<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hi,<br>
<br>
/dev/random can block forever if not enough entropy is available.
It does on my systems, the problem is described here in detail:<br>
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<a
href="http://www.usn-it.de/index.php/2009/02/20/oracle-11g-jdbc-driver-hangs-blocked-by-devrandom-entropy-pool-empty/">http://www.usn-it.de/index.php/2009/02/20/oracle-11g-jdbc-driver-hangs-blocked-by-devrandom-entropy-pool-empty/</a><br>
<br>
Works fine for me when using /dev/urandom, what should be the
default imho, it never blocks and pseudo random numbers should be
enough if it is just used for the jitter.<br>
<br>
From "man 4 random":<br>
<br>
When read, the /dev/random device will only return random
bytes within the estimated<br>
number of bits of noise in the entropy pool. /dev/random
should be suitable for uses<br>
that need very high quality randomness such as one-time pad
or key generation. When<br>
the entropy pool is empty, reads from /dev/random will
block until additional environ‐<br>
mental noise is gathered.<br>
<br>
A read from the /dev/urandom device will not block waiting
for more entropy. As a<br>
result, if there is not sufficient entropy in the entropy
pool, the returned values are<br>
theoretically vulnerable to a cryptographic attack on
the algorithms used by the<br>
driver. Knowledge of how to do this is not available in
the current unclassified lit‐<br>
erature, but it is theoretically possible that such an
attack may exist. If this is a<br>
concern in your application, use /dev/random instead.<br>
<br>
Usage<br>
If you are unsure about whether you should use /dev/random
or /dev/urandom, then proba‐<br>
bly you want to use the latter. As a general rule,
/dev/urandom should be used for<br>
everything except long-lived GPG/SSL/SSH keys.<br>
<br>
<br>
bye, Björn<br>
<br>
<br>
<br>
<br>
On 10.11.2012 11:50, Ferry Huberts wrote:<br>
</div>
<blockquote
cite="mid:1352544655-26193-1-git-send-email-mailings@hupie.com"
type="cite">
<pre wrap="">From: Ferry Huberts <a class="moz-txt-link-rfc2396E" href="mailto:ferry.huberts@pelagic.nl"><ferry.huberts@pelagic.nl></a>
Make it much more random when /dev/random or /dev/urandom is
available.
Signed-off-by: Ferry Huberts <a class="moz-txt-link-rfc2396E" href="mailto:ferry.huberts@pelagic.nl"><ferry.huberts@pelagic.nl></a>
---
src/main.c | 24 +++++++++++++++++++++++-
1 file changed, 23 insertions(+), 1 deletion(-)
diff --git a/src/main.c b/src/main.c
index ae38439..382c5dc 100644
--- a/src/main.c
+++ b/src/main.c
@@ -230,6 +230,28 @@ olsrmain_load_config(char *file) {
return 0;
}
+static void initRandom(void) {
+ unsigned int seed = (unsigned int)time(NULL);
+
+#ifndef _WIN32
+ int randomFile;
+
+ randomFile = open("/dev/random", O_RDONLY);
+ if (randomFile == -1) {
+ randomFile = open("/dev/urandom", O_RDONLY);
+ }
+
+ if (randomFile != -1) {
+ if (read(randomFile, &seed, sizeof(seed)) != sizeof(seed)) {
+ ; /* to fix an 'unused result' compiler warning */
+ }
+ close(randomFile);
+ }
+#endif /* _WIN32 */
+
+ srandom(seed);
+}
+
/**
* Main entrypoint
*/
@@ -297,7 +319,7 @@ int main(int argc, char *argv[]) {
olsr_openlog("olsrd");
/* setup random seed */
- srandom(time(NULL));
+ initRandom();
/* Init widely used statics */
memset(&all_zero, 0, sizeof(union olsr_ip_addr));
</pre>
</blockquote>
<br>
</body>
</html>