Skip to content

Add HAVE_GETPID to options.h if getpid detected #8898

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
dgarske merged 3 commits into from
Jun 24, 2025
Merged

Add HAVE_GETPID to options.h if getpid detected #8898

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
9c35c0d
Add HAVE_GETPID to options.h if getpid detected, needed for apps to c…
cconlon Jun 18, 2025
cdd02f9
Add check for reseed in ssl.c for HAVE_SELFTEST, similar to old FIPS …
cconlon Jun 18, 2025
9ee212c
fix for free'ing memory with test case
JacobBarthelmeh Jun 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions configure.ac
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,9 @@ fi
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_CTYPE_H
#include <ctype.h>
#endif
Expand Down Expand Up @@ -10469,6 +10472,12 @@ then
AM_CFLAGS="$AM_CFLAGS -DHAVE___UINT128_T=1"
fi

# Add HAVE_GETPID to AM_CFLAGS for inclusion in options.h
if test "$ac_cv_func_getpid" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_GETPID=1"
fi

LIB_SOCKET_NSL
AX_HARDEN_CC_COMPILER_FLAGS

Expand Down
9 changes: 6 additions & 3 deletions src/ssl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25514,7 +25514,7 @@ static int wolfSSL_RAND_InitMutex(void)
#ifdef OPENSSL_EXTRA

#if defined(HAVE_GETPID) && !defined(WOLFSSL_NO_GETPID) && \
defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)
((defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)) || defined(HAVE_SELFTEST))
/* In older FIPS bundles add check for reseed here since it does not exist in
* the older random.c certified files. */
static pid_t currentRandPid = 0;
Expand All @@ -25533,7 +25533,9 @@ int wolfSSL_RAND_Init(void)
ret = wc_InitRng(&globalRNG);
if (ret == 0) {
#if defined(HAVE_GETPID) && !defined(WOLFSSL_NO_GETPID) && \
defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)
((defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)) || \
defined(HAVE_SELFTEST))

currentRandPid = getpid();
#endif
initGlobalRNG = 1;
Expand Down Expand Up @@ -26014,7 +26016,8 @@ int wolfSSL_RAND_bytes(unsigned char* buf, int num)
*/
if (initGlobalRNG) {
#if defined(HAVE_GETPID) && !defined(WOLFSSL_NO_GETPID) && \
defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)
((defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0)) || \
defined(HAVE_SELFTEST))
pid_t p;

p = getpid();
Expand Down
5 changes: 2 additions & 3 deletions tests/api.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33211,7 +33211,7 @@ static int test_wolfSSL_RAND_bytes(void)

max_bufsize = size4;

ExpectNotNull(my_buf = (byte*)XMALLOC(max_bufsize * sizeof(byte), NULL,
ExpectNotNull(my_buf = (byte*)XMALLOC(max_bufsize * sizeof(byte), HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));

ExpectIntEQ(RAND_bytes(my_buf, 0), 1);
Expand All @@ -33222,6 +33222,7 @@ static int test_wolfSSL_RAND_bytes(void)
ExpectIntEQ(RAND_bytes(my_buf, size2), 1);
ExpectIntEQ(RAND_bytes(my_buf, size3), 1);
ExpectIntEQ(RAND_bytes(my_buf, size4), 1);
XFREE(my_buf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);

#if defined(OPENSSL_EXTRA) && defined(HAVE_GETPID)
XMEMSET(seed, 0, sizeof(seed));
Expand Down Expand Up @@ -33262,8 +33263,6 @@ static int test_wolfSSL_RAND_bytes(void)
}
RAND_cleanup();
#endif

XFREE(my_buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
Expand Down