RE: Ruby/OpenSSL and error: PRNG not seeded

< ^ > P N |<>|^_>< --- | ~ ...Help
Thanks, Ville, for the explanation and patch. I plan to add a /dev/urandom
device
to address the problem.

Regards,
Barry

> -----Original Message-----
> From: Ville Mattila [mailto:mulperi / iki.fi]
> Sent: Friday, May 24, 2002 11:36 AM
> To: ruby-talk / ruby-lang.org
> Subject: Re: Ruby/OpenSSL and error: PRNG not seeded
> 
> 
> "SHULTZ,BARRY (HP-Israel,ex1)" <barry_shultz / hp.com> writes:
> 
> > Hello,
> >  My environment is:
> > Ruby 1.6.7 on HP-UX 11.0 (actually 11.04)
> > OpenSSL 0.9.6c
> > Ruby/OpenSSL 0.1.1
> > 
> > When I run the script:
> > 
> > #!/opt/ruby/bin/ruby
> >     require 'net/https'
> >     host, port, path = "myserver.mydomain.com", 443, "/"
> >     h = Net::HTTP.new(host, port)
> >     h.use_ssl = true 
> >     h.get2(path){ |resp| print resp.body }
> > 
> > I get the following error:
> > 
> > /opt/ruby/lib/ruby/1.6/openssl.rb:93:in `__connect':
> > SSL_connect:error:24064064:random number 
> generator:SSLEAY_RAND_BYTES:PRNG
> > not seeded (OpenSSL::SSL::Error)
> >         from /opt/ruby/lib/ruby/1.6/openssl.rb:93:in `connect'
> >         from /opt/ruby/lib/ruby/1.6/openssl.rb:93:in `synchronize'
> >         from /opt/ruby/lib/ruby/1.6/openssl.rb:93:in `connect'
> >         from /opt/ruby/lib/ruby/1.6/net/protocols.rb:51:in 
> `ssl_connect'
> >         from /opt/ruby/lib/ruby/1.6/net/https.rb:147:in `on_connect'
> >         from /opt/ruby/lib/ruby/1.6/net/protocol.rb:152:in 
> `conn_socket'
> >         from /opt/ruby/lib/ruby/1.6/net/http.rb:499:in `do_start'
> >         from /opt/ruby/lib/ruby/1.6/net/protocol.rb:131:in `start'
> >         from /opt/ruby/lib/ruby/1.6/net/http.rb:667:in `request'
> >         from /opt/ruby/lib/ruby/1.6/net/http.rb:638:in `request_get'
> >         from /opt/ruby/lib/ruby/site_ruby/testhttpsclient.rb:6
> > 
> > How can I know which PRNG I need, or why the script can't 
> find it, or how I
> > can
> > check if it is seeded correctly? Ruby and Ruby/OpenSSL compiled OK.
> 
>   Hello Barry,
> 
> Openssl tries to use /dev/random or /dev/urandom if it cannot find
> such a device it fails with this error. Here is dirty patch. You
> have to manually add radnseed. 
> 
> --- ../ssl-0.1.2/ssl.c  Thu Jan 11 17:58:25 2001
> +++ ssl.c       Tue Jan 16 17:28:12 2001
> @@ -25,8 +25,8 @@
>   *
>   * $Id: ssl.c,v 1.10 2001/01/11 15:58:25 gotoyuzo Exp $
>   */
> -#include <ssl.h>
> -#include <err.h>
> +#include <openssl/ssl.h>
> +#include <openssl/err.h>
>  #include <ruby.h>
>  #include <rubyio.h>
>  #include <rubysig.h>
> @@ -425,9 +425,13 @@
>  void
>  Init_ssl()
>  {
> +
> +    char 
> *buf="ajsd?fluasdb5nq?9457q?867na867qm8v?467vq4865j7bnq?45q?4867n";
> +    RAND_seed(buf, strlen(buf));
> +
>      SSLeay_add_all_algorithms();
>      SSL_load_error_strings();
> -
> +
>      mSSL = rb_define_module("SSL");
>      eSSLError = rb_define_class_under(mSSL, "SSLError", 
> rb_eStandardError);
>