apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@attglobal.net>
Subject Re: [PATCH] get mod_ssl to work again
Date Thu, 20 Dec 2001 20:11:54 GMT
Justin Erenkrantz <jerenkrantz@ebuilt.com> writes:

> I think that truerand isn't installed in enough places that it 
> merits our redistribution in APR.  -- justin

+1 in general...  AIX, OS/390, Tru64, HP-UX, older Solaris are
platforms I play on that don't have /dev/*random (leaving
mod_auth_digest unsupported)

But if you look at how truerand.c actually works, it is questionable
that APR should support it as-is because of its use of signals.  I
don't think APR should be mucking around with signals like that.

truerand is supposedly pretty slow anyway.  Perhaps we can make it
enen slower such by making it do its magic in a separate process to
avoid any interference with the signalling already in place?

Maybe the first time apr_generate_random_bytes() is called we
create a separate process where the truerand stuff runs and we talk to
it through a pipe?  That is sort of like the entropy-gathering daemons
folks are using already except that it is handled under the covers by
APR.  Or until somebody screams have it fork, do its magic, and exit
to avoid process cleanup problems?

-- 
Jeff Trawick | trawick@attglobal.net | PGP public key at web site:
       http://www.geocities.com/SiliconValley/Park/9289/
             Born in Roswell... married an alien...

Mime
View raw message