[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apr-dev
Subject:    Re: cvs commit: apr CHANGES configure.in
From:       Ben Laurie <ben () algroup ! co ! uk>
Date:       2002-05-29 9:44:00
[Download RAW message or body]

Cliff Woolley wrote:
> On 28 May 2002 jwoolley@apache.org wrote:
> 
> 
>>jwoolley    02/05/28 16:15:10
>>
>>  Modified:    .        CHANGES configure.in
>>  Log:
>>  Added --with-devrandom=[DEV] configure flag which allows a particular
>>  "/dev/random"-compatible device to be specified, overriding the
>>  default search path (/dev/random then /dev/arandom then /dev/urandom).
>>  Also, if --with-egd=<path> is specified, it now implies
>>  --without-devrandom.
> 
> 
> Okay, Ben, I believe this patch implements what you've said you prefer,
> and it makes a lot of sense to me as well.  Here's what we have now:
> 
> 1) If --with-egd=<path> is specified, --without-devrandom is assumed
>    and the EGD socket is used as the source of entropy.
> 
> 2) Otherwise, if --with-devrandom=<DEV> is specified with a particular
>    device, that device is used as the source of entropy.
> 
> 3) Otherwise, if --with-devrandom (with no =<DEV>) is specified or
>    --with-devrandom is not specified at all, we search
>       /dev/random
>       /dev/arandom
>       /dev/urandom
>    in that order.
> 
> 4) If the search in #3 fails, we try looking for the truerand library.
> 
> 5) If none of the above is usable, we have no source of entropy.
> 
> Does that sound right?

I still say it needs to be configurable at runtime as well. Apart from 
that, yes.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

[prev in list] [next in list] [prev in thread] [next in thread]