On Tue, Mar 11, 2003 at 10:48:05PM +0100, Branko Äibej wrote: > Ben Collins-Sussman wrote: > > >Joe Orton <[EMAIL PROTECTED]> writes: > > > > > > > >>>Sander says there was a long thread about this, about how people > >>>wanted "strong random", but now we're stuck with a situation where > >>>apr_uuid_get() can block indefinitely... :-( > >>> > >>> > >>Workarounds are: > >> > >>1. configure --with-devrandom=/dev/urandom > >>2. (while sleep 120; do ls -laR / > /dev/random; done) & > >> > >>A solution is probably to add an apr_generate_quite_random_bytes() or > >>something which prefers /dev/urandom over /dev/random, and/or times out > >>reads from /dev/random and falls back on urandom, etc etc. > >> > >> > > > >Or gstein has suggested that apr_generate_random_bytes() can grow a > >new flag, indicating urandom is preferred. > > > > > That would look weird to APR users on systems that have never heard of > /dev/random and /dev/urandom (several come to mind, all of which use \ > for the path separator)
Why is it weird? The separate function or a flag would just be stating a preference for poor quality random data today over high quality random data tomorrow. Only platforms with /dev/urandom will act any different - on other platforms the implementation will be the same. > Whichever way you look at it, the interface looks broken to me... So what does a good interface look like? Regards, joe
