Menu
▾
▴
#45 Usage of SecureRandom hangs dnsjava
UDPClient uses an instance of SecureRandom. SecureRandom instances on Linux are quite problematic in you require many bits, because they depend on the entropy generator and will hang if there are no bits available. We are solving millions of DNS queries in our crawler and we see dnsjava calls stuck waiting for SecureRandom to return a value.
We will recompile the sources and replace SecureRandom with
http://dsiutils.dsi.unimi.it/docs/it/unimi/dsi/util/XorShift1024StarRandomGenerator.html
If there is no security issue involved, we suggest that the same is done in the main trunk.
There is a security issue involved. SecureRandom is the standard method for obtaining secure random numbers, and replacing its use with a third-party library that I've never heard of recommended by someone that I don't know anything about would be a huge security risk.
If you want to replace the random number generator in your code, feel free. There may also be a way to add a new security provider in such a way that instances of SecureRandom use that provider instead of the default, but I'm not all that familiar with those interfaces.