- the non-CryptGenRandom() code on Windows is just crazy. Do we even support Windows versions before XP?
Some of that code really needs to go away, specifically the heap walk code. It is extremely unsafe, and crashes ~66% of the time when running under the Visual Studio debugger. There's nothing OpenSSL can do about the crashes, because they occur deep in ntdll code.
It used to be possible to avoid calling RAND_poll on windows, via RAND_screen etc (at least that's what Mr Google thinks). But RAND_screen now *calls* RAND_poll. And ssleay_get_rand_bytes has a weird static local variable that guarantees calling RAND_poll at least once even if you preseed the RNG via RAND_add.
I removed the heap walk and all the other insane kernel loading code from my local tree, and just do the CryptGenRandom and the mixins at the end (pid, etc). I'd strongly suggest doing something similar in the future.
cheers, Joey _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
