On Mon, Feb 25, 2002 at 04:23:04AM -0000, [EMAIL PROTECTED] wrote:
> @@ -154,18 +155,21 @@
> RAND_seed(stackdata+n, 128);
> nDone += 128;
>
> -#if XXX_SBENTROPY_SOLVED
> /*
> - * XXX: This is entirely borked, sizeof(scoreboard) < 1024
> + * seed in data extracted from the current scoreboard
> *
> - * seed in an 1KB extract of the current scoreboard
> + * XXX: this assumes that the entire scoreboard is
> + * allocated in one big block of memory that begins at
> + * the location pointed to by ap_scoreboard_image->global
> */
> - if (ap_scoreboard_image != NULL) {
> - n = ssl_rand_choosenum(0,ap_calc_scoreboard_size()-1024-1);
> - RAND_seed(((unsigned char *)ap_scoreboard_image)+n, 1024);
> - nDone += 1024;
> + if (ap_scoreboard_image != NULL && mc->nScoreboardSize > 16)
> + {
> + m = ((mc->nScoreboardSize / 2) - 1);
> + n = ssl_rand_choosenum(0, m);
> + RAND_seed(
> + ((unsigned char *)ap_scoreboard_image->global)+n, m);
> + nDone += m;
> }
> -#endif
> }
> }
> }
>
>
>
Why was the XXX_SBENTROPY_SOLVED define removed? I believe we wanted
to avoid using scoreboard as an entropy source because it isn't very
random. Therefore, I think we should just remove this code
altogether. Or, am I missing something? -- justin
