From: Doug MacEachern Date: Wed, 13 Mar 2002 04:38:35 +0000 (+0000) Subject: only call: ssl_rand_seed(s, p, SSL_RSCTX_STARTUP, "Init: "); X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e38d2b0d9131a1a9d330f2bb767e187f3f31dcc7;p=apache only call: ssl_rand_seed(s, p, SSL_RSCTX_STARTUP, "Init: "); once at startup. if there is value in calling it more than once at startup, it should be done explicitly rather than hidden in ssl_tmp_keys_init(). switch to ptemp pool when calling ssl_rand_seed() at startup. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93893 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index 6db4aada5a..8a8ab0acd3 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -178,11 +178,8 @@ static void ssl_tmp_key_init_dh(server_rec *s, #define MODSSL_TMP_KEY_INIT_DH(s, bits) \ ssl_tmp_key_init_dh(s, bits, SSL_TMP_KEY_DH_##bits) -static void ssl_tmp_keys_init(server_rec *s, apr_pool_t *p) +static void ssl_tmp_keys_init(server_rec *s) { - /* seed PRNG */ - ssl_rand_seed(s, p, SSL_RSCTX_STARTUP, "Init: "); - ssl_log(s, SSL_LOG_INFO, "Init: Generating temporary RSA private keys (512/1024 bits)"); @@ -264,8 +261,16 @@ int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, ssl_util_thread_setup(base_server, p); #endif + /* + * Seed the Pseudo Random Number Generator (PRNG) + * only need ptemp here; nothing inside allocated from the pool + * needs to live once we return from ssl_rand_seed(). + */ + ssl_rand_seed(base_server, ptemp, SSL_RSCTX_STARTUP, "Init: "); + ssl_pphrase_Handle(base_server, p); - ssl_tmp_keys_init(base_server, p); + + ssl_tmp_keys_init(base_server); /* * SSL external crypto device ("engine") support @@ -297,11 +302,6 @@ int ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, */ ssl_scache_init(base_server, p); - /* - * Seed the Pseudo Random Number Generator (PRNG) - */ - ssl_rand_seed(base_server, p, SSL_RSCTX_STARTUP, "Init: "); - /* * initialize servers */