Steffen Nurpmeso wrote in <20190107183136.-eW61%steffen@xxxxxxxxxx>: ... | ... ||RAND_bytes() has always documented that it can fail. Most function ... |So, to me.., i do not see any possible error condition, since the |initial seeding has been testified with RAND_status(). | |This is different now, and i will change the implementation as |soon as possible. (This week.) So i did, we disable the OpenSSL reseeding by directly calling RAND_DRBG_set_reseed_defaults() after calling OPENSSL_init_ssl(), which i hope will always be possible. Be warned that i gave credit to both of you. I have seen DRBG offers a lot of possibilities to control what OpenSSL does, also regarding the fork handlers and all that. Thanks for these possibilities, it is a terribly huge interface, but it allows users to have control on what happens, instead of sitting on an intransparent black box! Getting something going on such a thing causes grief, as it is hacky and otherwise troublesome! --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt) -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
