[PATCH] Update to the Samba crypto requirements document
Volker Lendecke
Volker.Lendecke at SerNet.DE
Wed Jan 3 18:32:33 UTC 2018
On Wed, Jan 03, 2018 at 05:26:58PM +0100, Björn JACKE wrote:
> On 2018-01-03 at 15:54 +0100 Volker Lendecke via samba-technical sent off:
> > This says that glibc does not have a fallback to /dev/urandom if the
> > syscall is not around. That means we have to implement the fallback
> > ourselves in case we run with modern libc on an old kernel? Or shall
> > we just abort then?
>
> I think we should do the fallback in that case. It's not too unlikely that
> people use the latest patch level of a random distro but have to stick to a
> patch level 0 kernel because the latest kernel is not working. And we have to
> have the fallback code anyway...
If we need the fallback code anyway, and the getentropy call does not
prove a significant speed advantage, we should stick with the pretty
portable read of /dev/urandom.
Once every kernel that we have to run on has the syscall, we can
reconsider.
Just my 2ct.
Volker
>
> Björn
> --
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9
> AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
> http://www.sernet.de, mailto:kontakt at sernet.de
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba-technical
mailing list