[PATCH] Update to the Samba crypto requirements document
Volker.Lendecke at SerNet.DE
Wed Jan 3 11:58:50 UTC 2018
On Wed, Jan 03, 2018 at 12:53:18PM +0100, Andreas Schneider via samba-technical wrote:
> > > We could also use gnutls_rnd() in generate_random_buffer() which would be
> > > much faster than opening /dev/urandom.
> > Do we depend on gnutls even for the plain simple file server?
> We don't depend on gnutls for Samba FS (yet).
So gnutls_rnd() would have to be #ifdef'ed.
If you look at commit e73ccc06, when I changed to always use
/dev/urandom, I did measure the speed, and it was not bad. How much
better is gnutls_rnd(), and does it handle fork() well? We should not
run into the situation where two smbds have the same random source in
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba-technical