i thought it might be usefull for mod_ssl to log (at debug level) the entropy source from which the PRNG will be seeded from so that proper entropy source configuration can be verified. i've attached a small patch (mod_ssl-2.8.12-1.3.27) which does this.
best regards, -- aspa http://www.kronodoc.fi/
*** pkg.sslmod/ssl_engine_rand.c.orig Mon Jan 27 10:07:26 2003 --- pkg.sslmod/ssl_engine_rand.c Mon Jan 27 10:40:46 2003 *************** *** 87,92 **** --- 87,98 ---- time_t t; pid_t pid; int m; + char *ctxNames[] = { "", "startup", "connect" }; + char *rssrcNames[] = { "", "builtin", "file", "exec" + #if SSL_LIBRARY_VERSION >= 0x00905100 + , "EGD" + #endif + }; mc = myModConfig(); nReq = 0; *************** *** 97,102 **** --- 103,111 ---- pRandSeed = &pRandSeeds[i]; if (pRandSeed->nCtx == nCtx) { nReq += pRandSeed->nBytes; + + ssl_log(s, SSL_LOG_DEBUG, "%sRequesting %d bytes of entropy from %s:%s in +'%s' context", prefix, pRandSeed->nBytes, rssrcNames[pRandSeed->nSrc], +pRandSeed->cpPath, ctxNames[pRandSeed->nCtx]); + if (pRandSeed->nSrc == SSL_RSSRC_FILE) { /* * seed in contents of an external file