cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: weak randomness with some TLS backends

From: Marc Hoersken <info_at_marc-hoersken.de>
Date: Sun, 15 Jun 2014 00:12:16 +0200

On 14.06.2014 23:56, Marc Hoersken wrote:
> An alternative to loading Advapi32.dll dymically using LoadLibrary could
> be to statically link with Advapi32.lib which takes care of it.
> This could also be an approach for other areas in libcurl which do
> currently use LoadLibrary, for example:
> lib/curl_sspi.c: s_hSecDll = LoadLibrary(TEXT("security.dll"));
> lib/curl_sspi.c: s_hSecDll = LoadLibrary(TEXT("secur32.dll"));
> lib/telnet.c: wsock2 = LoadLibrary(TEXT("WS2_32.DLL"));
>
> Besides the CryptoAPI CryptGenRandom function [1], ...

Fun fact: we already depend on the CryptoAPI for _WIN32 *if* no other
crypto backend is available to provide md5 since the introduction of my
patch on the 11th September 2012 [1].

[1]
https://github.com/bagder/curl/commit/4d384a87142dccb13b8198147b5db15a4aaa9906
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-06-15

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: Test 584 failures on FreeBSD after 5b2342d3772"
Previous message: Daniel Stenberg: "Re: [Survey] What people want us to do next"
In reply to: Marc Hoersken: "Re: weak randomness with some TLS backends"
Next in thread: Chris Ghormley: "Re: weak randomness with some TLS backends"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]