On Fri, Mar 03, 2000 at 11:15:57AM -0600, Hon-Yin Kok wrote:
> The FAQ refer that some broken application is broken and do not call the
> RAND_add() or RAND_seed() function. What application is this refering
> to? Are we talking about the webserver or the openssl app is broken?
It's referring to some third-party programs that don't seed the PRNG
at all. With the openssl app, you can always create a seed file
(.rnd) and use that, exactly as you should already have done with the
previous versions of SSLeay and OpenSSL.
The commands that have the -rand option to specify random files allow
you to specify your EGD socket in exactly the same way. They will also
write the PRNG state to the seed file.
I suppose s_client should have the -rand option as well (in other
words, while it's not broken, it is not user friendly either).
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
