apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lucian Adrian Grijincu" <lucian.griji...@gmail.com>
Subject Re: PR #44881
Date Tue, 29 Apr 2008 02:41:50 GMT
On Tue, Apr 29, 2008 at 1:33 AM, William A. Rowe, Jr.
<wrowe@rowe-clan.net> wrote:
> Lucian Adrian Grijincu wrote:
> > Wouldn't adding a new function be more suitable?
seems somebody already did all the work and committed it to trunk :)
http://apr.apache.org/docs/apr/trunk/group__apr__random.html

>  Interesting thought, keep in mind the other half of the issue is the number
>  of times we consume generate_random_bytes ourselves from other functions,
>  you'll have to suggest which should be pseudo, which should be truly random
>  and which should be configurable.
find . | xargs grep apr_generate_
tells (beside tests) only of apr-util/crypto/getuuid.c and I couldn't
see where a *true* random number was needed.
These things considered, for 1.2.x DEV_RANDOM can be defined to a
lower quality random number generator
if one is available.
-    for f in /dev/arandom /dev/random /dev/urandom; do
+    for f in /dev/arandom /dev/urandom /dev/random; do
both arandom and urandom are pseudo-random number generators and
should be tested first.


a bit of ugliness I stumbled upon:
http://svn.apache.org/viewvc/apr/apr-util/trunk/crypto/getuuid.c?view=markup

/* true_random -- generate a crypto-quality random number. */
static int true_random(void)
{
    apr_uint64_t time_now;

#if APR_HAS_RANDOM
    unsigned char buf[2];

    if (apr_generate_random_bytes(buf, 2) == APR_SUCCESS) {
        return (buf[0] << 8) | buf[1];
    }
#endif

    /* crap. this isn't crypto quality, but it will be Good Enough */

    time_now = apr_time_now();
    srand((unsigned int)(((time_now >> 32) ^ time_now) & 0xffffffff));

    return rand() & 0x0FFFF;
}


the true_random function, which should "generate a crypto-quality random number"
falls back on "rand()"
  man 3 rand
  The  rand()  function  returns  a  pseudo-random  integer ...

The code that uses `true_random' doesn't seem to need a crypto-quality
random number.
Shouldn't this be properly renamed as "get_pseudo_random_number()" or
something like it.

-- 
Lucian

Mime
View raw message