> 1 - Use RAND_egd() for reading true random data if such is available (this
> needs to be checked for in the configure script, as RAND_egd() wasn't
> introduced until OpenSSL 0.9.5). This would also benefit from a command
> line option to specify the egd socket. EGD = Entrophy Gathering Daemon.
>
> 2 - Use RAND_screen() for windows based systems (gets random data off the
> screen).
>
> 3 - Allow a user-specified file for reading random data from with
> RAND_load_file()
>
> 4 - Use RAND_file_name() to get what default file (if any) to read random
> data from. (This seems to be done in the lynx code)
>
> 5 - *then* you go with the srand(), time and pid seeding stuff.
I'm no expert on openssl, but that looks pretty reasonable, and it's
probably just a couple more calls, so not hard to do? As long as the
srand()&all stuff is there as a final default.
Thanks,
karl
