On Fri, Feb 18, 2000 at 10:35:33AM +1100, Damien Miller wrote:
The Linux/Unix port of OpenSSH will be switching over to a Unix port of
Schneier and Kelsey's Yarrow PRNG in the not too distant future. It might
make a good PRNG for OpenSSL too.
The OpenSSL PRNG fulfills its purpose perfectly
Lutz Jaenicke [EMAIL PROTECTED]:
1. When loading CAfile data, SSL_CTX_load_verify_locations() returns 0,
even if certificates are available (and did work with 0.9.4).
There are no errors on the error stack to be printed, so I would have
to trace through the code to find the reason.
On Thu, Feb 17, 2000 at 10:17:03PM +0100, Bodo Moeller wrote:
Where does this return value 0 come from -- i.e., what happens in
X509_STORE_load_locations (in crypto/x509/x509_d2.c)? Does
X509_load_cert_crl_file (in crypto/x509/by_file.c; this is what
X509_LOOKUP_load_file is based on) return
On Wed, 16 Feb 2000, Lutz Jaenicke wrote:
2. As of the latest snapshot, OpenSSL became picky of seeding the PRNG.
I have EGD available, as it was recommended for OpenSSH; the sample code
for querying it being quite simple.
The Linux/Unix port of OpenSSH will be switching over to a Unix
On Wed, Feb 16, 2000 at 05:36:05PM +0100, Lutz Jaenicke wrote:
2. As of the latest snapshot, OpenSSL became picky of seeding the PRNG.
I have EGD available, as it was recommended for OpenSSH; the sample code
for querying it being quite simple.
a. Could you thing of including EGD