Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support FreeBSD, NetBSD, OpenBSD, and Solaris using /dev/urandom. #874

Merged
merged 2 commits into from
Jul 16, 2019
Merged

Support FreeBSD, NetBSD, OpenBSD, and Solaris using /dev/urandom. #874

merged 2 commits into from
Jul 16, 2019

Conversation

briansmith
Copy link
Owner

No description provided.

@briansmith
Stop defining _XOPEN_SOURCE.
6b25b45 
It is no longer needed.
@briansmith briansmith self-assigned this Jul 16, 2019
@briansmith briansmith force-pushed the b/bsd-rand branch 2 times, most recently from 17f6d47 to 80baf18 Compare July 16, 2019 01:00
This was referenced Jul 16, 2019
Closed
Closed
@josephlr
Copy link
Contributor

josephlr commented Jul 16, 2019
edited
Loading

For OpenBSD, this is fine. /dev/random and /dev/urandom are the same, and aren't dumb.

For NetBSD, this is fine. NetBSD has nearly identical interfaces as Linux (including the #558).

For FreeBSD, we should use /dev/random. /dev/urandom isn't mentioned in the man pages, and /dev/random doesn't have the weird Linux problems, see the docs. EDIT: fixed an incorrect reference to FreeBSD docs.

For Solaris, it's really not clear which to use, the docs are bad, mentioning "higher-quality" and "lower-quality" randomness without explaining what those terms mean. The getrandom crate falls back to using /dev/random (see this note). Regardless of which is used, the data needs to be read in chunks, as there are hard limits to how many bytes can be read(2) at a time:

  • 1024 for /dev/random
  • 128*1024 for /dev/urandom

Some of these platforms (OpenBSD, FreeBSD, Solaris) have APIs like Linux's getrandom(2) that allow you to get randomness without holding on to a file descriptor. But that requires a bunch of target specific code.

An alternative would be to just use the getrandom crate.

@briansmith
Copy link
Owner Author

For FreeBSD, we should use /dev/random. /dev/urandom isn't mentioned in the man pages, and /dev/random doesn't have the weird Linux problems, see the docs. EDIT: fixed an incorrect reference to FreeBSD docs.

It's unfortunate that they never documented /dev/urandom. However, I verified /dev/urandom exists in every currently-supported (by freebsd.org) FreeBSD release.

@briansmith briansmith mentioned this pull request Jul 16, 2019
Closed
@josephlr
Copy link
Contributor

For FreeBSD, we should use /dev/random. /dev/urandom isn't mentioned in the man pages, and /dev/random doesn't have the weird Linux problems, see the docs. EDIT: fixed an incorrect reference to FreeBSD docs.

It's unfortunate that they never documented /dev/urandom. However, I verified /dev/urandom exists in every currently-supported (by freebsd.org) FreeBSD release.

So I found something weird, FreeBSD 4.11 does document /dev/urandom, but they stopped documenting it in 5.0, so using /dev/urandom is probably fine. The Solaris support could just be removed.

@briansmith
Copy link
Owner Author

For Solaris, it's really not clear which to use

My goal here is to make Solaris work again as well as it did in 0.14.6 (slightly better, in fact). I filed #876 to track improving Solaris support.

The Solaris support could just be removed.

It's now required by some commercial users of ring.

@briansmith briansmith merged commit 70e5d96 into master Jul 16, 2019
@josephlr
Copy link
Contributor

It's now required by some commercial users of ring.

Sounds good, makes sense to me.

@briansmith briansmith deleted the b/bsd-rand branch July 19, 2019 00:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@briansmith briansmith

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@briansmith @josephlr