Commit bb84ec329622648a3452d29d44c55cbd827e6abb - libcrypt-ssleay-perl

Add link to Security.Stackexchange thread where I asked about whether the seeding from `/dev/urandom` or stack variable should remain. A. Sinan Unur 10 years ago

1 changed file(s) with 4 addition(s) and 6 deletion(s). Raw diff Collapse all Expand all

-6

SSLeay.xs less more

131	131
132	132	/** Code from Devin Heitmueller, 10/3/2002 **/
133	133	/** Use /dev/urandom to seed if available **/
134		/* see also
135		* http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/
	134	/* ASU: 2014/04/23 It looks like it is OK to leave
	135	* this in. See following thread:
	136	* http://security.stackexchange.com/questions/56469/
136	137	*/
137		/* Also, http://wiki.openssl.org/index.php/Random_Numbers#Seeds
138		* seems to indicate maybe we should not be doing this ourselves
139		*/
140		if (RAND_load_file("/dev/urandom", CRYPT_SSLEAY_RAND_BUFSIZE)
	138	if (RAND_load_file("/dev/urandom", CRYPT_SSLEAY_RAND_BUFSIZE)
141	139	!= CRYPT_SSLEAY_RAND_BUFSIZE)
142	140	{
143	141	/* Couldn't read /dev/urandom, just seed off