summaryrefslogtreecommitdiffstats
path: root/Configure
diff options
context:
space:
mode:
authorDimitri John Ledkov <dimitri.ledkov@surgut.co.uk>2024-07-12 22:55:14 +0200
committerPauli <ppzgs1@gmail.com>2024-07-31 06:44:51 +0200
commitf8c510cd20a43f7ac7705aca40fd38aacd5febeb (patch)
tree38be89c44f79a0b237d7956de4b7a809bc869736 /Configure
parentJITTER: excercise all tests in CI with JITTER seed source under certain build... (diff)
downloadopenssl-f8c510cd20a43f7ac7705aca40fd38aacd5febeb.tar.xz
openssl-f8c510cd20a43f7ac7705aca40fd38aacd5febeb.zip
JITTER: implement error handling from jitter library
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24844)
Diffstat (limited to 'Configure')
-rwxr-xr-xConfigure9
1 files changed, 4 insertions, 5 deletions
diff --git a/Configure b/Configure
index f4cc4194c5..ef1dbca1a9 100755
--- a/Configure
+++ b/Configure
@@ -1321,15 +1321,14 @@ if (scalar(grep { $_ eq 'none' } @seed_sources) > 0) {
============================== WARNING ===============================
You have selected the --with-rand-seed=none option, which effectively
-disables automatic reseeding of the OpenSSL random generator.
+disables automatic reseeding of the OpenSSL SEED-SRC random generator.
All operations depending on the random generator such as creating keys
will not work unless the random generator is seeded manually by the
application.
-Alternative to manually seeding is to compile with JITTER RNG enabled,
-it will be used instead of rand-seed=none. Or specify alternative
-seed= provider in openssl.cnf (for example from a 3rd party entropy
-provider).
+Instead of manually seeding, a different random generator can be set
+at runtime in openssl.cnf or configured at build time with
+-DOPENSSL_DEFAULT_SEED_SRC.
Please read the 'Note on random number generation' section in the
INSTALL.md instructions and the RAND_DRBG(7) manual page for more