UUID: Use the non-cryptographic variant of the boost::uuid

Since Boost 1.67.0 the default UUID generator is cryptographically strong, which is neat but quite slower. Since we don't need that, just use the fastest version.
PowerDNS · Dec 8, 2020 · 0acc8b3 · 0acc8b3
1 parent 714a6e1
commit 0acc8b3
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/pdns/uuid-utils.cc b/pdns/uuid-utils.cc
@@ -32,10 +32,15 @@
 
 #include <boost/uuid/uuid_generators.hpp>
 
-thread_local boost::uuids::random_generator t_uuidGenerator;
+// The default of:
+// boost::uuids::random_generator
+// is safe for crypto operations since 1.67.0, but much slower.
+thread_local boost::uuids::basic_random_generator<boost::random::mt19937> t_uuidGenerator;
 
 boost::uuids::uuid getUniqueID()
 {
+  // not safe for crypto, but it could be with Boost >= 1.67.0 by using boost::uuids::random_generator,
+  // which is slower
   return t_uuidGenerator();
 }
 

diff --git a/pdns/uuid-utils.hh b/pdns/uuid-utils.hh
@@ -24,5 +24,6 @@
 #include <boost/uuid/uuid.hpp>
 #include <boost/uuid/uuid_io.hpp>
 
+/* Not safe for crypto, see the definition for more information */
 boost::uuids::uuid getUniqueID();
 boost::uuids::uuid getUniqueID(const std::string& str);