On Wed, 22 May 2002, Aaron Bannert wrote:
> On Wed, May 22, 2002 at 08:24:04PM -0700, Justin Erenkrantz wrote:
> > IIRC, /dev/random is a "better" source of entropy than /dev/urandom
> > because /dev/random can block waiting for good enough bits gathered
> > from the system while /dev/urandom must always spit out something, so
> > its entropy isn't guaranteed to be as good.
>
> You're correct, but it's the blocking part that's the problem here.
> I'm not sure how much entropy is required by mod_auth_digest, but
> something tells me that we need to do one of the following:
>
> 1) prefer /dev/urandom over /dev/random
> 2) disable mod_auth_digest by default [in binbuilds]
> 3) open /dev/random in non-blocking mode and defer EAGAIN reads
> until later (read it at startup; if it would block, try again when
> the entropy is actually needed, failing if it isn't ready by then
> -- no idea if this would even work).
Can we come to a consensus on this? For those just joining the
conversation, the problem is that APR's apr_generate_random_bytes()
currently prefers /dev/random over /dev/urandom, which causes Apache's
mod_auth_digest to hang at startup if there's not enough entropy available
from /dev/random. I proposed the following patch:
Index: configure.in
===================================================================
RCS file: /home/cvs/apr/configure.in,v
retrieving revision 1.449
diff -u -d -r1.449 configure.in
--- configure.in 14 May 2002 07:38:16 -0000 1.449
+++ configure.in 25 May 2002 21:22:39 -0000
@@ -1527,13 +1527,13 @@
dnl #----------------------------- Checking for /dev/random
AC_MSG_CHECKING(for /dev/random)
-if test -r "/dev/random"; then
- AC_DEFINE(DEV_RANDOM, [/dev/random])
- AC_MSG_RESULT(/dev/random)
- rand="1"
-elif test -r "/dev/urandom"; then
+if test -r "/dev/urandom"; then
AC_DEFINE(DEV_RANDOM, [/dev/urandom])
AC_MSG_RESULT(/dev/urandom)
+ rand="1"
+elif test -r "/dev/random"; then
+ AC_DEFINE(DEV_RANDOM, [/dev/random])
+ AC_MSG_RESULT(/dev/random)
rand="1"
else
case $host in
Thanks,
Cliff
