Hi, This is not a joke. Please clean up ssleay_rand_bytes:
- do not mix the PID into the internal entropy pool, and - do not mix bits of the given output buffer into the internal entropy pool. This will help detecting weaknesses in the rng itself as well as in software that depends on this rng. It will further help writing test cases to improve the quality of client software. Note that the second improvement may totally break already broken client software. So please do note this in the changelog. Regards R. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
