...@lettink.de [mailto:fab...@lettink.de] On Behalf Of Fabian
> Knittel
> Sent: dinsdag 28 februari 2012 8:40
> To: Igor Novgorodov
> Cc: Adriaan de Jong; openvpn-devel@lists.sourceforge.net
> Subject: Re: [Openvpn-devel] [PATCH 01/02] Add support for PolarSSL
> 1.1.x branch
>
>
Hi Igor,
2012/2/28 Igor Novgorodov :
> On 28.02.2012 1:37, Fabian Knittel wrote:
>> Your patch removes the code that causes havege_init() to only be
>> called once. You never want to initialise your PRNG more than once,
>> otherwise you increase the risk that your randomness is predictable.
>> So
On 28.02.2012 1:37, Fabian Knittel wrote:
Hi Igor,
2012/2/27 Igor Novgorodov:
The attached patch adds checking for PolarSSL version on crypto_polarssl.c
and depending on which version we are using (1.0.x or 1.1.x) chooses a new
shiny havege_random() function, or an old ugly while{} loop hack to
Hi Igor,
2012/2/27 Igor Novgorodov :
> The attached patch adds checking for PolarSSL version on crypto_polarssl.c
> and depending on which version we are using (1.0.x or 1.1.x) chooses a new
> shiny havege_random() function, or an old ugly while{} loop hack to generate
> randomness.
Your patch re
Continuing to struggle with making OpenVPN as tiny as possible :)
The attached patch adds checking for PolarSSL version on
crypto_polarssl.c and depending
on which version we are using (1.0.x or 1.1.x) chooses a new shiny
havege_random() function,
or an old ugly while{} loop hack to generate r
