UUID: Use the non-cryptographic variant of the boost::uuid

Since Boost 1.67.0 the default UUID generator is cryptographically
strong, which is neat but quite slower. Since we don't need that,
just use the fastest version.

diff --git a/pdns/uuid-utils.cc b/pdns/uuid-utils.cc
index 12340aefce6ae168d612e4e03c5558fbf8d84d9f..c59e0a0d0daae040c81bbfbb29357017690e5814 100644 (file)
--- a/pdns/uuid-utils.cc
+++ b/pdns/uuid-utils.cc
@@ -32,10 +32,15 @@
 
 #include <boost/uuid/uuid_generators.hpp>
 
-thread_local boost::uuids::random_generator t_uuidGenerator;
+// The default of:
+// boost::uuids::random_generator
+// is safe for crypto operations since 1.67.0, but much slower.
+thread_local boost::uuids::basic_random_generator<boost::random::mt19937> t_uuidGenerator;
 
 boost::uuids::uuid getUniqueID()
 {
+  // not safe for crypto, but it could be with Boost >= 1.67.0 by using boost::uuids::random_generator,
+  // which is slower
   return t_uuidGenerator();
 }
 

diff --git a/pdns/uuid-utils.hh b/pdns/uuid-utils.hh
index 3aa7844b3a4a0645d45480c2b083183b3869946c..c1f78d7151eaccbb403d36656989baadd6ae4f3e 100644 (file)
--- a/pdns/uuid-utils.hh
+++ b/pdns/uuid-utils.hh
@@ -24,5 +24,6 @@
 #include <boost/uuid/uuid.hpp>
 #include <boost/uuid/uuid_io.hpp>
 
+/* Not safe for crypto, see the definition for more information */
 boost::uuids::uuid getUniqueID();
 boost::uuids::uuid getUniqueID(const std::string& str);