diff options
| author |   deraadt <deraadt@openbsd.org> | 2014-04-14 17:45:37 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2014-04-14 17:45:37 +0000 |
| commit | 6ffbfe61cec496c5dfb7db0eb862432a0e1242a1 (patch) | |
| tree | b574bddfabe951e42f642ab1f3ad4ef2f2122be6 /lib/libssl/src/ssl/s3_clnt.c | |
| parent | "the randomization in this entire codebase is a grand experiment in stupid" (diff) | |
| download | wireguard-openbsd-6ffbfe61cec496c5dfb7db0eb862432a0e1242a1.tar.xz wireguard-openbsd-6ffbfe61cec496c5dfb7db0eb862432a0e1242a1.zip | |
So the OpenSSL codebase does "get the time, add it as a random seed"
in a bunch of places inside the TLS engine, to try to keep entropy high.
I wonder if their moto is "If you can't solve a problem, at least try
to do it badly".
ok miod
Diffstat (limited to 'lib/libssl/src/ssl/s3_clnt.c')
| -rw-r--r-- | lib/libssl/src/ssl/s3_clnt.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/lib/libssl/src/ssl/s3_clnt.c b/lib/libssl/src/ssl/s3_clnt.c index b9ca6b6f9b0..4ad8d3943ef 100644 --- a/lib/libssl/src/ssl/s3_clnt.c +++ b/lib/libssl/src/ssl/s3_clnt.c @@ -186,12 +186,10 @@ int ssl3_connect(SSL *s) { BUF_MEM *buf = NULL; - unsigned long Time = (unsigned long)time(NULL); void (*cb)(const SSL *ssl, int type, int val) = NULL; int ret = -1; int new_state, state, skip = 0; - RAND_add(&Time, sizeof(Time), 0); ERR_clear_error(); errno = 0; |