Yes, it's been a while... this isn't my day job. I have been working
on-and-off on EGD et al, however.
On Jan 7, 1:20am, robert bonomi wrote:
> > > If select() is useable before read() for a standard file, then it
> > > would perhaps be possible to use possibly blocking devices like
> > > /dev/random and still not get impatient developpers on our throats
> > > :-).
> > Hmm, I would consider using non-blocking reads. Select() does not know
> > how many bytes you intend to read, so it will return "available" if
> > just one byte is there and the second byte will block. Of course we could
> > read byte-per-byte...
> > So we can stay with non-blocking reads, try to take the minimum defined
> > (20bytes as of now) and just take what's there.
>
> A far superior approach. With the caveat that if you don't get all that
> you want the first time, you _do_ need to loop, until you get a 'would block'
> indication. I've seen some _awfully_ dumb 'virtual device' implememntations
In regard to the 20 bytes, wouldn't it be a good thing for the random
library code to have a function to tell randomization code (including
loading from files, devices, EGD, etcetera) how much more bytes it
needs to be satisfied? That way you aren't unnecessarily using up a
scarce resource, namely true randomness.
[Regarding EGD socket location]
> The real "wish-list" approach would be to have a _configuration-time_
> utility that sniffs out the random device(s), and passes appropriate
> info to the compilation process.
I've got a modified Configure version that (as well as doing some
other things) simply checks to see whether /var/run exists, and does a
define appropriately. If it didn't, look in /etc first for "entropy"
or whatever the consensus is to call it. If so, look in /var/run
first. This doesn't depend on everything being the same as per the
time of compilation...
> "list of places", plus the sanity checks, should not be much of a load --
> this is one-time-use code, executed at the time the random device is first
> accessed. One just keeps the file-handle open, and never have to worry
> about the issue again.
Modulo that if something goes wrong later on, you may want to try the
other places... there's more than one random gatherer running using
the EGD protocol, after all (one being Lutz's prngd).
-Allen
--
Allen Smith [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
