Hi Fred, I was just starting to wonder what might be behind all this when you hit the nail on the head.
On Mon, 15 Jul 2002, Frederic DONNAT wrote: > I change a function call and it works fine now. I do not know if this is > the real way to solve my problem but this provide a solution. > > In file pkg.modssl/ssl_engine_int.c: > move "ssl_init_Engine(s, p);" function call before > "ssl_init_SSLLibrary();" function call instead of after. > > In fact if you want to use ENGINE default functionnalities you muste set > ENGINE before everything. That is not *a* solution, it is *the* solution. ssl_init_SSLLibrary() must be seeding the PRNG, and thus initialising the set-on-first-use pointer in openssl to a default RAND_METHOD. Do you want to post a patch to the list? I suggest "diff -u", I suggest a subject starting with "[PATCH]", and I suggest you CC Ralf. Otherwise, things have a way of slipping through the net. (Resists temptation to harp on about the simple but important session caching bug, read "potential security problem", that Ralf still hasn't incorporated despite me repeatedly harping on about it ...) Cheers, Geoff ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
