[Jonathan Nieder]
> state = apr_random_standard_new(pool);
>
> for (;;) {
> while (apr_random_secure_ready(state) == APR_ENOTENOUGHENTROPY)
> {
> apr_generate_random_bytes(buf, sizeof(buf));
> apr_random_add_entropy(state, buf, sizeof(buf));
> }
>
> apr_random_secure_bytes(state, ret, n);
> yield;
> }
The problem is that svnserve is often used in 'inetd' mode, one
connection per process. I've recommended that for years, as being
easier and less hassle than managing a separate daemon. Given inetd
mode, your approach will exhaust /dev/random just as fast as the status
quo.
(Also, and this is minor, those functions didn't exist in apr 0.9, for
those poor souls still needing to build Subversion on platforms with
Apache 2.0. I don't _think_ we've ever dropped support for our
original apr platform, have we?)
--
Peter Samuelson | org-tld!p12n!peter | http://p12n.org/
