nmav at gnutls.org
Sat May 8 10:09:59 CEST 2004
On Friday 07 May 2004 17:14, Werner Koch wrote:
> > Seems fine then. Maybe removing the initialization part of this function
> > might speed up things to programs that do not use the rnd (just hash
> > or encrypt). So this will only update the pool if initialized. I don't
> > know if
> I have done these changes right now in the CVS and you or Christan
> might want to look at it. If this works out, I will gop into 1.2.1.
> The random number is now only initialzed when random numbers are
> actually been requested or the new macro gcry_fast_random_poll() has
> been used. The internal _gcry_fast_random_poll is a NOP as long as
> the RNG has not been initialized - thus for simple application
> /dev/random should not even be opened.
I was just wondering how many times is /dev/random accessed? I
though that it opened only once in the initialization of the
random pool. I ask because I came across a server the used fork
for each client and initializes libgcrypt (and gnutls) on every child.
If /dev/random is accessed several times from each child then
/dev/random would be exhausted soon, thus the server's childs would
be blocked (gnutls calls several times the md_open, cipher_open as well
as the random functions).
More information about the Gcrypt-devel