VOTE Apply PR#9084 reverting DEVRANDOM_WAIT
Kurt Roeckx
kurt at roeckx.be
Fri Jun 7 18:04:55 UTC 2019
On Fri, Jun 07, 2019 at 01:28:30PM -0400, Viktor Dukhovni wrote:
>
> I think that having the RNG behaviour capriciously different on
> different systems based on the whims of whoever built the library
> for that system is not a good idea. OpenSSL should provide an RNG
> that does not block "unexpectedly", indefinitely, and unpredictably.
>
> Where "unexpectedly", means except possibly early at boot time, but
> ideally waiting for boot-time entropoy is something that systemd
> and the like take care of, and application start scripts can just
> register a dependency on some sort of "entropy" service, whose
> successful initialization is sufficient to ensure adequately secure
> non-blocking seeding of applications via one of getentropy(),
> getrandom(), /dev/urandom...
>
> That is, I'd expect most of the work for ensuring adequate entropy
> to happen outside libcrypto, except for perhaps enabling some
> additional sources that may be available on various systems.
It seems unlikely that anything related to this will ever change,
but we can always ask.
The reason I think nothing will change is that the problem is
already solved, use getentropy()/getrandom(). The init system would
need to create this kind of service, and then all software not using
getentropy()/getrandom() would need to depend on that service. It
would be eaier to just switch that software to use
getentropy()/getrandom().
Changing the init system, means that this will only work for new
versions of an OS. But on those new versions we already use
getentropy()/getrandom(). What we want to support is people that
use an old OS, but run a new version of OpenSSL on it. That is,
people that do not use the OS provided OpenSSL version.
Kurt
More information about the openssl-project
mailing list