Critical EGD handling in 2.1.1p1
Lutz Jaenicke
Lutz.Jaenicke at aet.TU-Cottbus.DE
Tue Jun 27 18:16:04 EST 2000
On Mon, Jun 26, 2000 at 01:58:32PM +1000, Damien Miller wrote:
> On Mon, 26 Jun 2000, Damien Miller wrote:
>
> >
> > Attached is a diff against 2.1.1p1 which reworks the EGD handling
> > code a bit.
>
> In the grand tradition of replying to one's own post - here is a
> better (i.e not broken) patch.
>
> The previous patch didn't handle error conditions correctly - it
> would erroneously increase the entropy estimate in OpenSSL's pool by
> RAND_add()ing an non-populated buffer.
Thanks,
this increased the reliability of openssh (with EGD support) quite
a bit :-)
Best regards,
Lutz
--
Lutz Jaenicke Lutz.Jaenicke at aet.TU-Cottbus.DE
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
More information about the openssh-unix-dev
mailing list