Markus Schönhaber wrote:
Rainer Jung wrote:
@@ -259,7 +259,7 @@
file = ssl_global_rand_file;
if (file == NULL)
- file = RAND_file_name(buffer, sizeof(buffer));
+ return -1;
else if ((n = RAND_egd(file)) > 0) {
return n;
}
Didn't check, but that might be the difference, concerning respecting
RANDFILE?
I'm not familiar enough with the tcnative or OpenSSL code to understand
the change above just by looking at this snippet. But from Mladen's
comment it seems to me that this would *introduce* respect for RANDFILE.
Am I wrong?
Regards
mks
Let's see: doesn't this *remove* the RAND_file_name() line? Man page of
RAND_file_name() says, that it returns a file for andomness and respects
variable RANDFILE. I neither know the code well, nor did I check now,
if there are other references to RANDFILE. Mladen's commit log entry "In
case we don't specify the global randFile use like mod_ssl does with
builtin. This fixes long init on some platforms." doesn't really
contradict this interpretation.
I simply thought it could be helpful to point out recent changes in
behaviour.
Regards,
Rainer
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
