- Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present

only in some OpenSSL installs - like on Windows) isn't thread-safe and we agreed that moving it to the global_init() function is a decent way to deal with this situation.
2009-08-01 11:09:02 +00:00
parent 2642638fca
commit 0dce2ff8a0
4 changed files with 16 additions and 5 deletions
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -225,8 +225,7 @@ static int ossl_seed(struct SessionHandle *data)
  /* If we get here, it means we need to seed the PRNG using a "silly"
     approach! */
 #ifdef HAVE_RAND_SCREEN
-  /* This one gets a random value by reading the currently shown screen */
-  RAND_screen();
+  /* if RAND_screen() is present, it was called during global init */
  nread = 100; /* just a value */
 #else
  {
@@ -642,6 +641,13 @@ int Curl_ossl_init(void)

  OpenSSL_add_all_algorithms();

+#ifdef HAVE_RAND_SCREEN
+  /* This one gets a random value by reading the currently shown screen.
+     RAND_screen() is not thread-safe according to OpenSSL devs - although not
+     mentioned in documentation. */
+  RAND_screen();
+#endif
+
  return 1;
 }