stack; - } randomish; - - int attempts = 500; - do { - if (attempts < 500) { -#ifdef Q_OS_UNIX - struct timespec ts = {0, 33333333}; - nanosleep(&ts, 0); -#else - Sleep(3); -#endif - randomish.msec = attempts; - } - randomish.stack = (void *)&randomish; - randomish.msec = QTime::currentTime().msec(); - randomish.sec = QTime::currentTime().second(); - q_RAND_seed((const char *)&randomish, sizeof(randomish)); - } while (!q_RAND_status() && --attempts); - if (!attempts) - return false; + qWarning("Random number generator not seeded, disabling SSL support"); + return false; } } return true; |