cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL random initialization

From: Daniel Stenberg <daniel-curl_at_haxx.se>
Date: Tue, 26 Oct 2004 15:47:32 +0200 (CEST)

On Tue, 26 Oct 2004, Joerg Mueller-Tolk wrote:

> error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded
>
> I found the OpenSSL docu (http://www.openssl.org/support/faq.html#USER1)
> saying that the random number generator needs certain initialization (at
> least 128 bit, ...). I browsed the curl sources and found the code in
> 'ssluse.c', that seems to do the initialization of the random number
> generator used by OpenSSL.
>
> Has anyone an idea why this error is only very rarely reported?

Because most often the seed gets enough randomize!

I don't know what on platform or in what particular surrounding your product
is here, but it might just be that the seeding code isn't good enough for this
user's case.

> On those machines where it is reported the error happens any time I try to
> do a HTTPS-Post. What can I do to prevent the error?

Consider providing your own random source (file) with CURLOPT_RANDOM_FILE.

-- 
      Daniel Stenberg -- http://curl.haxx.se -- http://daniel.haxx.se
       Dedicated custom curl help for hire: http://haxx.se/curl.html

Received on 2004-10-26

This message: [ Message body ]
Next message: Joerg Mueller-Tolk: "Re: SSL random initialization"
Previous message: Joerg Mueller-Tolk: "SSL random initialization"
In reply to: Joerg Mueller-Tolk: "SSL random initialization"
Next in thread: Joerg Mueller-Tolk: "Re: SSL random initialization"
Reply: Joerg Mueller-Tolk: "Re: SSL random initialization"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]