return;
#endif
- /* Still not enough randomness, presumably because neither random
- file nor EGD have been available. Use the stupidest possible
- method -- seed OpenSSL's PRNG with the system's PRNG. This is
- insecure in the cryptographic sense, but people who care about
- security will use /dev/random or their own source of randomness
- anyway. */
+ /* Still not enough randomness, most likely because neither
+ /dev/random nor EGD were available. Resort to a simple and
+ stupid method -- seed OpenSSL's PRNG with libc PRNG. This is
+ cryptographically weak, but people who care about strong
+ cryptography should install /dev/random (default on Linux) or
+ specify their own source of randomness anyway. */
+
+ logprintf (LOG_VERBOSE, _("Warning: using a weak random seed.\n"));
while (RAND_status () == 0 && maxrand-- > 0)
{
return 1;
if (SSL_pending (ssl))
return 1;
-#ifdef HAVE_SELECT
return select_fd (fd, timeout, wait_for);
-#else
- return 1;
-#endif
}
static void
/* Register FD with Wget's transport layer, i.e. arrange that
SSL-enabled functions are used for reading, writing, and polling.
- That way the rest of Wget can keep using xread, xwrite, and
- friends and not care what happens underneath. */
- register_transport (fd, ssl_read, ssl_write, ssl_poll, ssl_close, ssl);
+ That way the rest of Wget can use fd_read, fd_write, and friends
+ and not care what happens underneath. */
+ fd_register_transport (fd, ssl_read, ssl_write, ssl_poll, ssl_close, ssl);
DEBUGP (("Connected %d to SSL 0x%0lx\n", fd, (unsigned long) ssl));
return ssl;