Hi Igor,
2012/2/27 Igor Novgorodov <i...@novg.net>:
> The attached patch adds checking for PolarSSL version on crypto_polarssl.c
> and depending on which version we are using (1.0.x or 1.1.x) chooses a new
> shiny havege_random() function, or an old ugly while{} loop hack to generate
> randomness.
Your patch removes the code that causes havege_init() to only be
called once. You never want to initialise your PRNG more than once,
otherwise you increase the risk that your randomness is predictable.
So please revert that part of your patch.
(The rest looks fine, although I haven't tested it and don't have any
experience with PolarSSL.)
Cheers
Fabian
