[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS_RANDFILE not recognized in ldap.conf/.ldaprc (ITS#733)

To: openldap-its@OpenLDAP.org
Subject: TLS_RANDFILE not recognized in ldap.conf/.ldaprc (ITS#733)
From: michael@weiser.saale-net.de
Date: Tue, 12 Sep 2000 18:40:15 GMT

Full_Name: Michael Weiser
Version: cvs 20000912
OS: irix 6.5
URL: ftp://ftp.openldap.org/incoming/michael-weiser-20000912-egd.patch
Submission from: (NULL) (139.18.25.3)


Hello,

TLS_RANDFILE in ldap.conf and/or ~/ldaprc doesn't make libldap contact the
egd since a.) the configs are read *after* the RNG is seeded and b.)
TLS_RANDFILE is marked as user-only. While the former seems to be only an
oversight the latter may make sense in respect of overall security but is
bad for setting up a configuration working oob for the users of my irix 6.5
box. I want to run egd and/or prngd as system-wide entropy gathering daemons
which all tools connect to automatically.

I hope the attached patch fixes this although I don't have any idea whether
and how the relocation of ldap_pvt_tls_init() affects the calls between the
new and old location. It works for me (tm).

BTW: openssh has some excelent code for seeding the RNG by calling external
programs which got used in prngd already. If I had a bit more time... :-(
-- 
bye, Micha

Prev by Date: [no subject]
Next by Date: Fix for "deadlock for the second and other following requests for Windows NT(2000)" (ITS#732)
Index(es):
- Chronological
- Thread