[EMAIL PROTECTED] wrote:
> The patch allows systems that have /dev/random to use it instead of the
> slower Random. Instead of checking for OS==linux ( as in submited patch )
> we use an option of the module.
Cool.
> The code if the option "useDevRandom" is not set is the same as before.
> If you set useDevRandom="true" then /dev/random will be used.
Very cool. Where do I whack this option? server.xml? I know it must be a
silly question to ask on Tomcat Dev list... :-)
> ( Bojan - please review and let me know if it is not what you intended,
> I'm not sure if the /dev/ransom needs to be closed/open all the time )
I don't think it needs to be opened/closed all the time. Honestly I
can't say for sure. There must be some true Linux experts out there that
can enlighten us on that one. My knowledge is limited to the manual page
(man 4 random) where this file is explained as giving secure random
numbers. If 'entropy pool' is empty, /dev/random will block until this
pool is filled (ie. until there are events in the kernel that can fill
the pool again). The pool gets filled by the 'noise' produced by drivers
and other kernel sources. Whether opening and closing of the stream
makes a difference, I really couldn't say, but it seem to me that it
shouldn't (except for the fact that code execution itself might fill the
pool).
>From Tomcat's perspective it's really better to keep it open. It's going
to run faster. I'm guessing all open streams get closed when Tomcat is
shut down anyway, so that's fine.
And thanks for acting so quickly on this!
Bojan
