diff options
| author | deraadt <> | 2014-04-14 17:45:38 +0000 |
|---|---|---|
| committer | deraadt <> | 2014-04-14 17:45:38 +0000 |
| commit | fbbc137e481f092be7bdc3fedb505f5c2d89eba0 (patch) | |
| tree | 9a82fc040475abf4e516b4c99e34037b7ef267da /src/lib/libssl/d1_clnt.c | |
| parent | 64b5c0c827fdf0a319303f85f2a6cecdf997f204 (diff) | |
| download | openbsd-fbbc137e481f092be7bdc3fedb505f5c2d89eba0.tar.gz openbsd-fbbc137e481f092be7bdc3fedb505f5c2d89eba0.tar.bz2 openbsd-fbbc137e481f092be7bdc3fedb505f5c2d89eba0.zip | |
So the OpenSSL codebase does "get the time, add it as a random seed"
in a bunch of places inside the TLS engine, to try to keep entropy high.
I wonder if their moto is "If you can't solve a problem, at least try
to do it badly".
ok miod
Diffstat (limited to 'src/lib/libssl/d1_clnt.c')
| -rw-r--r-- | src/lib/libssl/d1_clnt.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index 15c4bca58c..4c6aac7536 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c | |||
| @@ -147,7 +147,6 @@ int | |||
| 147 | dtls1_connect(SSL *s) | 147 | dtls1_connect(SSL *s) |
| 148 | { | 148 | { |
| 149 | BUF_MEM *buf = NULL; | 149 | BUF_MEM *buf = NULL; |
| 150 | unsigned long Time = (unsigned long)time(NULL); | ||
| 151 | void (*cb)(const SSL *ssl, int type, int val) = NULL; | 150 | void (*cb)(const SSL *ssl, int type, int val) = NULL; |
| 152 | int ret = -1; | 151 | int ret = -1; |
| 153 | int new_state, state, skip = 0; | 152 | int new_state, state, skip = 0; |
| @@ -156,7 +155,6 @@ dtls1_connect(SSL *s) | |||
| 156 | char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)]; | 155 | char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)]; |
| 157 | #endif | 156 | #endif |
| 158 | 157 | ||
| 159 | RAND_add(&Time, sizeof(Time), 0); | ||
| 160 | ERR_clear_error(); | 158 | ERR_clear_error(); |
| 161 | errno = 0; | 159 | errno = 0; |
| 162 | 160 | ||