"Frederic DONNAT" <[EMAIL PROTECTED]> writes: > A few month ago i submit a patch for redirecting RAND on crypto accelerator for >mod-ssl and apache-1.3.x. > > A few weeks ago, i see a cvs commit about this on mod-ssl mailing list. > But i see that apache-2.0.x have not been updated.
maintainers of mod_ssl for Apache 1.3 apparently have to time for Apache 2.0 mod_ssl > I post a message for this in mod-ssl dev mailing list, but maybe should i post it >somewhere else! yes, if you have a concern about Apache 2.0 mod_ssl please post here, but note that more skills are on mod-ssl dev mailing list > So, in fact the patch is for ssl_engine_init.c file in directory ./modules/ssl. > Just modify functions calls: > - ssl_engine_init () > - ssl_init_SSLlibrary () > > "ssl_engine_init()" (line 300) should be call earlier, before than >"ssl_init_SSLlibrary()" (line 270). > > In fact you have to initialyze OpenSSL ENGINE before initialzing the library, due to >fact that OpenSSL default function pointer must be set to ENGINE function pointer >before library initialisation otherwise you can not modify default settings. > > Geoff Thorpe comment: > "ssl_init_SSLLibrary() must be seeding the PRNG, and thus initialising the >set-on-first-use pointer in openssl to a default RAND_METHOD." > > Cliff Woolley comment: > Well, I can't do anything about 1.3's mod_ssl, but if somebody can verify > for me that the following fixes Apache 2.0's mod_ssl, I'll commit it. apparently nobody verified for Cliff that it fixed the problem with Apache 2.0 can you verify it? can you post a patch with the change? Thanks, -- Jeff Trawick | [EMAIL PROTECTED] Born in Roswell... married an alien...
