httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Fritsch ...@sfritsch.de>
Subject Re: how to avoid balancer manager nonce?
Date Fri, 31 Aug 2012 18:14:56 GMT
On Friday 31 August 2012, Eric Covener wrote:
> I'm fighting a problem on new releases of AIX where in some
> environments, /dev/random seems to run out of entropy way too
> quick.
> 
> I'd like a way to suppress the apr_uuid_get->
> apr_generate_random_bytes() in mod_proxy_balancer used for the
> balancer-manager nonce in affected environments.
> 
> I was thinking a global "BalancerManager off" could be used for
> this and would also have the upside of fixing the SetHandler
> htaccess problem.
> 
> Alternatives would be to find a weaker source for the nonce, or
> allow tto opt out / use a hard-coded one.
> 
> Any suggestions?

For 2.4, you could use ap_random_insecure_bytes(). It should be good 
enough for a nonce.

If you add a "BalancerManager off", it should be per directory, or at 
least per vhost. Otherwise it would not help that much with the 
SetHandler htaccess problem.

Mime
View raw message