67a5cd83ff
dhclient can terminate if not enough entropy, but it never requires random data. On a new virtual machine, lack of entropy can be common. Ensure it does not prevent DHCP client assigning an IP address.
33 lines
917 B
Diff
33 lines
917 B
Diff
From 48d86dd3d834bcedd0c977d193c36b12e8398b4e Mon Sep 17 00:00:00 2001
|
|
From: Francis Dupont <fdupont@isc.org>
|
|
Date: Sun, 17 Sep 2017 12:02:09 +0200
|
|
Subject: [PATCH] Made RAND_status check optional (broke --disable-crypto-rand)
|
|
|
|
---
|
|
lib/dns/openssl_link.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c
|
|
index 91e87d0..3cddaa9 100644
|
|
--- a/lib/dns/openssl_link.c
|
|
+++ b/lib/dns/openssl_link.c
|
|
@@ -289,6 +289,7 @@ dst__openssl_init(const char *engine) {
|
|
#endif
|
|
#endif /* !defined(OPENSSL_NO_ENGINE) */
|
|
|
|
+#ifdef ISC_PLATFORM_CRYPTORANDOM
|
|
/* Protect ourselves against unseeded PRNG */
|
|
if (RAND_status() != 1) {
|
|
FATAL_ERROR(__FILE__, __LINE__,
|
|
@@ -296,6 +297,7 @@ dst__openssl_init(const char *engine) {
|
|
"cannot be initialized (see the `PRNG not "
|
|
"seeded' message in the OpenSSL FAQ)");
|
|
}
|
|
+#endif
|
|
|
|
return (ISC_R_SUCCESS);
|
|
|
|
--
|
|
2.20.1
|
|
|