This patch adds support for using the arc4random API as an entropy source. The arc4random API originates from OpenBSD where it supersedes random(3), rand(3), and files in the /dev filesystem: http://man.openbsd.org/arc4random The arc4random_buf() function maps 1:1 onto apr_generate_random_bytes().
This patch was written by Christian Weisgerber, who asked me to push this work upstream on his behalf. Index: configure.in =================================================================== --- configure.in (revision 1813380) +++ configure.in (working copy) @@ -2453,6 +2453,8 @@ else fi dnl ----------------------------- Checking for /dev/random +AC_CHECK_FUNCS(arc4random_buf) + AC_MSG_CHECKING(for entropy source) why_no_rand="" @@ -2471,6 +2473,13 @@ AC_ARG_WITH(egd, ]) if test "$rand" != "1"; then + if test "$ac_cv_func_arc4random_buf" = yes; then + AC_MSG_RESULT(arc4random) + rand="1" + fi +fi + +if test "$rand" != "1"; then AC_ARG_WITH(devrandom, [ --with-devrandom[[=DEV]] use /dev/random or compatible [[searches by default]]], [ apr_devrandom="$withval" ], [ apr_devrandom="yes" ]) Index: misc/unix/rand.c =================================================================== --- misc/unix/rand.c (revision 1813380) +++ misc/unix/rand.c (working copy) @@ -87,8 +87,12 @@ APR_DECLARE(apr_status_t) apr_os_uuid_get(unsigned APR_DECLARE(apr_status_t) apr_generate_random_bytes(unsigned char *buf, apr_size_t length) { -#ifdef DEV_RANDOM +#ifdef HAVE_ARC4RANDOM + arc4random_buf(buf, length); + +#elif defined(DEV_RANDOM) + int fd = -1; /* On BSD/OS 4.1, /dev/random gives out 8 bytes at a time, then