#include <openssl/rand.h>
#include "wget.h"
+#include "utils.h"
#include "connect.h"
#include "url.h"
security will use /dev/random or their own source of randomness
anyway. */
- srand (time (NULL));
while (RAND_status () == 0 && maxrand-- > 0)
{
- int rnd = rand ();
- RAND_seed ((unsigned char *)&rnd, sizeof (rnd));
+ unsigned char rnd = random_number (256);
+ RAND_seed (&rnd, sizeof (rnd));
}
if (RAND_status () == 0)
meth = SSLv23_client_method ();
*ctx = SSL_CTX_new (meth);
SSL_CTX_set_verify (*ctx, verify, verify_callback);
- if (*ctx == NULL) return SSLERRCTXCREATE;
+ if (*ctx == NULL)
+ return SSLERRCTXCREATE;
if (opt.sslcertfile)
{
if (SSL_CTX_use_certificate_file (*ctx, opt.sslcertfile,
do
{
#ifdef HAVE_SELECT
- if (opt.timeout)
+ if (opt.timeout && !SSL_pending (con))
{
-
do
{
res = select_fd (fd, opt.timeout, 0);