[Patches] [ python-Patches-405101 ] Add Random Seeding to OpenSSL

[nobody]

Patches #405101, was updated on 2001-03-01 02:55
You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=305470&aid=405101&group_id=5470

Category: Modules
Group: None
Status: Open
Priority: 5
Submitted By: Moshe Zadka
Assigned to: A.M. Kuchling
Summary: Add Random Seeding to OpenSSL

Initial Comment:
On systems without /dev/urandom, OpenSSL does not
work unless explicitly seeded. This patch gives
an option to seed it either from EGD, or from the
C rng

----------------------------------------------------------------------

Comment By: Moshe Zadka
Date: 2001-03-01 02:58

Message:
Logged In: YES 
user_id=11645

Well, as usual, the attachment did not work.

Available as http://www.lerner.co.il/~moshez/ssl_seed

Also put here for reference purposes:
Index: Modules/socketmodule.c
===================================================================
RCS file:
/cvsroot/python/python/dist/src/Modules/socketmodule.c,v
retrieving revision 1.137
diff -c -r1.137 socketmodule.c
*** Modules/socketmodule.c      2001/02/07 20:41:17    
1.137
--- Modules/socketmodule.c      2001/03/01 10:38:45
***************
*** 176,181 ****
--- 176,182 ----
  #include "openssl/pem.h"
  #include "openssl/ssl.h"
  #include "openssl/err.h"
+ #include "openssl/rand.h"
  #endif /* USE_SSL */

  #if defined(MS_WINDOWS) || defined(__BEOS__)
***************
*** 2473,2478 ****
--- 2474,2503 ----
        if (PyDict_SetItemString(d, "SSLType",
                                 (PyObject *)&SSL_Type) !=
0)
                return;
+       if (RAND_status() == 0) {
+ #ifdef USE_EGD
+               char random_device[MAXPATHLEN+1];
+               if (!RAND_file_name (random_device,
MAXPATHLEN + 1)) {
+                       PyErr_SetObject(SSLErrorObject,
+                              
PyString_FromString("RAND_file_name error"));
+                       return;
+               }
+               if (RAND_egd (random_device) == -1) {
+                       PyErr_SetObject(SSLErrorObject,
+                                   
PyString_FromString("RAND_egd error"));
+                       return;
+               }
+ #else /* USE_EGD not defined */
+               char random_string[32];
+               int i;
+
+               srand(time(NULL));
+               for(i=0; i<sizeof(random_string); i++) {
+                       random_string[i] = rand();
+               }
+               RAND_seed(random_string,
sizeof(random_string));
+ #end+       }
  #endif /* USE_SSL */
        PyDict_SetItemString(d, "error", PySocket_Error);
        PySocketSock_Type.ob_type = &PyType_Type;
if /* USE_EGD */



----------------------------------------------------------------------

You can respond by visiting: 
http://sourceforge.net/tracker/?func=detail&atid=305470&aid=405101&group_id=5470