LGTM
On Nov 24, 3:55 pm, Michael Hanselmann <[email protected]> wrote: > By checking for this explicetly, the errors will happen in the > start-up phase of the daemon and not only when executing remote > procedure calls (SSLEAY_RAND_BYTES, “PRNG not seeded”). > --- > lib/http/__init__.py | 13 +++++++++++++ > lib/rpc.py | 2 ++ > 2 files changed, 15 insertions(+), 0 deletions(-) > > diff --git a/lib/http/__init__.py b/lib/http/__init__.py > index c98fa58..a1f5e86 100644 > --- a/lib/http/__init__.py > +++ b/lib/http/__init__.py > @@ -545,6 +545,19 @@ def Handshake(sock, write_timeout): > raise HttpError("Error in SSL handshake: %s" % err) > > +def InitSsl(): > + """Initializes the SSL infrastructure. > + > + This function is idempotent. > + > + """ > + if not OpenSSL.rand.status(): > + raise EnvironmentError("OpenSSL could not collect enough entropy" > + " for the PRNG") > + > + # TODO: Maybe add some additional seeding for OpenSSL's PRNG > + > + > class HttpSslParams(object): > """Data class for SSL key and certificate. > > diff --git a/lib/rpc.py b/lib/rpc.py > index edcb9d7..f354a41 100644 > --- a/lib/rpc.py > +++ b/lib/rpc.py > @@ -59,6 +59,8 @@ def Init(): > > assert not _http_manager, "RPC module initialized more than once" > > + http.InitSsl() > + > _http_manager = http.client.HttpClientManager() > > -- > 1.6.4.3
