Hi,
I think there is a wrong error handling in the initialisation of the random
number generator on windows. When the system function CryptoGenRandom
returns random data, the time spent walking the heap, processes, threads and
modules to get random information is limited to 1 sec. And when
CryptoGenRandom does not return any data, the full heap, processes, ... walk
should be done. But due to a bug it seems that the walk is even shorter and
only takes the first heap, the first process, ....
When CryptoGenRandom fails, the stoptime which limits the time spent is set
to zero, and zero is always lower then now and so the time limit is
immediately enforced, when I have not overseen something.
I think this patch should be enough to fix this:
--- rand_win.c 19 Feb 2008 10:25:14 -0000
+++ rand_win.c 19 Feb 2008 10:30:02 -0000
@@ -463,7 +463,7 @@
PROCESSENTRY32 p;
THREADENTRY32 t;
MODULEENTRY32 m;
- DWORD stoptime = 0;
+ DWORD stoptime = ~0;
snap = (CREATETOOLHELP32SNAPSHOT)
GetProcAddress(kernel, TEXT("CreateToolhelp32Snapshot"));
Regards,
Bernhard
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
