Overview
Comment: | * tls.c (Tls_Init): add do/while for random number initialization to work around some OSes quirks. ([email protected]) |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
dfc33d3b843a1deedb974dcc8131c2d1 |
User & Date: | hobbs on 2001-03-14 22:04:35 |
Other Links: | manifest | tags |
Context
2001-06-21
| ||
20:45 | tests/tclIO.test: updated to use new names for certs/keys. check-in: c44ceb8da1 user: hobbs tags: trunk | |
2001-03-14
| ||
22:04 | * tls.c (Tls_Init): add do/while for random number initialization to work around some OSes quirks. ([email protected]) check-in: dfc33d3b84 user: hobbs tags: trunk | |
2000-09-07
| ||
21:16 | * tlsIO.c (Tls_ChannelType): set typeName field of channel type to "tls" (this got lost in move to dynamic version compatability checking). check-in: 44b2bc9c7a user: hobbs tags: trunk | |
Changes
Modified ChangeLog
from [782bd8abaa]
to [9d7c1d4605].
1 2 3 4 5 6 7 | 2000-09-07 Jeff Hobbs <[email protected]> * tlsIO.c (Tls_ChannelType): set typeName field of channel type to "tls" (this got lost in move to dynamic version compatability checking). 2000-08-23 Jeff Hobbs <[email protected]> | > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 | 2001-03-14 Jeff Hobbs <[email protected]> * tls.c (Tls_Init): add do/while for random number initialization to work around some OSes quirks. ([email protected]) 2000-09-07 Jeff Hobbs <[email protected]> * tlsIO.c (Tls_ChannelType): set typeName field of channel type to "tls" (this got lost in move to dynamic version compatability checking). 2000-08-23 Jeff Hobbs <[email protected]> |
︙ | ︙ |
Modified tls.c
from [860e712dac]
to [7a7ec2f3d3].
1 2 3 4 | /* * Copyright (C) 1997-1999 Matt Newman <[email protected]> * Copyright (C) 2000 Ajuba Solutions * | | | 1 2 3 4 5 6 7 8 9 10 11 12 | /* * Copyright (C) 1997-1999 Matt Newman <[email protected]> * Copyright (C) 2000 Ajuba Solutions * * $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tls.c,v 1.13 2001/03/14 22:04:35 hobbs Exp $ * * TLS (aka SSL) Channel - can be layered on any bi-directional * Tcl_Channel (Note: Requires Trf Core Patch) * * This was built (almost) from scratch based upon observation of * OpenSSL 0.9.2B * |
︙ | ︙ | |||
1177 1178 1179 1180 1181 1182 1183 | Tcl_AppendResult(interp, "could not initialize SSL library", NULL); return TCL_ERROR; } SSL_load_error_strings(); ERR_load_crypto_strings(); /* | | > > > > > > > > | | | | > | 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 | Tcl_AppendResult(interp, "could not initialize SSL library", NULL); return TCL_ERROR; } SSL_load_error_strings(); ERR_load_crypto_strings(); /* * Seed the random number generator in the SSL library, * using the do/while construct because of the bug note in the * OpenSSL FAQ at http://www.openssl.org/support/faq.html#USER1 * * The crux of the problem is that Solaris 7 does not have a * /dev/random or /dev/urandom device so it cannot gather enough * entropy from the RAND_seed() when TLS initializes and refuses * to go further. Earlier versions of OpenSSL carried on regardless. */ srand((unsigned int) time((time_t *) NULL)); do { for (i = 0; i < 16; i++) { rnd_seed[i] = 1 + (char) (255.0 * rand()/(RAND_MAX+1.0)); } RAND_seed(rnd_seed, sizeof(rnd_seed)); } while (RAND_status() != 1); Tcl_CreateObjCommand(interp, "tls::ciphers", CiphersObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); Tcl_CreateObjCommand(interp, "tls::handshake", HandshakeObjCmd, (ClientData) 0, (Tcl_CmdDeleteProc *) NULL); |
︙ | ︙ |