Hello,
I have a question about seeding OpenSSL's PRNG with an executable, using the
SSLRandomSeed directive. I must admit that I am trying this on NT. If anyone
has any experience with my problems, or a suggestion on how to correct them,
please let me know.
I wrote an app to access a hardware RNG, then print the bytes to stdout. I
was under the impression that the number of bytes specified in the
SSLRandomSeed directive would be passed on the command line and be
accessible by argv[1]. Apparently this is not true. Does this require Unix
signals to provide the ability to control the number of bytes to be read?
I've included a clip from my httpd.conf file:
SSLRandomSeed startup builtin
SSLRandomSeed startup exec:c:/Progra~1/Apache/bin/intelrng.exe 1024
SSLRandomSeed connect builtin
SSLRandomSeed connect exec:c:/Progra~1/Apache/bin/intelrng.exe 1024
Additionally, my application does not seem to be executed in the connection
context. I know this is stated as not practical in the docs, but I'm just
doing some testing. The application IS executed in the startup context,
though.
It's probable that these problems are a result of doing this on NT. If
anyone does has any comments, though, I'd appreciate hearing them.
Thank you,
Garrin Kimmell
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
