Hello all, Attached is a patch that adds OpenSSL RAND_egd support to Net_SSLeay.pm-1.05. With this patch, Net_SSLeay built with OpenSSL 0.9.6 passes 'make test' on a system without /dev/urandom: SunOS 5.6 Generic_105181-06 sun4u sparc SUNW,Ultra-2. (However, it hasn't been tested in production.) It works with either of the entropy gathering daemons recommended by the OpenSSL developers: Brian Warner's egd-0.8 or Lutz Jaenicke's prngd-0.2.5. The patch was also set to Net_SSLeay author Sampo Kellomaki. -------------------------- Ed Kubaitis ([EMAIL PROTECTED]) CCSO - University of Illinois - Urbana-Champaign
*** ../Net_SSLeay.pm-1.05/SSLeay.pm Sat Jul 31 02:27:00 1999 --- ./SSLeay.pm Fri Dec 1 06:54:49 2000 *************** *** 665,670 **** --- 665,671 ---- Net::SSLeay::RAND_cleanup(); Net::SSLeay::RAND_load_file($file_name, $how_many_bytes); Net::SSLeay::RAND_write_file($file_name); + Net::SSLeay::RAND_egd($path); Actually you should consider using the following helper functions: *************** *** 1150,1165 **** ### Arrange some randomness for eay PRNG sub randomize { ! my ($rn_seed_file, $seed) = @_; RAND_seed(rand() + $$); # Stir it with time and pid ! unless (-r $rn_seed_file || -r $Net::SSLeay::random_device || $seed) { warn "Random number generator not seeded!!!\n" if $trace; } RAND_load_file($rn_seed_file, -s _) if -r $rn_seed_file; RAND_seed($seed) if $seed; RAND_load_file($Net::SSLeay::random_device, $Net::SSLeay::how_random/8) if -r $Net::SSLeay::random_device; } --- 1151,1171 ---- ### Arrange some randomness for eay PRNG sub randomize { ! my ($rn_seed_file, $seed, $egd_path) = @_; + $egd_path = $ENV{'EGD_PATH'} if $ENV{'EGD_PATH'}; + $egd_path = '/tmp/entropy' unless $egd_path; + RAND_seed(rand() + $$); # Stir it with time and pid ! unless (-r $rn_seed_file || -r $Net::SSLeay::random_device || $seed ! || -S $egd_path ) { warn "Random number generator not seeded!!!\n" if $trace; } RAND_load_file($rn_seed_file, -s _) if -r $rn_seed_file; RAND_seed($seed) if $seed; + RAND_egd($egd_path) if -S $egd_path; RAND_load_file($Net::SSLeay::random_device, $Net::SSLeay::how_random/8) if -r $Net::SSLeay::random_device; } *** ../Net_SSLeay.pm-1.05/SSLeay.xs Sat Jul 31 02:46:27 1999 --- ./SSLeay.xs Thu Nov 30 08:39:44 2000 *************** *** 2155,2160 **** --- 2155,2164 ---- RAND_write_file(file_name) char * file_name + int + RAND_egd(path) + char * path + #define REM40 "Minimal X509 stuff..., this is a bit ugly and should be put in its own modules Net::SSLeay::X509.pm" X509_NAME* *** ../Net_SSLeay.pm-1.05/examples/bulk.pl Mon Jan 4 19:13:32 1999 --- ./examples/bulk.pl Thu Nov 30 09:58:28 2000 *************** *** 8,13 **** --- 8,14 ---- Net::SSLeay::load_error_strings(); Net::SSLeay::ERR_load_crypto_strings(); Net::SSLeay::SSLeay_add_ssl_algorithms(); + Net::SSLeay::randomize(); ($dest_serv, $port, $how_much) = @ARGV; # Read command line $port = getservbyname ($port, 'tcp') unless $port =~ /^\d+$/; *** ../Net_SSLeay.pm-1.05/examples/callback.pl Sat Jul 31 02:49:09 1999 --- ./examples/callback.pl Thu Nov 30 09:55:16 2000 *************** *** 12,17 **** --- 12,18 ---- Net::SSLeay::load_error_strings(); Net::SSLeay::ERR_load_crypto_strings(); Net::SSLeay::SSLeay_add_ssl_algorithms(); + Net::SSLeay::randomize(); ($dest_serv, $port, $cert_dir) = @ARGV; # Read command line *** ../Net_SSLeay.pm-1.05/examples/stdio_bulk.pl Mon Jan 4 19:13:33 1999 --- ./examples/stdio_bulk.pl Thu Nov 30 10:00:48 2000 *************** *** 8,13 **** --- 8,14 ---- use Net::SSLeay qw(die_now die_if_ssl_error); Net::SSLeay::load_error_strings(); Net::SSLeay::SSLeay_add_ssl_algorithms(); + Net::SSLeay::randomize(); #$Net::SSLeay::trace = 2; ($cert_pem, $key_pem, $how_much) = @ARGV; # Read command line