RE: random state, openssl.cnf and RAND_edg("/var/run/egd-pool")

[John Hughes]

> 1. in apps/app_rand.c:181 the openssl application tries to read from file
>    'n' regardless whether RAND_egd(n) already succeeded.

Aha.

--- app_rand.c.orig     Tue Mar 14 00:54:04 2000
+++ app_rand.c  Fri Feb  2 16:06:32 2001
@@ -177,8 +177,10 @@
                if (*n == '\0') break;
 
                egd=RAND_egd(n);
-               if (egd > 0) tot+=egd;
-               tot+=RAND_load_file(n,-1);
+               if (egd > 0) 
+                       tot+=egd;
+               else
+                       tot+=RAND_load_file(n,-1);
                if (last) break;
                }
        if (tot > 512)

And now:

$ openssl rand  -out ~/.rnd -rand /u/local/var/entropy 1024
255 semi-random bytes loaded

> I think this is insane, probably it is related to look like a 
> FIFO, where open() makes sense.

Yup, totaly insane.

-- 
John Hughes <[EMAIL PROTECTED]>, 
        CalvaEDI SA.                            Tel: +33-1-4313-3131
        66 rue du Moulin de la Pointe,          Fax: +33-1-4313-3139
        75013 PARIS.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]