Lucian Adrian Grijincu wrote:
Wouldn't adding a new function be more suitable?
http://apr.apache.org/docs/apr/1.2/group__apr__random.html:
apr_generate_random_bytes says it will "Generate random bytes". This
says nothing about the "pseudo-" vs. "true-" randomness of the
generated array.
apr_generate_random_bytes_ex with an extra "flags" field seems a better way:
* APR_RANDOM_TRUE - a true random source, return an error if no true
random source is found on the system.
* APR_RANDOM_PSEUDO - a pseudo
* we could provide a O_NONBLOCK like flag: if specified when using
APR_RANDOM_TRUE and the source does not have enough bits we can return
an error.
Interesting thought, keep in mind the other half of the issue is the number
of times we consume generate_random_bytes ourselves from other functions,
you'll have to suggest which should be pseudo, which should be truly random
and which should be configurable.
