[openssl-dev] Work on a new RNG for OpenSSL
Kurt Roeckx
kurt at roeckx.be
Thu Aug 24 16:48:32 UTC 2017
On Wed, Aug 23, 2017 at 05:12:56PM -0400, Paul Kehrer wrote:
> On August 19, 2017 at 2:48:19 AM, Salz, Rich via openssl-dev (
> openssl-dev at openssl.org) wrote:
>
>
> I think the safest thing is for us to not change the default. Programs that
> know they are going to fork can do the right/safe thing. It would be nicer
> if we could automatically always do the right thing, but I don’t think it’s
> possible.
>
>
> It appears the current position is that since there will be edge cases
> where a reseed would fail (thus either halting the RNG or silently not
> reseeding it) that we should not attempt to reseed? I would argue it is
> better to attempt to reseed and document that edge cases may need to reseed
> themselves. This dramatically narrows the window from "everybody needs to
> do it" to "users in certain scenarios that are becoming rarer by the day
> need to do it". Given that backwards compatibility is a concern maybe
> failure to reseed on fork should only drop an error on the child process's
> error queue though? That behavior could potentially be a separate flag that
> OpenSSL uses by default (OPENSSL_TRY_TO_INIT_ATFORK), and then
> OPENSSL_INIT_ATFORK can be more strict about reseed failures if desired.
An idea that I had was to default to reseed on fork if we know we
have a working syscall.
Kurt
More information about the openssl-dev
mailing list