cURL / Mailing Lists / curl-library / Single Mail

curl-library

SSL RAND entropy init takes 30-60 depending on implementation

From: listman <listman_at_ekstrom.org>
Date: Tue, 08 Jun 2004 17:01:31 -0600

I've looked and found that entropy init occurs on the first successfull
SSL connection.

RAND_screen takes about 60 seconds on a P4 2.4 ghz
RAND_add & RAND_status takes about 30 seconds on the same machine.
Which is a long time to wait on the first SSL connection.

I would like an additional exported function that would allow early
init of the SSL entropy data ( ie before a libcurl handle is opened ).
I'm willing to submit a patch if there is interest.

What are people's opinion of using
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/security/security/cryptgenrandom.asp
on the windows plaform instead of RAND_screen?

openssl docs state that RAND_screen should not be used on a
non-interactive machine such as a windows server.
Received on 2004-06-09

This message: [ Message body ]
Next message: Olano, Ever: "Re: HTTPS and Multi-threading"
Previous message: Daniel Stenberg: "Re: multihomed connections"
Next in thread: Daniel Stenberg: "Re: SSL RAND entropy init takes 30-60 depending on implementation"
Reply: Daniel Stenberg: "Re: SSL RAND entropy init takes 30-60 depending on implementation"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]