- Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection
patch.
- Adds timeout to entropy collection
- Disables slow entropy sources
- Load and save seed file
- Changed entropy seed code to user per-user seeds only (server seed is
saved in root's .ssh directory)
- Use atexit() and fatal cleanups to save seed on exit
diff --git a/configure.in b/configure.in
index fbf117b..c533d42 100644
--- a/configure.in
+++ b/configure.in
@@ -43,6 +43,7 @@
LDFLAGS="$LDFLAGS -L/usr/local/lib"
AC_DEFINE(IPADDR_IN_DISPLAY)
AC_DEFINE(USE_UTMPX)
+ AC_DEFINE(NEED_IN_SYSTM_H)
AC_MSG_CHECKING(for HPUX trusted system password database)
if test -f /tcb/files/auth/system/default; then
AC_MSG_RESULT(yes)
@@ -907,9 +908,24 @@
fi
]
)
+
AC_DEFINE_UNQUOTED(PIDDIR, "$piddir")
AC_SUBST(piddir)
+
+# Change default command timeout for builtin PRNG
+entropy_timeout=100
+AC_ARG_WITH(entropy-timeout,
+ [ --with-entropy-timeout Specify entropy gathering command timeout (msec)],
+ [
+ if test "x$withval" != "xno" ; then
+ entropy_timeout=$withval
+ fi
+ ]
+)
+AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
+
+
if test ! -z "$blibpath" ; then
LDFLAGS="$LDFLAGS -blibpath:$blibpath"
AC_MSG_WARN([Please check and edit -blibpath in LDFLAGS in Makefile])