From d5b87cea87ecb72cc7d5e42aa044adfcd3e37e23 Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Mon, 12 Dec 2016 20:53:08 +0100 Subject: [PATCH] Modification for BoringSSL --- CHANGES | 3 +++ xio-openssl.c | 12 ++++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index 332f9a3..06f7e63 100644 --- a/CHANGES +++ b/CHANGES @@ -55,6 +55,9 @@ porting: providing the base patch. Debian Bug#828550 + Make Socat compatible with BoringSSL. + Thanks to Matt Braithwaite for providing a patch. + testing: socks4echo.sh and socks4a-echo.sh hung with new bash with read -n diff --git a/xio-openssl.c b/xio-openssl.c index 2ea0542..3fe460c 100644 --- a/xio-openssl.c +++ b/xio-openssl.c @@ -1119,13 +1119,21 @@ static int openssl_SSL_ERROR_SSL(int level, const char *funcname) { while (e = ERR_get_error()) { Debug1("ERR_get_error(): %lx", e); - if (e == ((ERR_LIB_RAND<<24)| + if + ( +#if defined(OPENSSL_IS_BORINGSSL) + 0 /* BoringSSL's RNG always succeeds. */ +#else + e == ((ERR_LIB_RAND<<24)| #if defined(RAND_F_RAND_BYTES) (RAND_F_RAND_BYTES<<12)| #else (RAND_F_SSLEAY_RAND_BYTES<<12)| #endif - (RAND_R_PRNG_NOT_SEEDED)) /*0x24064064*/) { + (RAND_R_PRNG_NOT_SEEDED)) /*0x24064064*/ +#endif + ) + { Error("too few entropy; use options \"egd\" or \"pseudo\""); stat = STAT_NORETRY; } else {