On Tue, 27 Sep 2016, Florian Weimer wrote:
I'm not sure this particular loop is as stupid as the comment implies.
RAND_bytes() is supposed to give crypto safe random and according to
https://wiki.openssl.org/index.php/Random_Numbers the function will even
init the random generator itself if it wasn't done before.
RAND_bytes can fail for various reasons, including if the generator could
not be seeded. Details depend on the engine backend OpenSSL uses.
Ah right, so the loop should check the return codes properly and be able to
return a failure back to its parent if they fail?
Any chance (anyone of) you have a patch to suggest for this?
--
/ daniel.haxx.se
-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html