cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Flag to bail out if not enough entropy?

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Mon, 10 Oct 2016 23:30:47 +0200 (CEST)

On Tue, 27 Sep 2016, Török Edwin wrote:

> With 'OpenSSL 1.0.2h-fips 3 May 2016' and 'chmod 0660 /dev/urandom; chmod
> 0660 /dev/random;' curl loops infinitely in that function. This might be
> dependant on the OpenSSL version, but apparently RAND_bytes consumes more
> entropy than RAND_add adds back, so its not as bad as I initially thought.
> Still I'd prefer an error message to an infinite loop :)

Do you have any suggested patch to fix this?

-- 
  / daniel.haxx.se

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-10-16