Hi Stefan, the patch looks very reasonable, thanks.
I plan to do something similar for the new linux' getrandom() syscall, so probably will commit both changes soon. Regards, Yann. On Fri, Nov 3, 2017 at 1:53 PM, Stefan Sperling <s...@apache.org> wrote: > Bump. Is this patch worth considering for APR? > > On Thu, Oct 26, 2017 at 12:56:13PM +0200, Stefan Sperling wrote: >> This patch adds support for using the arc4random API as an entropy source. >> >> The arc4random API originates from OpenBSD where it supersedes random(3), >> rand(3), and files in the /dev filesystem: http://man.openbsd.org/arc4random >> The arc4random_buf() function maps 1:1 onto apr_generate_random_bytes(). >> >> This patch was written by Christian Weisgerber, who asked me to push >> this work upstream on his behalf. >> >> Index: configure.in >> =================================================================== >> --- configure.in (revision 1813380) >> +++ configure.in (working copy) >> @@ -2453,6 +2453,8 @@ else >> fi >> >> dnl ----------------------------- Checking for /dev/random >> +AC_CHECK_FUNCS(arc4random_buf) >> + >> AC_MSG_CHECKING(for entropy source) >> >> why_no_rand="" >> @@ -2471,6 +2473,13 @@ AC_ARG_WITH(egd, >> ]) >> >> if test "$rand" != "1"; then >> + if test "$ac_cv_func_arc4random_buf" = yes; then >> + AC_MSG_RESULT(arc4random) >> + rand="1" >> + fi >> +fi >> + >> +if test "$rand" != "1"; then >> AC_ARG_WITH(devrandom, >> [ --with-devrandom[[=DEV]] use /dev/random or compatible [[searches >> by default]]], >> [ apr_devrandom="$withval" ], [ apr_devrandom="yes" ]) >> Index: misc/unix/rand.c >> =================================================================== >> --- misc/unix/rand.c (revision 1813380) >> +++ misc/unix/rand.c (working copy) >> @@ -87,8 +87,12 @@ APR_DECLARE(apr_status_t) apr_os_uuid_get(unsigned >> APR_DECLARE(apr_status_t) apr_generate_random_bytes(unsigned char *buf, >> apr_size_t length) >> { >> -#ifdef DEV_RANDOM >> +#ifdef HAVE_ARC4RANDOM >> >> + arc4random_buf(buf, length); >> + >> +#elif defined(DEV_RANDOM) >> + >> int fd = -1; >> >> /* On BSD/OS 4.1, /dev/random gives out 8 bytes at a time, then