apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <...@manyfish.co.uk>
Subject Re: apr_generate_random_bytes() blocks forever
Date Tue, 11 Mar 2003 21:33:16 GMT
On Tue, Mar 11, 2003 at 02:31:32PM -0800, Ben Collins-Sussman wrote:
>  RedHat 7.2 machine, I just built the latest Subverison
> 0.19 sourceball:  I can't create a new repository now.  'svnadmin
> create' just sits forever, waiting for /dev/random to decide it has
> enough entropy.

The APR behaviour hasn't changed here though, has it? (it shouldn't have
AFAIK)

> This is because 'svnadmin create' is trying to generate a repository
> UUID (apr_uuid_get()), which calls apr_generate_random_bytes(), which
> is opening /dev/random on this box, which is blocking forever.
> 
> I haven't yet figured out why this particular libc is taking forever
> to gather entropy -- but regardless, no spec is being violated.
> 
> Shouldn't apr_generate_random_bytes() being using /dev/urandom
> instead?  According to thom, ./configure picks up 'random' before
> 'urandom', and substitutes whichever it finds first.  I think this is
> a Bad Thing.  urandom should be preferred, no?
> 
> Sander says there was a long thread about this, about how people
> wanted "strong random", but now we're stuck with a situation where
> apr_uuid_get() can block indefinitely...   :-(

Workarounds are:

1. configure --with-devrandom=/dev/urandom
2. (while sleep 120; do ls -laR / > /dev/random; done) &

A solution is probably to add an apr_generate_quite_random_bytes() or
something which prefers /dev/urandom over /dev/random, and/or times out
reads from /dev/random and falls back on urandom, etc etc.

joe

Mime
View raw message