New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use arc4random_buf instead of rand on NetBSD #3540
Use arc4random_buf instead of rand on NetBSD #3540
Conversation
Avoid old implementation of rand returning numbers with cyclical lower bits. Allow tests to pass. Signed-off-by: gufe44 <gu981@protonmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. The change looks good but could you add a change log entry for this please?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good but it would be good to squash the last 2 commits together.
Signed-off-by: gufe44 <gu981@protonmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me.
Thanks for your contribution! One thing though: if the issue prevented some test from passing, I'd call that a bug fix, not just an enhancement. As a general rule, we backport bug fixes to our LTS branches (currently 2.7 and 2.16). Would you be willing to create those backports? It would involve raising two PRs, one based on mbedtls-2.16, one on mbedtls-2.7, with the same patches as this one (usually Otherwise we could handle the backports ourselves, but we do appreciate when contributors can take care of them as well. |
Signed-off-by: gufe44 <gu981@protonmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you very much. I have prepared the backport branches. |
This older implementation of rand generates the same small set of random numbers (or rather their lower bits) over and over again. A number of tests do not complete because of this. There exists already a conditional for OpenBSD making use of arc4random_buf instead which is also included in the C standard Library of NetBSD.
Backports: #3559 #3560