$OpenBSD: patch-base_src_common_PRNG_c,v 1.1 2002/08/28 22:23:29 todd Exp $
--- base/src/common/PRNG.c.orig	Thu Jul 18 20:30:48 2002
+++ base/src/common/PRNG.c	Wed Aug 28 14:26:40 2002
@@ -75,18 +75,17 @@ void initialize_PRNG(void)
   if(getenv("RANDFILE"))
     RAND_load_file(getenv("RANDFILE"), MAX_READ);
 
-  /* We limit gathering entropy from EGD to only 128 bytes. This is because
-       a) EGD is slow
-       b) EGD will sometimes crash if too many requests come in. I reported
-          this to the author a few months ago, but never got a response.
-       c) EGD gathers entropy at a not very fast rate; if we read much
-          more than this, we'll probably start running out, which would
-          be bad, especially for the client (several invocations might occur
-          over the course of only a few minutes)
+  /* We limit gathering entropy from an EGD socket to only 128 bytes to work
+     around some flaws in the design of EGD (in particular, EGD is slow, it
+     will crash if too many requests come in too fast, it gathers entropy
+     slowly, and it will block if it doesn't have enough).
 
-     However, EGD is by far the best choice for a RNG on systems that don't
-     have /dev/random, so it seems wise to support it.
-   */
+     I (Jack L) recommend using PRNGD (a fast and stable EGD clone written in
+     C) instead of EGD for these reasons.
+
+     RAND_egd_bytes is only available in OpenSSL 0.9.6 and up. However, given
+     that 0.9.5 and previous versions have exploitable overflows, this is not a
+     major concern.  */
   if(getenv("EGD_PATH"))
     RAND_egd_bytes(getenv("EGD_PATH"), 128);
 
@@ -96,3 +95,4 @@ void initialize_PRNG(void)
     THROW(ExPrngError, "Insufficient randomness to seed the PRNG");
   }
 }
+
