diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-02-05 16:53:21 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-02-05 16:57:42 -0600 |
| commit | f146d45288fa821ffba6dd0705be75acaf61e8e9 (patch) | |
| tree | 21e73fc63a3715dfd831458b2d14fd9bf3222352 | |
| parent | d258222091c9ac2d5a701debca356e3d9a3f8559 (diff) | |
| download | cryptography-f146d45288fa821ffba6dd0705be75acaf61e8e9.tar.gz cryptography-f146d45288fa821ffba6dd0705be75acaf61e8e9.tar.bz2 cryptography-f146d45288fa821ffba6dd0705be75acaf61e8e9.zip | |
get urandom fd flag and bitwise OR it with FD_CLOEXEC. comment update
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/osrandom_engine.py | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/cryptography/hazmat/bindings/openssl/osrandom_engine.py b/cryptography/hazmat/bindings/openssl/osrandom_engine.py index 5c5661b9..6e7e172e 100644 --- a/cryptography/hazmat/bindings/openssl/osrandom_engine.py +++ b/cryptography/hazmat/bindings/openssl/osrandom_engine.py @@ -88,7 +88,11 @@ static int osrandom_init(ENGINE *e) { } urandom_fd = open("/dev/urandom", O_RDONLY); if (urandom_fd > -1) { - if (fcntl(urandom_fd, F_SETFD, FD_CLOEXEC) == -1) { + int flags = fcntl(urandom_fd, F_GETFD); + if (flags == -1) { + osrandom_finish(e); + return 0; + } else if (fcntl(urandom_fd, F_SETFD, flags | FD_CLOEXEC) == -1) { osrandom_finish(e); return 0; } @@ -147,7 +151,7 @@ static const char *Cryptography_osrandom_engine_name = "osrandom_engine"; #endif /* This replicates the behavior of the OpenSSL FIPS RNG, which returns a --1 in the event that there is an error when calling RAND_pseudo_bytes. */ + -1 in the event that there is an error when calling RAND_pseudo_bytes. */ static int osrandom_pseudo_rand_bytes(unsigned char *buffer, int size) { int res = osrandom_rand_bytes(buffer, size); if (res == 0) { |