Removal of support for systems without /dev/urandom.
abartlet at samba.org
Wed May 14 00:53:15 MDT 2014
On Sat, 2014-02-22 at 21:57 +1300, Andrew Bartlett wrote:
> On Sat, 2014-02-22 at 03:46 +0000, Ira Cooper wrote:
> > I'd like a 2nd reviewer, and a general signoff "Yes, we are ok ditching
> > support for those old systems."
> > Thanks,
> > -Ira
> We now always build with Kerberos, so why not make it the responsibility
> of the kerberos library? (We will need that part to work anyway).
> Heimdal has krb5_generate_random_block which does not require any
> library set up, and MIT has krb5_c_random_make_octets but which needs a
> krb5 context.
> Or we could make the test be Heimdal or /dev/urandom for simplicity.
> The Heimdal sources seem to indicate alternate possible devices
> of /dev/srandom and /dev/arandom for what it's worth.
I would propose either using Heimdal or requiring /dev/urandom. At
least the Heimdal code would have been looked at by genuine
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical