mod_gnutls's dhfile/rsafile generation

[Adam Gołębiowski]

Hi,

I was thinking about apache mod_gnutls's dhfile/rsafile files being
generate in %post, which could be done by something similiar to:

--- cut ---
%post
if [ "$1" = "0" ]; then
	d=/etc/httpd/tls
	[ -f "$d/dhfile" ] || /usr/bin/certtool --generate-dh-params --bits 1024 --outfile $d/dhfile
	[ -f "$d/rsafile" ] || /usr/bin/certtool --generate-privkey --bits 512 --outfile $d/rsafile
fi
--- cut ---

but the process may take some time on slower machines, or those where
/dev/random tends to block while waiting for entropy pool.

Comments?

-- 
 http://www.mysza.eu.org/ | Everybody needs someone sure, someone true,
   PLD Linux developer    | Everybody needs some solid rock, I know I do.