Hi Ryan, That's very nice to know!
Many thanks! On Wed, Nov 26, 2014 at 11:31 AM, Ryan Tandy <[email protected]> wrote: > On Wed, Nov 26, 2014 at 08:51:25AM -0400, Hydro Tium wrote: > >> TLS: gcry_control GCRYCTL_SET_RNDEGD_SOCKET failed >> 5475ca9c main: TLS init failed: -1 >> > > olcTLSRandFile: /dev/urandom >> > > When libldap 2.4.39 or older are linked to libgcrypt, olcTLSRandFile > should be the path to a socket of egd [1], if you set it at all. > > [1] http://egd.sourceforge.net/ > > The gcrypt documentation says: > > EGD is an alternative random gatherer, used only on systems lacking a >> proper random device. >> > > In 2.4.40 and later gcrypt is no longer used. In this configuration GnuTLS > uses a hard-coded list [2] of possible EGD paths, so I think olcTLSRandFile > is just ignored. > > [2] https://gitorious.org/gnutls/gnutls/source/ > ed3913fdbc8ffe3b552c0d0f593f17c4e1a273d5:lib/nettle/egd.c#L98 > > In most setups, I think you probably don't need to set olcTLSRandFile at > all. > > Hope that helps, > > Ryan > >
