Removal of support for systems without /dev/urandom.
Andreas Schneider
asn at samba.org
Fri Feb 21 07:46:42 MST 2014
On Saturday 15 February 2014 10:07:22 Ira Cooper wrote:
> This is a patch to clean up 2 Coverity issues that really pointed at a
> larger issue in our code base.
>
> The code used for seeding the random number generator, without
> /dev/urandom, is not currently insecure, but it is time to deal with it
> before it becomes so.
>
> I've put a check into waf to break configure if it can not find
> /dev/urandom. If you defeat that, you will run into a #error compiling
> without /dev/urandom. If you get past all that... you get what you deserve
> ;).
>
> I hope that is sufficient to warn people about the change.
Reviewed-by: Andreas Schneider <asn at samba.org>
I think someone else should look at it too. I think this is critical code so
more eyes are better.
-- andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the samba-technical
mailing list