Gordon Tyler wrote:
> If we can determine how to patch Paramiko to use the correct method for
> getting random data instead of using RandomPool, how hard would it be to
> include it in installers? Or, what would be the chances of getting it
> into a new release of Paramiko?
>
I think it would be essentially patching one file "paramiko/rng.py"
The StrongLockingRandomPool() class would need to be patched to use the
new functionality. I don't know if we could take it the step further and
get rid of StrongLockingRandomPool entirely, since it seems that the new
random stream functionality is done differently.
I haven't looked closely, but at least it looks like Crypto now does the
entropy seeding for you, rather than expecting the calling code to pass
in more entropy from time to time.
John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gordon Tyler wrote:
> If we can determine how to patch Paramiko to use the correct method for
> getting random data instead of using RandomPool, how hard would it be to
> include it in installers? Or, what would be the chances of getting it
> into a new release of Paramiko?
>
I think it would be essentially patching one file "paramiko/rng.py"
The StrongLockingRa ndomPool( ) class would need to be patched to use the ndomPool entirely, since it seems that the new
new functionality. I don't know if we could take it the step further and
get rid of StrongLockingRa
random stream functionality is done differently.
I haven't looked closely, but at least it looks like Crypto now does the
entropy seeding for you, rather than expecting the calling code to pass
in more entropy from time to time.
John
=:->
-----BEGIN PGP SIGNATURE----- enigmail. mozdev. org/
sB6MACgkQJdeBCY SNAAMsugCgidFbT av4lOoR1BgmYcST 0RE/ j2s5nK/ VYcenj9sM2
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://
iEYEARECAAYFAks
J9oAoKuLKp0ypvI
=57s7
-----END PGP SIGNATURE-----