[PATCH] Update to the Samba crypto requirements document

Volker Lendecke Volker.Lendecke at SerNet.DE
Wed Jan 3 11:58:50 UTC 2018

On Wed, Jan 03, 2018 at 12:53:18PM +0100, Andreas Schneider via samba-technical wrote:
> > > We could also use gnutls_rnd() in generate_random_buffer() which would be
> > > much faster than opening /dev/urandom.
> > 
> > Do we depend on gnutls even for the plain simple file server?
> We don't depend on gnutls for Samba FS (yet).

So gnutls_rnd() would have to be #ifdef'ed.

If you look at commit e73ccc06, when I changed to always use
/dev/urandom, I did measure the speed, and it was not bad. How much
better is gnutls_rnd(), and does it handle fork() well? We should not
run into the situation where two smbds have the same random source in
user space.


SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de

More information about the samba-technical mailing list