On 28 May 2002 [EMAIL PROTECTED] wrote:
jwoolley 02/05/28 16:15:10
Modified: . CHANGES configure.in Log: Added --with-devrandom=[DEV] configure flag which allows a particular "/dev/random"-compatible device to be specified, overriding the default search path (/dev/random then /dev/arandom then /dev/urandom). Also, if --with-egd=<path> is specified, it now implies --without-devrandom.
Okay, Ben, I believe this patch implements what you've said you prefer, and it makes a lot of sense to me as well. Here's what we have now:
1) If --with-egd=<path> is specified, --without-devrandom is assumed and the EGD socket is used as the source of entropy.
2) Otherwise, if --with-devrandom=<DEV> is specified with a particular device, that device is used as the source of entropy.
3) Otherwise, if --with-devrandom (with no =<DEV>) is specified or --with-devrandom is not specified at all, we search /dev/random /dev/arandom /dev/urandom in that order.
4) If the search in #3 fails, we try looking for the truerand library.
5) If none of the above is usable, we have no source of entropy.
Does that sound right?
I still say it needs to be configurable at runtime as well. Apart from that, yes.
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff