[openssh-commits] [openssh] 03/03: Defer seed_rng until after closefrom call.
git+noreply at mindrot.org
git+noreply at mindrot.org
Wed Nov 9 09:43:30 AEDT 2022
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit cf1a9852d7fc93e4abc4168aed09529a57427cdc
Author: Darren Tucker <dtucker at dtucker.net>
Date: Wed Nov 9 09:23:47 2022 +1100
Defer seed_rng until after closefrom call.
seed_rng will initialize OpenSSL, and some engine providers (eg Intel's
QAT) will open descriptors for their own use. bz#3483, patch from
joel.d.schuetze at intel.com, ok djm@
---
sshd.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sshd.c b/sshd.c
index b4bb7d65..808d91ef 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1580,8 +1580,6 @@ main(int ac, char **av)
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
- seed_rng();
-
/* Initialize configuration options to their default values. */
initialize_server_options(&options);
@@ -1703,6 +1701,8 @@ main(int ac, char **av)
else
closefrom(REEXEC_DEVCRYPTO_RESERVED_FD);
+ seed_rng();
+
/* If requested, redirect the logs to the specified logfile. */
if (logfile != NULL)
log_redirect_stderr_to(logfile);
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list