Joe Orton wrote:
Given the lack of such a guarantee, nobody would presume the data is suitable for cryptographic use, e.g. private keys. So I think it's right to make it fast at the expense of strength, and it should prefer /dev/urandom over /dev/random. (In Fedora we've been building APR to use /dev/urandom forever, FWIW)
Then I suggest we change the defaults, if this is what people (probably other distributions as well) use in *practice*.
I proposed a new API something like Lucian describes above, way back when: http://markmail.org/message/f7on762ulztbmocr
:) This _ex() api can certainly still be added to 1.4 and given some clues to pick from one of several sources.
In retrospect, I don't think it's a good idea for APR to venture further into this domain without a thorough review of what different randomness sources are available on different OSes, what are the common denominators, etc. The previous effort at providing something more general here is completely unused (apr/random) and been a waste of space AFAICT.
Well, some general level of randomness is necessary, it's certainly one of many portability problems to be solved. Given that in reality OS distributors have changed the preference in order to attain non-blocking behavior, and this is not used by us for crypto, let's move forward with the urandom patch, eh? Bill
