diff --git a/ChangeLog b/ChangeLog index 2379ec7ad..e5511c91a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,6 @@ 20000305 - Fix DEC compile fix + - Explicitly seed OpenSSL's PRNG before checking rsa_alive() 20000303 - Added "make host-key" target, Suggestion from Dominik Brettnacher diff --git a/configure.in b/configure.in index e5bdc445c..c93811c75 100644 --- a/configure.in +++ b/configure.in @@ -160,7 +160,9 @@ for ssldir in "" $tryssldir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ #include #include int main(void) - {RSA *key;key=RSA_generate_key(32,3,NULL,NULL);return(key==NULL);} + {RSA *key; char seed[2048];memset(seed, 0, sizeof(seed)); + RAND_seed(seed, sizeof(seed));key=RSA_generate_key(32,3,NULL,NULL); + return(key==NULL);} ], [ AC_DEFINE(HAVE_OPENSSL) @@ -174,7 +176,9 @@ for ssldir in "" $tryssldir /usr /usr/local/openssl /usr/lib/openssl /usr/local/ #include #include int main(void) - {RSA *key;key=RSA_generate_key(32,3,NULL,NULL);return(key==NULL);} + {RSA *key; char seed[2048];memset(seed, 0, sizeof(seed)); + RAND_seed(seed, sizeof(seed));key=RSA_generate_key(32,3,NULL,NULL); + return(key==NULL);} ], [ AC_DEFINE(HAVE_SSL) diff --git a/rsa.c b/rsa.c index 597d20fb8..1df8fbc95 100644 --- a/rsa.c +++ b/rsa.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$Id: rsa.c,v 1.7 2000/01/29 09:40:22 damien Exp $"); +RCSID("$Id: rsa.c,v 1.8 2000/03/05 05:10:46 damien Exp $"); #include "rsa.h" #include "ssh.h" @@ -49,6 +49,7 @@ rsa_alive() { RSA *key; + seed_rng(); key = RSA_generate_key(32, 3, NULL, NULL); if (key == NULL) return (0); @@ -77,7 +78,7 @@ keygen_progress(int p, int n, void *arg) void seed_rng() { - char buf[32]; + char buf[64]; get_random_bytes(buf, sizeof(buf)); RAND_seed(buf, sizeof(buf));