apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@attglobal.net>
Subject Re: [PATCH] Add EGD-compatible random support
Date Sat, 05 Jan 2002 03:33:23 GMT
Justin Erenkrantz <jerenkrantz@ebuilt.com> writes:

> On Fri, Jan 04, 2002 at 09:35:48PM -0500, Jeff Trawick wrote:
> > Justin Erenkrantz <jerenkrantz@ebuilt.com> writes:
> > 
> > > This patch adds EGD-gathering support to apr_generate_random_bytes.
> > 
> > My hero! (though I might disagree on the socket details :) )
> 
>                                                   (Sander searched
> his Win32 box and he saw AF_UNIX #defined in the headers). 

It isn't unusual to have any number of AF_xxx defined even when they
aren't supported.

> > > Ideally, I'd like to add an apr_generate_random_bytes_setup function
> > > that takes in a path name that will configure the random device 
> > 
> > Do you mean something that could be a shell script to ensure that the
> > EGD is running?
> 
> We could do that.  But, I expect that this would be the problem
> of the APR-using program (such as httpd or flood).  I'd really
> like to have them be able to specify where the EGD or 
> prngd_commands file are.  So:

I guess it would be good to know what an "EGD or prngd_commands file"
is :)

> 
> apr_generate_random_bytes_setup(char * path)
>   - With /dev/[u]random platforms, this is a no-op.
>   - With EGD, it allows configuration to where the EGD socket lives.
>   - With an internal PRNGD (ala OpenSSH), this is the config file.
> 
> And, in httpd.conf, something like:
> 
> EGDSocket /tmp/egd-entropy

nice

> 
> Remember that the reason I want an internal PRNGD is so that we don't
> have to bother the user with making sure that EGD/PRNGd is running.

nice
 
> While PRNGd works okay, I could not recommend it for general use.
> Its build system and install is just too confusing to the point
> where I believe it'd cause lots of install/configuration problems 

looks like it should be rpm -ivh on AIX at least...

(http://www-1.ibm.com/servers/aix/products/aixos/linux/download.html)

-- 
Jeff Trawick | trawick@attglobal.net | PGP public key at web site:
       http://www.geocities.com/SiliconValley/Park/9289/
             Born in Roswell... married an alien...

Mime
View raw message