Thanks Joe
Noel O'Kelly
-----Original Message-----
From: Joe Orton [mailto:[EMAIL PROTECTED]]
Sent: 10 May 2002 22:29
To: Noel O'Kelly
Cc: [EMAIL PROTECTED]
Subject: Re: prng seeding in mod_ssl 2.8.6
On Fri, May 10, 2002 at 05:51:04PM +0100, Noel O'Kelly wrote:
> We have a report of a problem from 2.8.6 onwards due to a change in the
> seeding of the PRNG which halves the
> performance of SSL requests. Any update on this ???
Hi, here's the fix we're using...
Submitted by: Nalin Dahyabhai <[EMAIL PROTECTED]>
--- mod_ssl/pkg.sslmod/ssl_engine_rand.c
+++ mod_ssl/pkg.sslmod/ssl_engine_rand.c
@@ -156,6 +156,9 @@
*/
if (ap_scoreboard_image != NULL && SCOREBOARD_SIZE > 16) {
m = ((SCOREBOARD_SIZE / 2) - 1);
+ if (m > 1024) {
+ m = 1024;
+ }
n = ssl_rand_choosenum(0, m);
RAND_seed(((unsigned char *)ap_scoreboard_image)+n, m);
nDone += m;
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Accelerated Encryption Processing Ltd.
Bray Business Park,
Southern Cross Route ,
Bray, Co Wicklow,
Ireland
********************************************************************
This email and any files transmitted with it are confidential
and intended solely for the use of the individual or entity to
whom they are addressed. If you have received this email
in error please notify the postmaster at the address below.
[EMAIL PROTECTED]
This footnote also confirms that this email message has been
checked the presence of computer viruses.
**********************************************************************
