all the auth protocols are due for a rework,
but honestly i don't think anyone cares
enough to see it through, myself included.
Posting some guidelines, not least _known_ good reasons to do it, may
encourage someone to go ahead. In fact, it would also make for useful
suggestions for GSoC
Hullo 9fans.
Can somebody please explain to my slow mind the purpose of this game in
/sys/src/cmd/exportfs/exportfs.c (and the corresponding half in
cmd/import.c) and where my thoughts on it derail ?
/* exchange random numbers */
srand(truerand());
for(i = 0; i 4; i++)
truerand() returns (at most) 32 bits of entropy, which gets pushed into
srand() and then 32 bits of entropy are read back out... why not just use
truerand() directly?
This bit I know, truerand() reads /dev/random (see cons(1)) and
can only generate a few hundred bits per second.
rand is
On Fri, Apr 10, 2009 at 07:48:54AM -0400, erik quanstrom wrote:
We haven't brought up SSL yet, so Eve can read our exchanged random
numbers... now these values get shoved into SHA-1 (along with the 56 bits of
entropy from Kn derived from p9any authentication) before being used to make
the
On Fri, Apr 10, 2009 at 02:08:25PM +0200, Mechiel Lukkien wrote:
On Fri, Apr 10, 2009 at 07:48:54AM -0400, erik quanstrom wrote:
We haven't brought up SSL yet, so Eve can read our exchanged random
numbers... now these values get shoved into SHA-1 (along with the 56 bits
of
entropy
On Fri, Apr 10, 2009 at 11:25:02AM +0100, Steve Simon wrote:
truerand() returns (at most) 32 bits of entropy, which gets pushed into
srand() and then 32 bits of entropy are read back out... why not just use
truerand() directly?
This bit I know, truerand() reads /dev/random (see cons(1))