Return-Path: 
 <dev-return-5269-apmail-apr-dev-archive=apr.apache.org@apr.apache.org>
Delivered-To: apmail-apr-dev-archive@apr.apache.org
Received: (qmail 65600 invoked by uid 500); 30 Dec 2001 07:29:49 -0000
Mailing-List: contact dev-help@apr.apache.org; run by ezmlm
Precedence: bulk
List-Post: <mailto:dev@apr.apache.org>
List-Help: <mailto:dev-help@apr.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@apr.apache.org>
List-Subscribe: <mailto:dev-subscribe@apr.apache.org>
Delivered-To: mailing list dev@apr.apache.org
Received: (qmail 65589 invoked from network); 30 Dec 2001 07:29:49 -0000
Date: Sat, 29 Dec 2001 23:30:00 -0800
From: Justin Erenkrantz <jerenkrantz@ebuilt.com>
To: Ben Laurie <ben@algroup.co.uk>
Cc: dev@apr.apache.org
Subject: Re: random number generation
Message-ID: <20011230072959.GA3904@ebuilt.com>
References: <20011229060609.GR29284@ebuilt.com>
 <3C2E34E2.351B87E2@algroup.co.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3C2E34E2.351B87E2@algroup.co.uk>
User-Agent: Mutt/1.3.23.2i
X-AntiVirus: scanned for viruses by AMaViS 0.2.1-pre3 (http://amavis.org/)
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

On Sat, Dec 29, 2001 at 09:25:54PM +0000, Ben Laurie wrote:
> I'm completely opposed to us subverting the whole entropy question. It
> is absolutely unacceptable for Apache to ship with anything that will
> "fix" the problem of insufficient entropy in any way other than
> providing sufficient entropy. If this means people have to think, well
> that's just tough.

I hope that the "people have to think" is us - the developers - not
the end-users.  In my experience, the biggest end-user roadblock for
OpenSSL on Solaris has been its lack of a built-in entropy gatherer.
I would like to produce a better end-user experience for APR-using 
programs (such as httpd and flood).

> BTW, EGD is a cross-platform entropy gatherer. And Solaris has patches
> to provide /dev/random.

I notice that EGD's README indicates that its entropy pool may not
be large enough to deal with OpenSSL directly.  Is this true?  
Would we have to be careful if we code apr_generate_random_bytes
to use EGD?  Could we also live with a requirement of perl for 
proper operation on these non-/dev/random platforms?  

A slightly better alternative to EGD is PRNGd (C-based):

http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html

PRNGd seems to attempt to solve a lot of the issues with EGD.

I must state that I'm leery on relying on an external program 
that must be started before all other programs in order to ensure
proper operation.  We could certainly have this as another option
in our fallback arsenal though.

I believe that the /dev/random patch you are talking about for
Solaris is here: http://www.cosy.sbg.ac.at/~andi/.  I would be 
hesistant to recommend a third-party kernel patch for Solaris.
I've heard rumours of a Sun patch though, but this problem would
still occur on non-patched systems and other platforms (AIX).

Have you seen how OpenSSH gathers entropy in its portable version?
They have an essentially in-process portable EGD (see WARNING.RNG).
Do you have any experience or comments about this approach?  Since 
it is BSD-licensed, I imagine that we could easily incorporate
this code and APR-ize it.  -- justin