[EMAIL PROTECTED] writes:
> > 1 - Use RAND_egd() for reading true random data if such is available (this
> > needs to be checked for in the configure script, as RAND_egd() wasn't
> > introduced until OpenSSL 0.9.5). This would also benefit from a command
> > line option to specify the egd socket. EGD = Entrophy Gathering Daemon.
> >
> > 2 - Use RAND_screen() for windows based systems (gets random data off the
> > screen).
> >
> > 3 - Allow a user-specified file for reading random data from with
> > RAND_load_file()
> >
> > 4 - Use RAND_file_name() to get what default file (if any) to read random
> > data from. (This seems to be done in the lynx code)
> >
> > 5 - *then* you go with the srand(), time and pid seeding stuff.
>
> I'm no expert on openssl, but that looks pretty reasonable,
It does, but I've never done any SSL coding so I'll probably not get
around to it soon. Also, this kind of change will not make it to
1.7.1.
