On Aug 21, 2007, at 11:26 AM, Markus Schönhaber wrote:
Rainer Jung wrote:
There's an addition in tcnative 1.1.10:
http://svn.apache.org/viewvc/tomcat/connectors/trunk/jni/native/
src/ssl.c?view=diff&rev=524725&r1=524724&r2=524725
=====================================================================
=========
--- tomcat/connectors/trunk/jni/native/src/ssl.c (original)
+++ tomcat/connectors/trunk/jni/native/src/ssl.c Sun Apr 1
22:22:42 2007
@@ -259,7 +259,7 @@
file = ssl_global_rand_file;
if (file == NULL)
- file = RAND_file_name(buffer, sizeof(buffer));
+ return -1;
else if ((n = RAND_egd(file)) > 0) {
return n;
}
Didn't check, but that might be the difference, concerning respecting
RANDFILE?
I'm not familiar enough with the tcnative or OpenSSL code to
understand
the change above just by looking at this snippet. But from Mladen's
comment it seems to me that this would *introduce* respect for
RANDFILE.
Am I wrong?
Well, the comment doesn't seem to match what the code is doing :)
I'm guessing that the problem the patch was trying to solve was
due to the /dev/random issue itself, so bypassing that
seemed a valid solution...
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
