Hello,
i've not digged through the whole openssl source yet - but it seems to me that
the recent Debian
Issue with the ssleay_rand_add method here
http://svn.debian.org/viewsvn/pkg-openssl/openssl/trunk/rand/md_rand.c?rev=141&view=diff&r1=141&r2=140&p1=openssl/trunk/rand/md_rand.c&p2=/openssl/trunk/rand/md_rand.c
does not affect the command line tool when called with
openssl req -config $MY_CONFIG -noout -x509 -newkey rsa:$MY_KEY_LENGTH
(in contrast to openssl genrsa)
where in $CONFIG *no* RANDFILE is defined.
AFAIK the method in question is never called from the request command line
utility. And by default
- the /root/.rnd or $HOME/.rnd file is always used if no RANDFILE is given.
Anyone can answer this?
Thanks
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
