On Fri, 4 Feb 2005, Dan Fandrich wrote:

> A patch last month changed the size parameter given to RAND_load_file
> from 16384 to -1, which means to load the whole file. On my machine,
> configure determines that the file to load is /dev/urandom, which is
> infinitely long. Reverting that part of the patch fixes the problem:

Sorry guys. My reflex against magic numbers bit us all. Any chance of
adding a comment that explains why 16384 is the right number to use? We
just learned the hard way that we need some number, but how much info do
we need? 16384 bytes of pseudo random info is an awful lot for 256 bit
keys. One example I have uses 1024. Can someone more SSL savvy add
some insight here?

At least some comment explaining it has nothing to do with the buffer
size we're using would help.

-DB
Received on 2005-03-04