By checking for this explicetly, the errors will happen in the
start-up phase of the daemon and not only when executing remote
procedure calls (SSLEAY_RAND_BYTES, “PRNG not seeded”).
---
lib/http/__init__.py | 13 +++++++++++++
lib/rpc.py | 2 ++
2 files changed, 15 insertions(+), 0 deletions(-)
diff --git a/lib/http/__init__.py b/lib/http/__init__.py
index c98fa58..a1f5e86 100644
--- a/lib/http/__init__.py
+++ b/lib/http/__init__.py
@@ -545,6 +545,19 @@ def Handshake(sock, write_timeout):
raise HttpError("Error in SSL handshake: %s" % err)
+def InitSsl():
+ """Initializes the SSL infrastructure.
+
+ This function is idempotent.
+
+ """
+ if not OpenSSL.rand.status():
+ raise EnvironmentError("OpenSSL could not collect enough entropy"
+ " for the PRNG")
+
+ # TODO: Maybe add some additional seeding for OpenSSL's PRNG
+
+
class HttpSslParams(object):
"""Data class for SSL key and certificate.
diff --git a/lib/rpc.py b/lib/rpc.py
index edcb9d7..f354a41 100644
--- a/lib/rpc.py
+++ b/lib/rpc.py
@@ -59,6 +59,8 @@ def Init():
assert not _http_manager, "RPC module initialized more than once"
+ http.InitSsl()
+
_http_manager = http.client.HttpClientManager()
--
1.6.4.3
