[Date Prev][Date Next]
RE: TLS_RANDFILE not recognized in ldap.conf/.ldaprc (ITS#733)
> Anyways, would be nice if the library could be configured to
> attepmt RAND_egd().
Just need to make sure that the config file is read before
ldap_pvt_tls_init() is called.
tls_seed_PRNG(const char *randfile) <-- called by ldap_pvt_tls_init()
if (randfile == NULL) <----- config file not read, egd never
/* The seed file is $RANDFILE if defined, otherwise
* If $HOME is not set or buffer too small to hold the
* an error occurs. - From RAND_file_name() man page.
* The fact is that when $HOME is NULL, .rnd is used.
randfile = RAND_file_name(buffer, sizeof( buffer ));
else if (RAND_egd(randfile) > 0) <---- config file read, RAND_egd()
/* EGD socket */
egdsocket = 1;
if (randfile == NULL)
Debug( LDAP_DEBUG_ANY, "TLS: Use $RANDFILE to define seed
RAND_load_file(randfile, -1); <-------- RAND_egd() failed, load
if (RAND_status() == 0)
/* PRNG has not been seeded with enough data */
"TLS: could not seed PRNG using %s.\n",
seeded = 1;