Hello all,
Attached is a patch that adds OpenSSL RAND_egd support to
Net_SSLeay.pm-1.05.
With this patch, Net_SSLeay built with OpenSSL 0.9.6
passes 'make test' on a system without /dev/urandom:
SunOS 5.6 Generic_105181-06 sun4u sparc SUNW,Ultra-2.
(However, it hasn't been tested in production.)
It works with either of the entropy gathering daemons
recommended by the OpenSSL developers: Brian Warner's
egd-0.8 or Lutz Jaenicke's prngd-0.2.5.
The patch was also set to Net_SSLeay author Sampo Kellomaki.
--------------------------
Ed Kubaitis ([EMAIL PROTECTED])
CCSO - University of Illinois - Urbana-Champaign
*** ../Net_SSLeay.pm-1.05/SSLeay.pm Sat Jul 31 02:27:00 1999
--- ./SSLeay.pm Fri Dec 1 06:54:49 2000
***************
*** 665,670 ****
--- 665,671 ----
Net::SSLeay::RAND_cleanup();
Net::SSLeay::RAND_load_file($file_name, $how_many_bytes);
Net::SSLeay::RAND_write_file($file_name);
+ Net::SSLeay::RAND_egd($path);
Actually you should consider using the following helper functions:
***************
*** 1150,1165 ****
### Arrange some randomness for eay PRNG
sub randomize {
! my ($rn_seed_file, $seed) = @_;
RAND_seed(rand() + $$); # Stir it with time and pid
! unless (-r $rn_seed_file || -r $Net::SSLeay::random_device || $seed) {
warn "Random number generator not seeded!!!\n" if $trace;
}
RAND_load_file($rn_seed_file, -s _) if -r $rn_seed_file;
RAND_seed($seed) if $seed;
RAND_load_file($Net::SSLeay::random_device, $Net::SSLeay::how_random/8)
if -r $Net::SSLeay::random_device;
}
--- 1151,1171 ----
### Arrange some randomness for eay PRNG
sub randomize {
! my ($rn_seed_file, $seed, $egd_path) = @_;
+ $egd_path = $ENV{'EGD_PATH'} if $ENV{'EGD_PATH'};
+ $egd_path = '/tmp/entropy' unless $egd_path;
+
RAND_seed(rand() + $$); # Stir it with time and pid
! unless (-r $rn_seed_file || -r $Net::SSLeay::random_device || $seed
! || -S $egd_path ) {
warn "Random number generator not seeded!!!\n" if $trace;
}
RAND_load_file($rn_seed_file, -s _) if -r $rn_seed_file;
RAND_seed($seed) if $seed;
+ RAND_egd($egd_path) if -S $egd_path;
RAND_load_file($Net::SSLeay::random_device, $Net::SSLeay::how_random/8)
if -r $Net::SSLeay::random_device;
}
*** ../Net_SSLeay.pm-1.05/SSLeay.xs Sat Jul 31 02:46:27 1999
--- ./SSLeay.xs Thu Nov 30 08:39:44 2000
***************
*** 2155,2160 ****
--- 2155,2164 ----
RAND_write_file(file_name)
char * file_name
+ int
+ RAND_egd(path)
+ char * path
+
#define REM40 "Minimal X509 stuff..., this is a bit ugly and should be put in its
own modules Net::SSLeay::X509.pm"
X509_NAME*
*** ../Net_SSLeay.pm-1.05/examples/bulk.pl Mon Jan 4 19:13:32 1999
--- ./examples/bulk.pl Thu Nov 30 09:58:28 2000
***************
*** 8,13 ****
--- 8,14 ----
Net::SSLeay::load_error_strings();
Net::SSLeay::ERR_load_crypto_strings();
Net::SSLeay::SSLeay_add_ssl_algorithms();
+ Net::SSLeay::randomize();
($dest_serv, $port, $how_much) = @ARGV; # Read command line
$port = getservbyname ($port, 'tcp') unless $port =~ /^\d+$/;
*** ../Net_SSLeay.pm-1.05/examples/callback.pl Sat Jul 31 02:49:09 1999
--- ./examples/callback.pl Thu Nov 30 09:55:16 2000
***************
*** 12,17 ****
--- 12,18 ----
Net::SSLeay::load_error_strings();
Net::SSLeay::ERR_load_crypto_strings();
Net::SSLeay::SSLeay_add_ssl_algorithms();
+ Net::SSLeay::randomize();
($dest_serv, $port, $cert_dir) = @ARGV; # Read command line
*** ../Net_SSLeay.pm-1.05/examples/stdio_bulk.pl Mon Jan 4 19:13:33 1999
--- ./examples/stdio_bulk.pl Thu Nov 30 10:00:48 2000
***************
*** 8,13 ****
--- 8,14 ----
use Net::SSLeay qw(die_now die_if_ssl_error);
Net::SSLeay::load_error_strings();
Net::SSLeay::SSLeay_add_ssl_algorithms();
+ Net::SSLeay::randomize();
#$Net::SSLeay::trace = 2;
($cert_pem, $key_pem, $how_much) = @ARGV; # Read command line
