Dmitry Belyavsky <beldmit@xxxxxxxxx> wrote in news:CADqLbz+JCTu_yQiW9w-fyO0O56MquA2NRi6HELR6pggxQdHHWA@xxxxxxxxxxxxxx: > On Wed, Oct 30, 2019 at 6:39 PM Frederick Gotham > <cauldwell.thomas@xxxxxxxxx> wrote: > >> Dmitry Belyavsky <beldmit@xxxxxxxxx> >> wrote: >> >> >> You still have the OpenSSL built-in RNG. >> >> >> >> Is there a simple compiler flag to remove this? >> >> Or do I need to go into the source code and stick a "return -1;" >> somewhere? >> >> No. Openssl will not work if you do not provide a valid RAND_METHOD >> except > a very minimal set of operations. > So I have to go into the source code and do the following? int RAND_bytes(unsigned char *buf, int num) { memset(buf,0,num); return 1; } I can either make this function fail (e.g. call 'abort'), or I can always make it return 0. What do you think?
