cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Flag to bail out if not enough entropy?

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Tue, 27 Sep 2016 17:18:46 +0200 (CEST)

On Tue, 27 Sep 2016, Florian Weimer wrote:

>> I'm not sure this particular loop is as stupid as the comment implies.
>> RAND_bytes() is supposed to give crypto safe random and according to
>> https://wiki.openssl.org/index.php/Random_Numbers the function will even
>> init the random generator itself if it wasn't done before.
>
> RAND_bytes can fail for various reasons, including if the generator could
> not be seeded. Details depend on the engine backend OpenSSL uses.

Ah right, so the loop should check the return codes properly and be able to
return a failure back to its parent if they fail?

Any chance (anyone of) you have a patch to suggest for this?

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:  https://curl.haxx.se/mail/etiquette.html
Received on 2016-09-27