#include <assert.h>
#include <errno.h>
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif
#include <openssl/bio.h>
#include <openssl/crypto.h>
{
char rand_file[256];
time_t t;
- pid_t pid;
long l,seed;
t = time(NULL);
- pid = getpid();
+ /* gets random data from egd if opt.sslegdsock was set */
+ if (opt.sslegdsock != NULL)
+ RAND_egd(opt.sslegdsock);
+ /* gets the file ~/.rnd or $RANDFILE if set */
RAND_file_name(rand_file, 256);
if (rand_file != NULL)
{
}
/* Seed in time (mod_ssl does this) */
RAND_seed((unsigned char *)&t, sizeof(time_t));
- /* Seed in pid (mod_ssl does this) */
- RAND_seed((unsigned char *)&pid, sizeof(pid_t));
/* Initialize system's random number generator */
RAND_bytes((unsigned char *)&seed, sizeof(long));
+#ifndef WINDOWS
srand48(seed);
while (RAND_status () == 0)
{
l = lrand48();
RAND_seed((unsigned char *)&l, sizeof(long));
}
+#else /* WINDOWS */
+ RAND_screen();
+ if (RAND_status() == 0)
+ /* Here we should probably disable the whole ssl protocol ? HEH */
+ DEBUGP (("SSL random data generator not seeded correctly, %i",RAND_status()));
+#endif /* WINDOWS */
if (rand_file != NULL)
{
/* Write a rand_file */