Re: [PATCH] Re: [RFC] ra_svn::make_nonce: how to cope with entropy shortages?
From: Jonathan Nieder <jrnieder_at_gmail.com>
Date: Thu, 3 Nov 2011 17:29:51 -0500
Peter Samuelson wrote:
> The problem is that svnserve is often used in 'inetd' mode, one
True. Well, to avoid exhausting /dev/random, one needs some fallback
- in 'inetd' mode, I guess the pid could work.
Using the timestamp as nonce feels a little silly, given that the
<nonce.timestamp_at_hostname>
Though it's better than just using nonce=0, say (since some
The random(4) manpage says:
If you are unsure about whether you should use /dev/random or
APR was fixed accordingly in version 1.3.3 (see r652830,
$ strings /usr/lib/libapr-1.so.0.4.5 | grep dev
I see that Debian has the fix.
If refining the Debian-specific code here, please consider patching
Sorry to have been taking so long to figure this one out.
|
This is an archived mail posted to the Subversion Dev mailing list.
This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.