Hi there,
On Thu, 14 Dec 2000, Tom Biggs wrote:
> Ah, what I wouldn't give to strap a profiler to a really busy
> Apache/mod_ssl commerce server, to see exactly what
> gets heavily used and what is hardly touched. This is
> just one of the many questions I have which could be
> answered by such data.
When you do, please be so kind to post your results + any analysis you get
from it to us (and mod_ssl-users may also appreciate a gawp at it). :-) Of
course, if this is hundreds of kilobytes, perhaps flooding the entire list
wouldn't be the way to go ...
As for your original question: keep your eyes peeled, hopefully Bodo or
Ulf will come forward with some thoughts, I believe they're pretty slick
with all that RAND_METHOD stuff. I too find the interface a bit ambiguous
and have failed on previous glances to spot any obvious pattern to it. And
unlike most other forms of hacking, it's extremely difficult to get into
that stuff and know where your results fall in the spectrum from "working"
to "horribly broken" - both look almost identical (both in code and
output). Plus, you certainly don't get test vectors to check against :-)
Cheers,
Geoff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
