httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Felt <mamf...@gmail.com>
Subject Re: Problem with building httpd without /dev/random, link of htpasswd fails: ERROR: Undefined symbol: .apr_generate_random_bytes
Date Wed, 13 Oct 2010 08:47:04 GMT
I understand that apr does not offer true randomness, but the only place in
the code requiring a call to apr_generate_random_bytes() was in htpasswd.c -
the rest compiled fine, and it seems to run.

The function calling apr_generate_random_bytes() is a static routine called
seed_rand(), apparantly to set a random seed for the srand() routine.

I do not know the history, however, I would like to note that htdigest (in
utilties) does not need apr_generate_random_bytes (while the disabled mod
mod_digest_auth does, and I can understand the desire to be resetting the
srand key with true randomness when using it).

As it is "only" htpasswd I modified htpasswd as follows:

======
static apr_status_t seed_rand(void)
{
    int seed = 0;
    apr_status_t rv;
#ifdef _AIX
#include <time.h>
        struct timespec tp;
#ifdef CLOCK_MONOTONIC
        clock_gettime(CLOCK_MONOTONIC,&tp);
#else
        clock_gettime(CLOCK_REALTIME,&tp);
#endif
        seed = tp.tv_nsec % 10000;
#else
    rv = apr_generate_random_bytes((unsigned char*) &seed, sizeof(seed));
    if (rv) {
        apr_file_printf(errfile, "Unable to generate random bytes: %pm" NL,
&rv);
        return rv;
    }
#endif
    srand(seed);
    return rv;
}
======
Note, AIX 4.3.3 does not know about CLOCK_MONOTONIC (which is relate to boot
and cannot be modified by any normal means, whereas CLOCK_REALTIME is
effected by calls to setclock() etc.)

Not that I expect you to adopt this lol@me, but I did want to inform you of
what I see as a idiosyncrancy in the why configure works with the main
package, but not with the utilities.

regards,
Michael

On Tue, Oct 12, 2010 at 6:15 PM, William A. Rowe Jr. <wrowe@rowe-clan.net>wrote:

> On 10/12/2010 10:47 AM, Michael Felt wrote:
> >
> > I have the disable of auth_digest because configue complained that it
> could not complete
> > without /dev/random or egb installed. I prefer not to install egb.
> >
> > Suggestions for how I can 'neatly' satisfy htpasswd need for
> apr_generate_random_bytes()
> > are appreciated!
>
> You can't, you need entropy, and apr does not offer a pseudo-random
> generator of its own.
>
>

Mime
View raw message