> David Schwartz wrote:

> > Try launching your test program automatically on boot up at the
> > saem time
> > you launch ssh or whatever application is failing. I bet
> > '/dev/urandom' will
> > fail then.

> The program had no problems running with simultaneous
> od -x /dev/random, that was blocking because it sucked
> all the entropy available, running in another shell...

That doesn't matter. The problem I'm talking about occurs only when the
entropy pool was never seeded. You can't suck all the entropy available from
/dev/urandom. (Because once an entropy pool is seeded, it can produce an
unlimited amount of cryptographically-secure random numbers.)

> cat /proc/sys/kernel/random/entropy_avail gives 17 etc...

That doesn't matter. The /dev/urandom interface only provides
cryptographically-secure random numbers. Once it's seeded, it can produce an
unlimited amount of such numbers.

I am saying that /dev/urandom may block or fail if the implementation cannot
provide cryprographically-secure random numbers. This will only be the case
if the pool was never seeded.

> Regards
> --
> Stano

Your trace looks like a real bug though. It looks like it got as much seed
material as it asked for and still thought it didn't.


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org