Improve initialisation of OpenSSL PRNG.

Basic idea taken from Tor.
author: Linus Nordberg <linus@nordberg.se> 2013-12-18 20:37:44 +0100
committer: Linus Nordberg <linus@nordberg.se> 2013-12-20 19:00:12 +0100
commit: 11570f6201548b957b70e8b93e954538f01d09c7 (patch)
tree: c2ee2c80df6862842292f11878ab184b3464b9d4 /lib/radsecproxy
parent: da72e14ca91c1bdbee8bec0fcdd28054517cd200 (diff)
2 files changed, 0 insertions, 16 deletions
diff --git a/lib/radsecproxy/tlscommon.c b/lib/radsecproxy/tlscommon.c
index 002788d..e7b53bf 100644
--- a/lib/radsecproxy/tlscommon.c
+++ b/lib/radsecproxy/tlscommon.c
@@ -39,21 +39,6 @@
 
 static struct hash *tlsconfs = NULL;
 
-void ssl_init(void) {
-    time_t t;
-    pid_t pid;
-
-    SSL_load_error_strings();
-    SSL_library_init();
-
-    while (!RAND_status()) {
-	t = time(NULL);
-	pid = getpid();
-	RAND_seed((unsigned char *)&t, sizeof(time_t));
-	RAND_seed((unsigned char *)&pid, sizeof(pid));
-    }
-}
-
 static int pem_passwd_cb(char *buf, int size, int rwflag, void *userdata) {
     int pwdlen = strlen(userdata);
     if (rwflag != 0 || pwdlen > size) /* not for decryption or too large */
diff --git a/lib/radsecproxy/tlscommon.h b/lib/radsecproxy/tlscommon.h
index da2092e..ddfba2d 100644
--- a/lib/radsecproxy/tlscommon.h
+++ b/lib/radsecproxy/tlscommon.h
@@ -26,7 +26,6 @@ struct tls {
 };
 
 #if defined(RADPROT_TLS) || defined(RADPROT_DTLS)
-void ssl_init();
 struct tls *tlsgettls(char *alt1, char *alt2);
 SSL_CTX *tlsgetctx(uint8_t type, struct tls *t);
 X509 *verifytlscert(SSL *ssl);
author	Linus Nordberg <linus@nordberg.se>	2013-12-18 20:37:44 +0100
committer	Linus Nordberg <linus@nordberg.se>	2013-12-20 19:00:12 +0100
commit	11570f6201548b957b70e8b93e954538f01d09c7 (patch)
tree	c2ee2c80df6862842292f11878ab184b3464b9d4 /lib/radsecproxy
parent	da72e14ca91c1bdbee8bec0fcdd28054517cd200 (diff)