On Friday 31 August 2012, Eric Covener wrote: > I'm fighting a problem on new releases of AIX where in some > environments, /dev/random seems to run out of entropy way too > quick. > > I'd like a way to suppress the apr_uuid_get-> > apr_generate_random_bytes() in mod_proxy_balancer used for the > balancer-manager nonce in affected environments. > > I was thinking a global "BalancerManager off" could be used for > this and would also have the upside of fixing the SetHandler > htaccess problem. > > Alternatives would be to find a weaker source for the nonce, or > allow tto opt out / use a hard-coded one. > > Any suggestions?
For 2.4, you could use ap_random_insecure_bytes(). It should be good enough for a nonce. If you add a "BalancerManager off", it should be per directory, or at least per vhost. Otherwise it would not help that much with the SetHandler htaccess problem.