From: damien <damien>
Date: Sun, 5 Mar 2000 05:10:45 +0000 (+0000)
Subject:  - Explicitly seed OpenSSL's PRNG before checking rsa_alive()
X-Git-Tag: V_1_2_2_P1~4
X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/commitdiff_plain/54096dccf20f64fca587539528a26ee8dec1f4a3

 - Explicitly seed OpenSSL's PRNG before checking rsa_alive()
---

diff --git a/ChangeLog b/ChangeLog
index 2379ec7a..e5511c91 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,6 @@
 20000305
  - Fix DEC compile fix
+ - Explicitly seed OpenSSL's PRNG before checking rsa_alive()
 
 20000303
  - Added "make host-key" target, Suggestion from Dominik Brettnacher
diff --git a/configure.in b/configure.in
index e5bdc445..c93811c7 100644
--- a/configure.in
+++ b/configure.in
@@ -160,7 +160,9 @@ for ssldir in "" $tryssldir /usr /usr/local/openssl /usr/lib/openssl /usr/local/
 			#include <openssl/bn.h>
 			#include <openssl/sha.h>
 			int main(void) 
-			{RSA *key;key=RSA_generate_key(32,3,NULL,NULL);return(key==NULL);}
+			{RSA *key; char seed[2048];memset(seed, 0, sizeof(seed));
+			RAND_seed(seed, sizeof(seed));key=RSA_generate_key(32,3,NULL,NULL);
+			return(key==NULL);}
 		],
 		[
 			AC_DEFINE(HAVE_OPENSSL)
@@ -174,7 +176,9 @@ for ssldir in "" $tryssldir /usr /usr/local/openssl /usr/lib/openssl /usr/local/
 			#include <ssl/bn.h>
 			#include <ssl/sha.h>
 			int main(void) 
-			{RSA *key;key=RSA_generate_key(32,3,NULL,NULL);return(key==NULL);}
+			{RSA *key; char seed[2048];memset(seed, 0, sizeof(seed));
+			RAND_seed(seed, sizeof(seed));key=RSA_generate_key(32,3,NULL,NULL);
+			return(key==NULL);}
 		],
 		[
 			AC_DEFINE(HAVE_SSL)
diff --git a/rsa.c b/rsa.c
index 90eced3c..2456b27e 100644
--- a/rsa.c
+++ b/rsa.c
@@ -49,6 +49,7 @@ rsa_alive()
 {
 	RSA *key;
 
+	seed_rng();
 	key = RSA_generate_key(32, 3, NULL, NULL);
 	if (key == NULL)
 		return (0);
@@ -77,7 +78,7 @@ keygen_progress(int p, int n, void *arg)
 void
 seed_rng()
 {
-	char buf[32];
+	char buf[64];
 
 	get_random_bytes(buf, sizeof(buf));
 	RAND_seed(buf, sizeof(buf));