Commit 2805ee1e authored by Richard Levitte's avatar Richard Levitte
Browse files

Configure: warn when 'none' is the chosen seed source 



Fixes #6980

Reviewed-by: default avatarMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6981)
parent 96d7852c

Configure

+12 −3
Original line number Diff line number Diff line
@@ -1010,9 +1010,18 @@ if (scalar(@seed_sources) == 0) { 
    print "Using os-specific seed configuration\n";

    push @seed_sources, 'os';

}

die "Cannot seed with none and anything else"

    if scalar(grep { $_ eq 'none' } @seed_sources) > 0

        && scalar(@seed_sources) > 1;

if (scalar(grep { $_ eq 'none' } @seed_sources) > 0) {

    die "Cannot seed with none and anything else" if scalar(@seed_sources) > 1;

    warn <<_____ if scalar(@seed_sources) == 1;

You have selected the --with-rand-seed=none option, which effectively disables

automatic reseeding of the OpenSSL random generator. All operations depending

on the random generator such as creating keys will not work unless the random

generator is seeded manually by the application.



Please read the 'Note on random number generation' section in the INSTALL

instructions and the RAND_DRBG(7) manual page for more details.

_____

}

push @{$config{openssl_other_defines}},

     map { (my $x = $_) =~ tr|[\-a-z]|[_A-Z]|; "OPENSSL_RAND_SEED_$x" }

	@seed_sources;