On Mon, 25 Feb 2002, William A. Rowe, Jr. wrote: > At 01:55 PM 2/25/2002, Justin Erenkrantz wrote: > >Why was the XXX_SBENTROPY_SOLVED define removed? I believe we wanted > >to avoid using scoreboard as an entropy source because it isn't very > >random. Therefore, I think we should just remove this code > >altogether. Or, am I missing something? -- justin
Best I could tell from the commit logs and the comments in the code, it was only disabled because it was causing segfaults (because it was incompatible with the new scoreboard layout). Ralf's patch touched that block of code, and it's still used in mod_ssl for Apache 1.3. I used his patch as a basis for fixing the corresponding block in 2.0, assuming that it was only off because it was broken; why else would it still be in 1.3? But... > +1 on removing this old, misleading code altogether. If that's the agreement, then fine, I'll nuke it. It certainly caused me quite a bit of headache to get it to work in the first place, and I was definitely uneasy about the assumptions it was making about the layout of the scoreboard. I wouldn't mind hearing Ralf's input, of course... > You missed nothing. This patch is borked. Although in truth is does > allow the process to add the score as entropy, it gains us little, since > the scoreboard is initialized to nothing but a few bytes of data and a > big block 'o nulls. ssl_rand_seed() runs on every request if you configure it that way. --Cliff -------------------------------------------------------------- Cliff Woolley [EMAIL PROTECTED] Charlottesville, VA
