Steven Reddie wrote: >Yes, that's right. The initialized flag is local to the module that it >is >in and is only set when calling RAND_status and I think one other >function >(maybe RAND_get_bytes). If you wish to modify the OpenSSL code >directly you >could get rid of the "if (!initialized)" test and rely only on the "if >(entropy_gatherered < ENTROPY_NEEDED)"statement that follows it.
The current behavior seems like a bug to me, and what you describe could be done as the expected behavior. Even the man page says: "RAND_status() and RAND_event() return 1 if the PRNG has been seeded with enough data, 0 otherwise." Should I go file a bug on that? -- Heikki Toivonen
signature.asc
Description: OpenPGP digital signature
