Ping a Specific Port

Question

user35042

Asked: 2012-01-13 13:23:16 +0800 CST2012-01-13 13:23:16 +0800 CST 2012-01-13 13:23:16 +0800 CST

How does Apache interpret multiple SSLRandomSeed sources

772

In my Apache configuration I have these lines:

SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/random
SSLRandomSeed connect file:/dev/urandom 1024

How, exactly, does Apache interpret this? Does it first try builtin and then move to /dev/random if that fails? If it uses /dev/random, and /dev/random then runs out of entropy, does it automatically switch to /dev/urandom? Is there an Apache document somewhere that explains all this?

1 Answers

Voted

b0fh · Answer 1 · 2012-02-11T05:35:20+08:00

Best Answer

b0fh

2012-02-11T05:35:20+08:002012-02-11T05:35:20+08:00

It is not stated in Apache docs, but looking at ssl_engine_rand.c (apache 2.2.21 here) you can see that the function ssl_rand_seed iterates over all the defined SSLRandomSeed sources, ultimately calling the OpenSSL RAND_seed function unless there is a failure.

Refering to the OpenSSL man page for RAND_seed, every successful call to it will add entropy to the state of the PRNG.

At the end, it asks OpenSSL if seeding is sufficient trough RAND_status.

So, if you define many sources, it will use all of these that work, and combine their entropy.

5

How does Apache interpret multiple SSLRandomSeed sources

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?