[squid-dev] [PATCH] convert digest_nonce_h to MEMPROXY_CLASS

Amos Jeffries squid3 at treenet.co.nz
Sun Sep 27 10:51:58 UTC 2015


On 27/09/2015 10:30 p.m., Kinkie wrote:
> .. and remove one XXX in the process.
> Not much to add besides the subject.
> 
> build- and lightly run-tested, seems to be ok.
> Big-context patch attached.
> 

Two big problems stand right out.

* The static random and distribution objects were specificaly internal
to a function in order so that they got initialized on first use, but
did not get initialized if never used.

That is somewhat important to a) save the machine available entropy bits
for other useswhen Digest is not configured, and b) decrease the
probability that the workers initialize them within the same second -
they only get initialized on first traffic request handled, not during
the startup second. And so the seeding can survive fork()'ing.


* the contents of authenticateDigestNonceNew() should be in the nonce
object ctor, or at least a method called by it.

* the contents of authenticateDigestNonceDelete() should be the nonce
objects dtor.


Amos



More information about the squid-dev mailing list