I have built OpenSSL 0.9.7e on Solaris 10 (sparc). When the "openssl" command is run it fails with a error which states that it was unable to get sufficient entropy, even though Solaris has /dev/[u]random.
So I built OpenSSL on Solaris 9 and found that the "openssl" command runs OK. I then ran the "openssl" command under "truss" on both Solaris 9 and 10, and found that on Solaris 10 the open() of the randomfile in rand_unix.c was failing with EINVAL. On Solaris 10, the open() call is made with an additional O_NOFOLLOW option which is not present in Solaris 9 (I don't think that Solaris 9 has this option defined). In rand_unix.c there is an #ifdef which tests to see if O_NOFOLLOW is defined and if it is then this option is added to the open() call. On Solaris 9 and 10 /dev/urandom and /dev/random actually exist legitimately as symbolic links like so: /dev/random -> ../devices/pseudo/[EMAIL PROTECTED]:random /dev/urandom -> ../devices/pseudo/[EMAIL PROTECTED]:urandom So on Solaris 10, the open() fails because it has been told not to follow these links. (On Solaris 9 it suceeds because there is no O_NOFOLLOW option.) I have worked around this by removing the O_NOFOLLOW option from rand_unix.c but it needs to be fixed either by allowing /dev/[u]random to be a sybolic link, or by allowing this only on Solaris platforms. __________________________________ Do you Yahoo!? Make Yahoo! your home page http://www.yahoo.com/r/hs ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]