apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: PR #44881
Date Mon, 28 Apr 2008 22:33:26 GMT
Lucian Adrian Grijincu wrote:
> Wouldn't adding a new function be more suitable?
> http://apr.apache.org/docs/apr/1.2/group__apr__random.html:
> apr_generate_random_bytes says it will "Generate random bytes". This
> says nothing about the "pseudo-" vs. "true-" randomness of the
> generated array.
> apr_generate_random_bytes_ex with an extra "flags" field seems a better way:
> * APR_RANDOM_TRUE - a true random source, return an error if no true
> random source is found on the system.
> * APR_RANDOM_PSEUDO - a pseudo
> * we could provide a O_NONBLOCK like flag: if specified when using
> APR_RANDOM_TRUE and the source does not have enough bits we can return
> an error.

Interesting thought, keep in mind the other half of the issue is the number
of times we consume generate_random_bytes ourselves from other functions,
you'll have to suggest which should be pseudo, which should be truly random
and which should be configurable.

View raw message