>> So what do you want to do if you run out of entropy?


> Fail with an error condition stating that, rather than
> the indeterminate hang in read() that was experienced.


I believe you need to compile with EGD support then. This will get you the
behavior you want. EGD provides no way to tell whether there's entropy or
not, so if you fall back to it, and it has no entropy, you will be in
trouble.

There really is no way to fix this in OpenSSL. If you make it really not
block, it will never succeed. It is meaningless to query a daemon without
blocking -- at some point you must wait for the daemon to reply.

DS


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org