The calls you suggest already are in the rand_win.c file.
i.e. we would be double dipping if we added another set of calls.
Basically, the problem is that with out Workstation Services
running on a WinNT 4.0 box, we lose out on entropy. Which,
when it comes time to check for ok we end up with 28 and are
looking for at least 32. Which doesn't fail but later on we
can not set up the pipe.
The other issue is that there is a large block of code that
was targeted for WinNT that is #if 0 compiled out due to a
potential hang.
So, the question becomes. Why is the big chunk of code #if 0
out, and should it be put back in or modified for WinNT?
As a side note, I did compile that chunk back in and it ran
with out an issue on my test systemL Windows NT 4.00.1381
(which is includes SP6)
Thanks Again,
Ray
> Umm, so what's the problem exactly? Did this fail to get
> entropy from the system?
>
> > -----Original Message-----
> > From: Ray Casterline
> > Sent: Friday, October 10, 2008 9:37 AM
> > To: 'openssl-users@openssl.org'
> > Subject: RE: RE: Issue getting enough entropy on Windows NT
> 4.0 system
> >
> >
> > Thanks for the suggestionb but the RAND_poll function already pulls
> > from the system right after the big #if 0 block as
> described below in
> > the stetup for the calls.....
> >
> > if (advapi)
> > {
> > /*
> > * If it's available, then it's available
> in both ANSI
> > * and UNICODE flavors even in Win9x, documentation
> > says.
> > * We favor Unicode...
> > */
> > acquire = (CRYPTACQUIRECONTEXTW)
> > GetProcAddress(advapi,
> > "CryptAcquireContextW");
> > gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
> > "CryptGenRandom");
> > release = (CRYPTRELEASECONTEXT)
> GetProcAddress(advapi,
> > "CryptReleaseContext");
> > }
> >
> > So, still looking for other suggestions.
> >
> > I also tried finding an EGD for Win NT 4.0 and the only one that
> > looked promising was EGADS which is no longer available.
> >
> > Thanks Again for any suggestions,
> > Ray
> >
> >
> > > Hello,
> > > Why not grab some entropy from the system entropy provider?
> > >
> > > #include <wincrypt.h>
> > > bool GetSysEntropy(void *ptr, int len) { char namebuf[512];
> > > HCRYPTPROV handle; DWORD count=500;
> > >
> > > if(!CryptGetDefaultProvider(PROV_RSA_FULL, NULL,
> > CRYPT_MACHINE_DEFAULT,
> > > namebuf, &count)) return false;
> > >
> > > if(!CryptAcquireContext(&handle, NULL, namebuf, PROV_RSA_FULL,
> > > CRYPT_VERIFYCONTEXT|CRYPT_SILENT)) return false;
> > >
> > > if(!CrytpGenRandom(handle, len (BYTE *) ptr)) {
> > > CryptReleaseContext(handle, 0);
> > > return false;
> > > }
> > >
> > > CryptReleaseContext(handle, 0);
> > > return true;
> > > }
> > >
> > > DS
> > >
> > > >
> > > > The Windows NT 4.0 system has the workstation service stopped.
> > > >
> > > > This causes the following snippet from rand_win.c to return 0
> > > >
> > > > if (netstatget(NULL, L"LanmanWorkstation", 0, 0,
> > > > &outbuf) == 0)
> > > > {
> > > > RAND_add(outbuf,
> > sizeof(STAT_WORKSTATION_0), 45);
> > > > netfree(outbuf);
> > > > }
> > > >
> > > > Add to this a large section of calls are #if 0 out due to
> > a reported
> > > > problem by Wolfgang Marczy and there isn't many places
> > this function
> > > > gets entropy from.
> > > >
> > > > Any suggestions?
> >
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
