[PATCH] Always read from /dev/urandom
Andrew Bartlett
abartlet at samba.org
Mon Oct 12 18:38:38 UTC 2015
On Mon, 2015-10-12 at 20:25 +0200, Volker Lendecke wrote:
> Hi!
>
> When running smbd with open/close traffic, our md4 code starts to
> show
> up pretty high in profiles. This was due to the random number
> generation
> in smbXsrv_open.c and other places. Instead of tuning our random
> number
> generator, I decided to try just removing it. It turned out to be
> pretty
> successful.
>
> I know this might be controversial, so try the test prog yourself!
I'm impressed that this is faster than MD4 in userspace. Very
interesting!
The main risk would seem to be the abort() on lack of access to
/dev/urandom, it will be interesting to see if that finds places where
Samba fell back to poor internal entropy in the past.
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list