From fbbc137e481f092be7bdc3fedb505f5c2d89eba0 Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Mon, 14 Apr 2014 17:45:38 +0000 Subject: So the OpenSSL codebase does "get the time, add it as a random seed" in a bunch of places inside the TLS engine, to try to keep entropy high. I wonder if their moto is "If you can't solve a problem, at least try to do it badly". ok miod --- src/lib/libssl/s3_srvr.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'src/lib/libssl/s3_srvr.c') diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index eeadb160d1..14066031ca 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c @@ -210,12 +210,11 @@ int ssl3_accept(SSL *s) { BUF_MEM *buf; - unsigned long alg_k, Time = (unsigned long)time(NULL); + unsigned long alg_k; void (*cb)(const SSL *ssl, int type, int val) = NULL; int ret = -1; int new_state, state, skip = 0; - RAND_add(&Time, sizeof(Time), 0); ERR_clear_error(); errno = 0; -- cgit v1.2.3-55-g6feb