mod_auth_digest.c will refuse to build if APR_HAS_RANDOM is not available. Which is a clean solution.
However apr-util/crypto/getuuid.c provides a *sort of* random implementation where APR_HAS_RANDOM is not available in two functions. in the true_random() we have this nice note:
/* crap. this isn't crypto quality, but it will be Good Enough */
This seems fishy, user that doesn't have the random library installed may falsely think that his apps are safe, since apr-util does absolutely nothing in order to warn the user of a potential problem. Unless I'm missing it.
I'd suggest to refuse to compile, till a user explicitly provides a flag saying: --I_do_not_care_about_security, which may trigger some action on their behalf if they are going to use this function. May be we shouldn't make it too hard on the users who don't use these functions, so instead we could have a run-time assertion, which will be disabled if re-compiled with --I_do_not_care_about_security.
__________________________________________________________________ Stas Bekman JAm_pH ------> Just Another mod_perl Hacker http://stason.org/ mod_perl Guide ---> http://perl.apache.org mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com http://modperlbook.org http://apache.org http://ticketmaster.com
