curl-library
Re: lack of /dev/random on Solaris 6 and 8
Date: Tue, 4 May 2004 09:19:34 +0200 (CEST)
On Mon, 3 May 2004, Jerry G. Chiuan wrote:
> As we know, Solaris 6 and 8 don't carry /dev/random used by OpenSSL to
> generate random numbers my question is: how does curl support SSL on Solaris
> 6 and 8? what are the alternatives used by Curl? are they really random
> enough? are they secure?
First, I won't make any claims or warranties that curl is "secure". You need
to judge that for yourself.
The lack of a proper /dev/random is of course badness but libcurl offers
multiple different approaches to get a seed that is random enough:
o You can build libcurl with RANDOM_FILE defined to point to a file/device
to use to get random data from.
o You can specify CURLOPT_RANDOM_FILE to a file to get random data from.
o You can build libcurl with EGD_SOCKET defined to make it connect to an EGD
daemon to get random data from.
Or, as Seshubabu Pasam posted, you can provide a /dev/random device for your
system.
-- Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se Dedicated custom curl help for hire: http://haxx.se/curl.htmlReceived on 2004-05-04