From 299e7c91459b2ed74d786e3ed12a9a48bbd929f1 Mon Sep 17 00:00:00 2001
From: Bodo Möller <bodo@openssl.org>
Date: Thu, 16 Mar 2000 16:17:00 +0000
Subject: Point out the PRNG usage bug affecting openssl rsa. (Should we point
 to snapshots, or directly give the one-line patch?)

---
 FAQ | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'FAQ')

diff --git a/FAQ b/FAQ
index 58650cfd74..78018fc8fe 100644
--- a/FAQ
+++ b/FAQ
@@ -109,6 +109,10 @@ Most components of the openssl command line tool try to use the
 file $HOME/.rnd (or $RANDFILE, if this environment variable is set)
 for seeding the PRNG.  If this file does not exist or is too short,
 the "PRNG not seeded" error message may occur.
+Note that the command "openssl rsa" in OpenSSL 0.9.5 does not do this
+and will fail on systems without /dev/urandom when trying to
+password-encrypt an RSA key!  This is a bug in the library;
+try a later snaphost instead.
 
 
 * Why does the linker complain about undefined symbols?
-- 
cgit v1.2.3