diff options
| author | Darren Tucker <dtucker@dtucker.net> | 2022-11-08 23:23:47 +0100 |
|---|---|---|
| committer | Darren Tucker <dtucker@dtucker.net> | 2022-11-08 23:23:47 +0100 |
| commit | cf1a9852d7fc93e4abc4168aed09529a57427cdc (patch) | |
| tree | ed0640ac2af77ebe524431bcec3a0dd92284affa /sshd.c | |
| parent | Fix comment text. From emaste at freebsd.org. (diff) | |
| download | openssh-cf1a9852d7fc93e4abc4168aed09529a57427cdc.tar.xz openssh-cf1a9852d7fc93e4abc4168aed09529a57427cdc.zip | |
Defer seed_rng until after closefrom call.
seed_rng will initialize OpenSSL, and some engine providers (eg Intel's
QAT) will open descriptors for their own use. bz#3483, patch from
joel.d.schuetze at intel.com, ok djm@
Diffstat (limited to 'sshd.c')
| -rw-r--r-- | sshd.c | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -1580,8 +1580,6 @@ main(int ac, char **av) /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); - seed_rng(); - /* Initialize configuration options to their default values. */ initialize_server_options(&options); @@ -1703,6 +1701,8 @@ main(int ac, char **av) else closefrom(REEXEC_DEVCRYPTO_RESERVED_FD); + seed_rng(); + /* If requested, redirect the logs to the specified logfile. */ if (logfile != NULL) log_redirect_stderr_to(logfile); |