generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Reduced the length of data read from the random entropy file.

Browse Source
This commit is contained in:
Dan Fandrich 2005-03-04 22:36:56 +00:00
parent 67bd6f9ccd
commit b01151e81c
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/ssluse.c
View File

@ -103,6 +103,13 @@
#define HAVE_ERR_ERROR_STRING_N 1 #define HAVE_ERR_ERROR_STRING_N 1
#endif #endif
/*
* Number of bytes to read from the random number seed file. This must be
* a finite value (because some entropy "files" like /dev/urandom have
* an infinite length), but must be large enough to provide enough
* entopy to properly seed OpenSSL's PRNG.
*/
#define RAND_LOAD_LENGTH 1024
#ifndef HAVE_USERDATA_IN_PWD_CALLBACK #ifndef HAVE_USERDATA_IN_PWD_CALLBACK
static char global_passwd[64]; static char global_passwd[64];
@ -169,7 +176,7 @@ int random_the_seed(struct SessionHandle *data)
/* let the option override the define */ /* let the option override the define */
nread += RAND_load_file((data->set.ssl.random_file? nread += RAND_load_file((data->set.ssl.random_file?
data->set.ssl.random_file:RANDOM_FILE), data->set.ssl.random_file:RANDOM_FILE),
16384); /* bounded size in case it's /dev/urandom */ RAND_LOAD_LENGTH);
if(seed_enough(nread)) if(seed_enough(nread))
return nread; return nread;
} }
@ -231,7 +238,7 @@ int random_the_seed(struct SessionHandle *data)
RAND_file_name(buf, BUFSIZE); RAND_file_name(buf, BUFSIZE);
if(buf[0]) { if(buf[0]) {
/* we got a file name to try */ /* we got a file name to try */
nread += RAND_load_file(buf, 16384); nread += RAND_load_file(buf, RAND_LOAD_LENGTH);
if(seed_enough(nread)) if(seed_enough(nread))
return nread; return nread;
} }