bind/bind-9.11-rh1663318.patch
Petr Menšík 67a5cd83ff Made RAND_status check optional (broke --disable-crypto-rand)
dhclient can terminate if not enough entropy, but it never requires
random data. On a new virtual machine, lack of entropy can be common.
Ensure it does not prevent DHCP client assigning an IP address.
2019-01-16 17:43:33 +01:00

33 lines
917 B
Diff

From 48d86dd3d834bcedd0c977d193c36b12e8398b4e Mon Sep 17 00:00:00 2001
From: Francis Dupont <fdupont@isc.org>
Date: Sun, 17 Sep 2017 12:02:09 +0200
Subject: [PATCH] Made RAND_status check optional (broke --disable-crypto-rand)
---
lib/dns/openssl_link.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c
index 91e87d0..3cddaa9 100644
--- a/lib/dns/openssl_link.c
+++ b/lib/dns/openssl_link.c
@@ -289,6 +289,7 @@ dst__openssl_init(const char *engine) {
#endif
#endif /* !defined(OPENSSL_NO_ENGINE) */
+#ifdef ISC_PLATFORM_CRYPTORANDOM
/* Protect ourselves against unseeded PRNG */
if (RAND_status() != 1) {
FATAL_ERROR(__FILE__, __LINE__,
@@ -296,6 +297,7 @@ dst__openssl_init(const char *engine) {
"cannot be initialized (see the `PRNG not "
"seeded' message in the OpenSSL FAQ)");
}
+#endif
return (ISC_R_SUCCESS);
--
2.20.1