Date: Fri, 17 Mar 2000 10:31:42 -0500 (EST)
From: Christopher Stacy <cstacy@spacy.Boston.MA.US>
Subject: Re: prng not seeded - stunnel 3.8 and openssl 0.9.5  
 


Here's what I submitted that got me working:
 
51a52
> #include <openssl/rand.h>
151a153,156
> 
>   char* rndfile;
>   int n;
> 
168c173,181
<         rsa_tmp=RSA_generate_key(KEYLENGTH, RSA_F4, NULL, NULL);
---
>       rndfile = malloc(2048); 
>       if (!rndfile) {
>         log(LOG_ERR, "Fatal memory allocation error");
>         exit(2);
>       }
>       RAND_file_name(rndfile, 2048);
>       n = RAND_load_file(rndfile, -1);
>       log(LOG_NOTICE, "Loaded %d bytes from RANDOM file %s", n, rndfile);
>       rsa_tmp=RSA_generate_key(KEYLENGTH, RSA_F4, NULL, NULL);
170c183
<         if(!rsa_tmp) {
---
>       if(!rsa_tmp) {
229a243
>       log(LOG_NOTICE, "CLIENT_CA = %s", CLIENT_CA);
235,239c249,253
<         }
<         SSL_CTX_set_verify(ctx, options.verify_level, verify_callback);
<         SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CLIENT_CA));
<         if (options.verify_use_only_my)
<             log(LOG_NOTICE, "Peer certificate location %s", options.clientdir);
---
>       }
>       SSL_CTX_set_verify(ctx, options.verify_level, verify_callback);
>       SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CLIENT_CA));
>       if (options.verify_use_only_my)
>       log(LOG_NOTICE, "Peer certificate location %s", options.clientdir);