what platforms require RAND_add() before using SSL?
There are some functions in _ssl.c for gathering randomness from a daemon, and adding that randomness to the pseudo-random number generator in SSL, before using SSL. There's a note there saying that "on some platform" this is necessary. Anyone know which platforms? Bill
There are some functions in _ssl.c for gathering randomness from a daemon, and adding that randomness to the pseudo-random number generator in SSL, before using SSL. There's a note there saying that "on some platform" this is necessary. Anyone know which platforms?
In general, anything that does not have /dev/[u]random; older Solaris releases and HP-UX in particular. Regards, Martin
There are some functions in _ssl.c for gathering randomness from a daemon, and adding that randomness to the pseudo-random number generator in SSL, before using SSL. There's a note there saying that "on some platform" this is necessary. Anyone know which platforms?
In general, anything that does not have /dev/[u]random; older Solaris releases and HP-UX in particular.
Thanks, I"ll add that to the documentation. Any ideas what the values of the "entropy" parameter to RAND_add() are like, or how they are derived? I did a rapid skim of RFC 1750, but didn't see it there. Bill
participants (2)
-
"Martin v. Löwis" -
Bill Janssen