[
https://issues.apache.org/jira/browse/SOLR-10338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hoss Man updated SOLR-10338:
----------------------------
Attachment: SOLR-10338.patch
Mihaly: my concern with your latest patch (other then a small missues of
securityEgdValue instead of algorithm in the final assert) is that it doesn't
check the "test.solr.allowed.securerandom" sys property until *AFTER* calling
{{System.setProperty("java.security.egd",...)}} ... if the user has gone out of
their way to say "let me use the secure random i want" then we shouldn't be
mucking with their source of randomness at all.
Attached patch reorders things a bit ... i've only done cursory testing but i
think it's correct.
what do you think?
> Configure SecureRandom non blocking for tests.
> ----------------------------------------------
>
> Key: SOLR-10338
> URL: https://issues.apache.org/jira/browse/SOLR-10338
> Project: Solr
> Issue Type: Sub-task
> Reporter: Mihaly Toth
> Assignee: Mark Miller
> Fix For: 6.6, master (7.0)
>
> Attachments: SOLR-10338.patch, SOLR-10338.patch, SOLR-10338.patch,
> SOLR-10338.patch, SOLR-10338.patch, SOLR-10338.patch, SOLR-10338.patch
>
>
> It would be best if SecureRandom could be made non blocking. In that case we
> could get rid of random entropy exhaustion issue related to all usages of
> SecureRandom.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
