diff options
| author | Brad Smith <brad@cvs.openbsd.org> | 2014-02-04 01:54:10 +0000 |
|---|---|---|
| committer | Brad Smith <brad@cvs.openbsd.org> | 2014-02-04 01:54:10 +0000 |
| commit | 7d7ea2a8d639ff6e8c4599db29d1dd7539ee4823 (patch) | |
| tree | a0262ed20610b92a565c88c24001be565e520368 /usr.sbin/nsd/remote.c | |
| parent | af908ec97f18b43bcc18f6c1b57a56d1ab63b7e6 (diff) | |
update to NSD 4.0.1, ok sthen@
Diffstat (limited to 'usr.sbin/nsd/remote.c')
| -rw-r--r-- | usr.sbin/nsd/remote.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/usr.sbin/nsd/remote.c b/usr.sbin/nsd/remote.c index d4858d2202a..2eb9abd86bb 100644 --- a/usr.sbin/nsd/remote.c +++ b/usr.sbin/nsd/remote.c @@ -51,6 +51,9 @@ #ifdef HAVE_OPENSSL_ERR_H #include <openssl/err.h> #endif +#ifdef HAVE_OPENSSL_RAND_H +#include <openssl/rand.h> +#endif #include <ctype.h> #include <unistd.h> #include <assert.h> @@ -234,6 +237,20 @@ daemon_remote_create(nsd_options_t* cfg) OpenSSL_add_all_algorithms(); (void)SSL_library_init(); + if(!RAND_status()) { + /* try to seed it */ + unsigned char buf[256]; + unsigned int v, seed=(unsigned)time(NULL) ^ (unsigned)getpid(); + size_t i; + v = seed; + for(i=0; i<256/sizeof(v); i++) { + memmove(buf+i*sizeof(v), &v, sizeof(v)); + v = v*seed + (unsigned int)i; + } + RAND_seed(buf, 256); + log_msg(LOG_WARNING, "warning: no entropy, seeding openssl PRNG with time"); + } + rc->ctx = SSL_CTX_new(SSLv23_server_method()); if(!rc->ctx) { log_crypto_err("could not SSL_CTX_new"); |