On Sat, May 31, 2008 at 12:00:55AM +0200, Ruediger Pluem wrote: > On 05/30/2008 01:49 PM, [EMAIL PROTECTED] wrote: >> URL: http://svn.apache.org/viewvc?rev=661666&view=rev >> Log: >> Prevent CSRF attacks against the balancer-manager (CVE-2007-6420) ... >> @@ -619,6 +622,27 @@ >> } >> } >> +/* post_config hook: */ >> +static int balancer_init(apr_pool_t *p, apr_pool_t *plog, >> + apr_pool_t *ptemp, server_rec *s) >> +{ ... >> + >> + apr_uuid_get(&balancer_nonce); > > Why don't we do apr_uuid_format already here and store the string directly?
Sorry I didn't get to this sooner! No reason at all - I've changed the code as you suggested in r663967; thanks for the review. (Since this is not performance critical code I think the 2.2.x backport is fine as-is) joe