moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2025-03-11 07:39:50 -04:00
Code Issues Releases Wiki Activity

Richard Gorton improved the random_the_seed() function for systems where

Browse Source 
we don't find/know of a good random source. This way, we get a better
randomness which in turn should make SSL connections more secure.
This commit is contained in:
Daniel Stenberg 2003-03-11 18:55:34 +00:00
parent 9f723061cb
commit 8755a6d1ac
1 changed files with 19 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
lib/ssluse.c
View File

@ -144,7 +144,8 @@ int random_the_seed(struct SessionHandle *data)
{ {
/* If there's an option and a define, the option overrides the /* If there's an option and a define, the option overrides the
define */ define */
int ret = RAND_egd(data->set.ssl.egdsocket?data->set.ssl.egdsocket:EGD_SOCKET); int ret = RAND_egd(data->set.ssl.egdsocket?
data->set.ssl.egdsocket:EGD_SOCKET);
if(-1 != ret) { if(-1 != ret) {
nread += ret; nread += ret;
if(seed_enough(nread)) if(seed_enough(nread))
@ -162,14 +163,24 @@ int random_the_seed(struct SessionHandle *data)
#else #else
{ {
int len; int len;
char *area = Curl_FormBoundary(); char *area;
if(!area)
return 3; /* out of memory */
len = strlen(area);
RAND_seed(area, len);
free(area); /* now remove the random junk */ /* Changed call to RAND_seed to use the underlying RAND_add implementation
* directly. Do this in a loop, with the amount of additional entropy
* being dependent upon the algorithm used by Curl_FormBoundary(): N bytes
* of a 7-bit ascii set. -- Richard Gorton, March 11 2003.
*/
do {
area = Curl_FormBoundary();
if(!area)
return 3; /* out of memory */
len = strlen(area);
RAND_add(area, len, (len >> 1));
free(area); /* now remove the random junk */
} while (!RAND_status());
} }
#endif #endif