[dovecot-cvs] dovecot/src/login-common ssl-proxy-openssl.c, 1.21,
1.22
cras at procontrol.fi
cras at procontrol.fi
Mon May 10 23:05:33 EEST 2004
Update of /home/cvs/dovecot/src/login-common
In directory talvi:/tmp/cvs-serv13837
Modified Files:
ssl-proxy-openssl.c
Log Message:
Don't require initializing RAND_bytes() to return cryptographically strong
data.
Index: ssl-proxy-openssl.c
===================================================================
RCS file: /home/cvs/dovecot/src/login-common/ssl-proxy-openssl.c,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -d -r1.21 -r1.22
--- ssl-proxy-openssl.c 10 May 2004 02:15:16 -0000 1.21
+++ ssl-proxy-openssl.c 10 May 2004 20:05:30 -0000 1.22
@@ -460,9 +460,10 @@
}
/* PRNG initialization might want to use /dev/urandom, make sure it
- does it before chrooting. */
- if (RAND_bytes(&buf, 1) != 1)
- i_fatal("RAND_bytes() failed: %s\n", ssl_last_error());
+ does it before chrooting. We might not have enough entropy at
+ the first try, so this function may fail. It's still been
+ initialized though. */
+ (void)RAND_bytes(&buf, 1);
ssl_proxies = hash_create(default_pool, default_pool, 0, NULL, NULL);
ssl_initialized = TRUE;
More information about the dovecot-cvs
mailing list