From 0dce2ff8a09065b2be2a3531f498006906c81db5 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 1 Aug 2009 11:09:02 +0000 Subject: - Tanguy Fautre pointed out that OpenSSL's function RAND_screen() (present only in some OpenSSL installs - like on Windows) isn't thread-safe and we agreed that moving it to the global_init() function is a decent way to deal with this situation. --- lib/ssluse.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/ssluse.c b/lib/ssluse.c index 2365d5283..ffc1fbd96 100644 --- a/lib/ssluse.c +++ b/lib/ssluse.c @@ -225,8 +225,7 @@ static int ossl_seed(struct SessionHandle *data) /* If we get here, it means we need to seed the PRNG using a "silly" approach! */ #ifdef HAVE_RAND_SCREEN - /* This one gets a random value by reading the currently shown screen */ - RAND_screen(); + /* if RAND_screen() is present, it was called during global init */ nread = 100; /* just a value */ #else { @@ -642,6 +641,13 @@ int Curl_ossl_init(void) OpenSSL_add_all_algorithms(); +#ifdef HAVE_RAND_SCREEN + /* This one gets a random value by reading the currently shown screen. + RAND_screen() is not thread-safe according to OpenSSL devs - although not + mentioned in documentation. */ + RAND_screen(); +#endif + return 1; } -- cgit v1.2.3