Remove unsafe random seeding fallback path.

OpenSSL should automatically seed the random number generator, and the
current fallback code does not offer strong guarantees. It should
never actually be used, so let's remove it entirely.

Change-Id: I9a0a70345fe8df5913871bcac644623b687aea01
Reviewed-by: Peter Hartmann <peter-qt@hartmann.tk>
bb10
Richard J. Moore 2015-05-26 10:45:57 +01:00
parent aff3f7f767
commit 21ec751cdc
1 changed files with 2 additions and 24 deletions

View File

@ -494,30 +494,8 @@ bool QSslSocketPrivate::ensureLibraryLoaded()
// Initialize OpenSSL's random seed.
if (!q_RAND_status()) {
struct {
int msec;
int sec;
void *stack;
} randomish;
int attempts = 500;
do {
if (attempts < 500) {
#ifdef Q_OS_UNIX
struct timespec ts = {0, 33333333};
nanosleep(&ts, 0);
#else
Sleep(3);
#endif
randomish.msec = attempts;
}
randomish.stack = (void *)&randomish;
randomish.msec = QTime::currentTime().msec();
randomish.sec = QTime::currentTime().second();
q_RAND_seed((const char *)&randomish, sizeof(randomish));
} while (!q_RAND_status() && --attempts);
if (!attempts)
return false;
qWarning("Random number generator not seeded, disabling SSL support");
return false;
}
}
return true;