[Pkg-openssl-devel] Bug#922732: Bug#922732: openssl: ~/.rnd (RANDFILE) ignored

Thorsten Glaser tg at mirbsd.de
Tue Apr 14 22:54:27 BST 2020


Sebastian Andrzej Siewior dixit:

>On 2019-02-19 23:10:40 [+0000], Thorsten Glaser wrote:
>> When I do “openssl rand 4 | hd”, the file ~/.rnd is ignored
>> (judging from its tiestamp and md5sum, it’s not rewritten,
>> and probably not read either) despite me adding the line
>> 
>> 	RANDFILE		= $ENV::HOME/.rnd
>> 
>> to openssl.cnf as described in config(5).
>
>So what do we do here? The file, that is specified as RANDFILE here, was
>used more often in earlier releases. Currently it is seeded via
>getrandom() and the file is hardly used. Therefore it is mostly ignored.
>
>Can this be closed or do you expect something else?

I’d expect the content of the file to be mixed in at startup
and updated from the OpenSSL-internal pool, like in earlier
versions.

bye,
//mirabilos
-- 
Stéphane, I actually don’t block Googlemail, they’re just too utterly
stupid to successfully deliver to me (or anyone else using Greylisting
and not whitelisting their ranges). Same for a few other providers such
as Hotmail. Some spammers (Yahoo) I do block.



More information about the Pkg-openssl-devel mailing list