tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mladen Turk <mt...@apache.org>
Subject Re: svn commit: r1036595 - in /tomcat/trunk: java/org/apache/catalina/ java/org/apache/catalina/ha/session/ java/org/apache/catalina/session/ test/org/apache/catalina/session/
Date Mon, 29 Nov 2010 12:57:01 GMT
On 11/25/2010 05:33 PM, Mark Thomas wrote:
>
> How about this as an approach to reduce the complexity:
> 1. Remove the MD5 code (optional)
> 2. Default to /dev/urandom then SecureRandom. Don't fall back to Random.
> 3. Provide a class that implements Random that reads data from a file
> 4. If randomFile is specified, use the the class from 3 as the Random source
>
> That should reduce the current 3 Queues to one. I doubt it will improve
> performance much but it should make the code clearer.
>
> Thoughts?
>

How about using OS.random if APR is present?
It will use APR's apr_generate_random_bytes which
will OTOH use OS optimal random bytes generation
eg, dev random, EGD-socket, CryptGenRandom, ...



Regards
-- 
^TM

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message