diff options
| author | deraadt <> | 2014-04-14 17:45:38 +0000 |
|---|---|---|
| committer | deraadt <> | 2014-04-14 17:45:38 +0000 |
| commit | 67dc984dfef68b4f0fe3ddcf4b7e2481dd2c62b9 (patch) | |
| tree | 9a82fc040475abf4e516b4c99e34037b7ef267da /src/lib/libssl/s3_srvr.c | |
| parent | 20ca94a4292674751b6713ef6106d34384cef84c (diff) | |
| download | openbsd-67dc984dfef68b4f0fe3ddcf4b7e2481dd2c62b9.tar.gz openbsd-67dc984dfef68b4f0fe3ddcf4b7e2481dd2c62b9.tar.bz2 openbsd-67dc984dfef68b4f0fe3ddcf4b7e2481dd2c62b9.zip | |
So the OpenSSL codebase does "get the time, add it as a random seed"
in a bunch of places inside the TLS engine, to try to keep entropy high.
I wonder if their moto is "If you can't solve a problem, at least try
to do it badly".
ok miod
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index eeadb160d1..14066031ca 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -210,12 +210,11 @@ int | |||
| 210 | ssl3_accept(SSL *s) | 210 | ssl3_accept(SSL *s) |
| 211 | { | 211 | { |
| 212 | BUF_MEM *buf; | 212 | BUF_MEM *buf; |
| 213 | unsigned long alg_k, Time = (unsigned long)time(NULL); | 213 | unsigned long alg_k; |
| 214 | void (*cb)(const SSL *ssl, int type, int val) = NULL; | 214 | void (*cb)(const SSL *ssl, int type, int val) = NULL; |
| 215 | int ret = -1; | 215 | int ret = -1; |
| 216 | int new_state, state, skip = 0; | 216 | int new_state, state, skip = 0; |
| 217 | 217 | ||
| 218 | RAND_add(&Time, sizeof(Time), 0); | ||
| 219 | ERR_clear_error(); | 218 | ERR_clear_error(); |
| 220 | errno = 0; | 219 | errno = 0; |
| 221 | 220 | ||