Displaying 20 results from an estimated 30 matches for "rand_status".
2000 Jun 19
1
configure problem on UnixWare 7.1.1
...openssl/rand.h: No such file or directory
configure: failed program was:
#line 2568 "configure"
#include "confdefs.h"
#include <string.h>
#include <openssl/rand.h>
int main(void)
{
char a[2048];
memset(a, 0, sizeof(a));
RAND_add(a, sizeof(a), sizeof(a));
return(RAND_status() <= 0);
}
configure:2582: gcc -o conftest -g -O2 -Wall -I/usr/local/include
-I/usr/local/openssl/include -L/usr/local/lib -L/usr/local/openssl/lib
-L/usr/local/openssl conftest.c -lsocket -lnsl -lz -lgen -lsocket -lcrypto
1>&5
configure:2571: openssl/rand.h: No such file or direct...
2023 Mar 19
1
openssl 9.3 and openssl 3.1
...-with-prngd-port or --with-prngd-socket options
I haven't done anything special in configuring openssl. If I have read
the configuration for openssl correctly, with will default to the 'os'
source, which I think then is getrandom(2).
I think the check in openssh for this is a call to RAND_status(), which
is apparently returning a failure.
I can't compile without openssl, because I need to allow RSA keys.
Any work arounds? Ideas follow.
Compile openssh with /dev/urandom as the prngd-socket?
Edit the configure script to force a success where RAND_status()
is called?
Call whatever op...
2023 Mar 19
1
openssl 9.3 and openssl 3.1
...ssl 3.1. I did find a post to linuxquestions in 2014 that
had the same or similar problem. That obviously wasn't openssl 3.1.
> I would be concerned about what else might be broken in it, possibly
> in some subtle way. I would be looking at fixing your OpenSSL.
Any idea how? I think RAND_status() would need to be changed.
--
nw
2000 Oct 02
1
OpenSSH 2.2.0p1 on Solaris 2.7 fails to compile
...-L/opt/openssl/lib -L/opt/openssl -R/opt/openssl/
lib -R/opt/openssl conftest.c -ldl -lsocket -lnsl -lz -lpam -lcrypto 1>&5
configure: In function `main':
configure:2856: warning: implicit declaration of function `RAND_add'
configure:2857: warning: implicit declaration of function `RAND_status'
Undefined first referenced
symbol in file
RAND_add /var/tmp/ccHZaWXy1.o
RAND_status /var/tmp/ccHZaWXy1.o
ld: fatal: Symbol referencing errors. No output written to conftest
configure: failed p...
2023 Mar 19
1
openssl 9.3 and openssl 3.1
...vely recently.
Does the OpenSSL self-test ("make tests") pass? Does its basic RNG
function work (eg "openssl rand -base64 9")? And if "openssl rand"
doesn't work, if you strace it what is it trying to do?
> I think the check in openssh for this is a call to RAND_status(), which
> is apparently returning a failure.
>
> I can't compile without openssl, because I need to allow RSA keys.
>
> Any work arounds? Ideas follow.
>
> Compile openssh with /dev/urandom as the prngd-socket?
No, the prngd socket interface works differently to /dev/rand...
2002 Apr 03
2
cross compilation?
...compatible version and correct linking
# *does not* test for RSA - that comes later.
-
AC_TRY_RUN(
+
AC_TRY_LINK(
[
-#include <string.h>
-#include <openssl/rand.h>
-int main(void)
-{
-
char a[2048];
-
memset(a, 0, sizeof(a));
-
RAND_add(a, sizeof(a), sizeof(a));
-
return(RAND_status() <= 0);
-}
+
#include <string.h>
+
#include <openssl/rand.h>
+
],
+
[
+
char a[2048];
+
memset(a, 0, sizeof(a));
+
RAND_add(a, sizeof(a), sizeof(a));
+
return(RAND_status() <= 0);
],
[
found_crypto=1
break;
-
], []
+
], [ ]...
2001 Aug 08
3
openssh-2.9p2 Config - undefined references
...to `dlsym'
configure: failed program was:
#line 4419 "configure"
#include "confdefs.h"
#include <string.h>
#include <openssl/rand.h>
int main(void)
{
char a[2048];
memset(a, 0, sizeof(a));
RAND_add(a, sizeof(a), sizeof(a));
return(RAND_status() <= 0);
}
I use it with openssl-engine-0.9.6b and openssl-0.9.6b installed
to /opt/openssl and /usr/local/ssl (ln -s). When running the
make test option of openssl, it reports no problems (which kind
of indicates the problem is not with openssl I hope)
The machine is a Linux version 2.2.5 k...
2018 Nov 19
2
[PATCH] openssl-compat: Test for OpenSSL_add_all_algorithms before using.
OpenSSL 1.1.0 has deprecated this function.
---
configure.ac | 1 +
openbsd-compat/openssl-compat.c | 2 ++
openbsd-compat/openssl-compat.h | 4 ++++
3 files changed, 7 insertions(+)
diff --git a/configure.ac b/configure.ac
index 3f7fe2cd..db2aade8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2710,6 +2710,7 @@ if test "x$openssl" = "xyes" ; then
])
2006 Mar 17
1
[PATCH] OpenSSL RNG initialization
...3
+++ src/lib/randgen.c 10 Mar 2006 17:15:03 -0000
@@ -81,6 +81,42 @@
return buf;
}
+static void random_init_rng(void)
+{
+ int counter = 0;
+ struct timeval tv;
+#ifdef HAVE_GETRUSAGE
+ struct rusage ru;
+#endif
+
+ /*
+ * If the RNG is already seeded, we can return
+ * immediately.
+ */
+ if (RAND_status() == 1)
+ return;
+
+ /*
+ * Else, try to seed it. Unfortunately we don't have
+ * /dev/urandom, so we can only use weak random sources.
+ */
+ while (RAND_status() != 1) {
+ if (gettimeofday(&tv, NULL) < 0)
+ i_fatal("gettimeofday() failed: %m");
+ RAND_add((const void...
2001 Feb 05
2
Could not find working SSLeay?
I'm installing openssl 0.9.5a and openssh 2.3.0p1 on an Ultra 5 running
Solaris 8 with the latest cluster patch. Openssl installed without any
problems. When I do a configure for openssh I get:
Checking for OpenSSL directory. . . configure: error: Could not find
working SSLeay /
OpenSSL libraries, please install
I've reinstalled openssl and everything is there. As a note I've
2001 Sep 28
3
OpenSSH (portable) and entropy gathering
On Thu, 27 Sep 2001 20:41:05 EDT, Damien Miller writes:
> On Thu, 27 Sep 2001, Dan Astoorian wrote:
>
> >
> > It would (IMHO) be useful if there were a way to optionally configure
> > that code to fall back to the internal entropy gathering routines in the
> > event that EGD was not available; as it is, the routines simply fail if
> > EGD is unavailable at the
2000 Sep 26
0
./configure stops: openssl prob
...-lpam
collect2: ld returned 1 exit status
configure: failed program was:
#line 2848 "configure"
#include "confdefs.h"
#include <string.h>
#include <openssl/rand.h>
int main(void)
{
char a[2048];
memset(a, 0, sizeof(a));
RAND_add(a, sizeof(a), sizeof(a));
return(RAND_status() <= 0);
}
configure:2862: gcc -o conftest -I/usr/local/ssl/include -Wall -I/usr/local/ssl/include -static -L/lib/security -L/lib -L/usr/local/ssl/lib -L/lib -L/lib/security -L/lib -L/usr/local/ssl -L/lib -L/usr/local/ssl/lib -L/usr/local/ssl conftest.c -ldl -lnsl -lz -lutil -lpam -lcrypto...
2001 Dec 21
6
Killing the builtin entropy code
Over the holidays, I intend to finally rid portable OpenSSH of the
builtin entropy collection code. Here's what I intend to do:
When init_rng is called, we'll check OpenSSL's RAND_status(). If this
indicates that their PRNG is already seeded, we'll do nothing. This
effectively detects platforms which have /dev/urandom (or similar)
configured into OpenSSL.
If OpenSSL isn't seeded, we will fork+suid(user)+exec a subprocess
"ssh-rand-helper" which will return 64 byt...
2001 Jun 07
2
Patch to enable multiple possible sources of entropy
...if /* USE_PRNGD */
-
- /*
- * Seed OpenSSL's random number pool from Kernel random number generator
- * or PRNGD/EGD
- */
- void
- seed_rng(void)
- {
- unsigned char buf[32];
-
- debug("Seeding random number generator");
-
- if (!get_random_bytes(buf, sizeof(buf))) {
- if (!RAND_status())
- fatal("Entropy collection failed and entropy exhausted");
- } else {
- RAND_add(buf, sizeof(buf), sizeof(buf));
- }
-
- memset(buf, '\0', sizeof(buf));
- }
-
- void
- init_rng(void)
- {
- check_openssl_version();
- }
-
- #else /* defined(USE_PRNGD) || defined(RAN...
2001 Jun 06
2
Failure to compile OpenSSH.
...o 1>&5
configure: failed program was:
#line 4397 "configure"
#include "confdefs.h"
#include <string.h>
#include <openssl/rand.h>
int main(void)
{
char a[2048];
memset(a, 0, sizeof(a));
RAND_add(a, sizeof(a), sizeof(a));
return(RAND_status() <= 0);
}
(3)
configure:4354: checking for OpenSSL directory
configure:4411: cc -o conftest -g -I/usr/local/include conftest.c -lz -lgen -lcrypto 1>&5
cc-1005 cc: ERROR File = configure, Line = 4400
The source file "openssl/rand.h" is unavailable.
#include <openssl/r...
2000 May 31
0
openssh 2.1.0p3 w/ rsaref
...]
+ ],
+ [
+ LIBS="$saved_LIBS -lcrypto -lRSAglue -lrsaref"
+ AC_TRY_RUN(
+ [
+ #include <string.h>
+ #include <openssl/rand.h>
+ int main(void)
+ {
+ char a[2048];
+ memset(a, 0, sizeof(a));
+ RAND_add(a, sizeof(a), sizeof(a));
+ return(RAND_status() <= 0);
+ }
+ ],
+ [
+ found_crypto=1
+ break;
+ ]
+ )
+ ]
)
if test ! -z "$found_crypto" ; then
2000 Jun 21
1
configure: error: Could not find working SSLeay / OpenSSL libraries
...or directory
configure: failed program was:
#line 2568 "configure"
#include "confdefs.h"
#include <string.h>
#include <openssl/rand.h>
int main(void)
{
char a[2048];
memset(a, 0, sizeof(a));
RAND_add(a, sizeof(a), sizeof(a));
return(RAND_status() <= 0);
}
-------------8<-------------
2001 Jun 18
0
Building on Solaris 8 - RAND_add (etc) errors
...-I/usr/local/ssl/include -L/usr/local/lib
-L/usr/local/ssl/lib -R/usr/local/lib
-R/usr/local/ssl/lib conftest.c -lz -lsocket -lnsl
-lgen -lcrypto 1>&5
Undefined first referenced
symbol in file
RAND_add conftest.o
RAND_status conftest.o
ld: fatal: Symbol referencing errors. No output
written to conftest
configure: failed program was:
#line 4397 "configure"
#include "confdefs.h"
The solution to this problem that I found is to build
OpenSSL with 32 bit support only (i.e, do ....
2001 Oct 19
1
OpenSSH2.9.9p2 fails to configure
...to 1>&5
configure: failed program was:
#line 4467 "configure"
#include "confdefs.h"
#include <string.h>
#include <openssl/rand.h>
int main(void)
{
char a[2048];
memset(a, 0, sizeof(a));
RAND_add(a, sizeof(a), sizeof(a));
return(RAND_status() <= 0);
}
#... other defaults here
SSL works fine (using it for webmin).
Any ideas? (I did check the list archives but nothing meaningful was
there)
2000 Apr 03
1
Announce: Test release with random collection support
I have just uploaded a test release of portable openssh to
http://violet.ibs.com.au/openssh/files/test
This release includes some major changes picked up from OpenBSD CVS.
It also includes inbuilt random number gathering support which should
remove the need for EGD on systems that lack /dev/random.
This support is very preliminary. Please treat it as alpha and don't
use it on production