costin 01/09/06 21:52:18
Modified:src/share/org/apache/tomcat/modules/session
SessionIdGenerator.java
Log:
Usefull for debugging session creation.
Revision ChangesPath
1.6 +1 -0
costin 01/08/20 22:38:24
Modified:src/share/org/apache/tomcat/modules/session
SessionIdGenerator.java
Log:
Update for the fix in compat.
Revision ChangesPath
1.5 +1 -1
costin 01/04/21 10:45:41
Modified:src/etc server.xml
src/share/org/apache/tomcat/modules/session
SessionIdGenerator.java
Log:
Check in for 1385, from [EMAIL PROTECTED] (Bojan Smojver).
Any random file can be specified. The default ( in
costin 01/04/21 12:33:11
Modified:src/etc server.xml
src/share/org/apache/tomcat/modules/session
SessionIdGenerator.java
Log:
Fix server.xml with the right name of the attribute.
Delay Random creation ( each random creates a thread )
Doug Barnes wrote:
You only have so much entropy that's available on a given machine at a
given time. From the same manpage, you can see that if you have access
to more entropy than /dev/random knows about normally, you can write it
back to /dev/random (they give an example) but at the end
Doug Barnes wrote:
The answer to these arguments are: use /dev/urandom, not
/dev/random. It's going to do as good or better than anything
you're going to seed with /dev/random, and IT WILL NOT BLOCK.
I may be wrong (I'm just starting to poke around in related
code) but it doesn't look
I'm aware of /dev/urandom being non-blocking, but my understanding of
/dev/urandom is that it is not cryptographicaly secure.
...
Any thoughts on that?
[perhaps more thoughts than anyone here cares to hear, but what
the heck]
You only have so much entropy that's available on a given
On 11 Apr, Bojan Smojver wrote:
[EMAIL PROTECTED] wrote:
Given that tomcat should run for days or weeks at a time, I don't
think you want to keep /dev/random open. There maybe other processes
that also need random data during that time.
Are you really sure that other processes are unable
[EMAIL PROTECTED] wrote:
As pointed out by someone else, at some point on a system that is not
busy processes will hang on /dev/random waiting for their next chance to
catch some randomness generated by things like mouse moves. And if you
are on a server, the mouse may never move. There will
[EMAIL PROTECTED] wrote:
The patch allows systems that have /dev/random to use it instead of the
slower Random. Instead of checking for OS==linux ( as in submited patch )
we use an option of the module.
Cool.
The code if the option "useDevRandom" is not set is the same as before.
On Tue, 10 Apr 2001, Bojan Smojver wrote:
The code if the option "useDevRandom" is not set is the same as before.
If you set useDevRandom="true" then /dev/random will be used.
Very cool. Where do I whack this option? server.xml? I know it must be a
silly question to ask on Tomcat Dev
On 10 Apr, Bojan Smojver wrote:
[EMAIL PROTECTED] wrote:
The patch allows systems that have /dev/random to use it instead of
the slower Random. Instead of checking for OS==linux ( as in
submited patch ) we use an option of the module.
Cool.
The code if the option
[EMAIL PROTECTED] wrote:
Given that tomcat should run for days or weeks at a time, I don't think
you want to keep /dev/random open. There maybe other processes that also
need random data during that time.
Are you really sure that other processes are unable to use /dev/random
while Tomcat is
13 matches
Mail list logo