Re: advapi32: Fall back to /dev/random if /dev/urandom can't be opened, and add warnings if opening either fails
On Wed, Oct 15, 2008 at 1:13 PM, Juan Lang <juan.lang(a)gmail.com> wrote:
Let me know if you think the fallback is a bad idea, or if a FIXME is more appropriate than a WARN here. --Juan
FWIW: http://en.wikipedia.org/wiki/Urandom "/dev/random and /dev/urandom are also available on Solaris, Mac OS X, NetBSD, OpenBSD, Tru64 UNIX 5.1B, AIX 5.2, and HP-UX 11i v2, however as with FreeBSD, AIX implements its own Yarrow-based design which uses considerably less entropy sources than the standard /dev/random implementation and stops refilling the pool when it thinks it contains enough entropy.[2]" "A software program called EGD (entropy gathering daemon) is a common alternative for Unix systems which do not support the /dev/random device. It is a user space daemon which provides high quality cryptographic random data. Some cryptographic software such as OpenSSL, GNU Privacy Guard, and the Apache HTTP Server support using EGD when a /dev/random device is not available." -- -Austin
Hi Austin,
FWIW: http://en.wikipedia.org/wiki/Urandom (snip) "A software program called EGD (entropy gathering daemon) is a common alternative for Unix systems which do not support the /dev/random device.
Yep, I know. The problem with using EGD is that there isn't a standard path to it. Because /dev/urandom is so commonly available, adding a configuration option and code for such a rarely used feature didn't seem worth it. Thanks, --juan
participants (2)
-
Austin English -
Juan Lang