From owner-freebsd-current  Sun Jan 20 13:33:15 2002
Delivered-To: freebsd-current@freebsd.org
Received: from avocet.prod.itd.earthlink.net (avocet.mail.pas.earthlink.net [207.217.120.50])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9A23737B402; Sun, 20 Jan 2002 13:33:10 -0800 (PST)
Received: from pool0122.cvx21-bradley.dialup.earthlink.net ([209.179.192.122] helo=mindspring.com)
	by avocet.prod.itd.earthlink.net with esmtp (Exim 3.33 #1)
	id 16SPZx-0007XI-00; Sun, 20 Jan 2002 13:32:41 -0800
Message-ID: <3C4B3775.1AFA318@mindspring.com>
Date: Sun, 20 Jan 2002 13:32:37 -0800
From: Terry Lambert <tlambert2@mindspring.com>
X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony}  (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: "Andrey A. Chernov" <ache@nagual.pp.ru>
Cc: Mark Murray <mark@grondar.za>, des@freebsd.org,
	current@freebsd.org
Subject: Re: Step1, pam_unix srandomdev fix for review
References: <20020120185334.GA23348@nagual.pp.ru> <200201201955.g0KJtVt32805@grimreaper.grondar.org> <20020120200455.GC24138@nagual.pp.ru>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

"Andrey A. Chernov" wrote:
> On Sun, Jan 20, 2002 at 19:55:31 +0000, Mark Murray wrote:
> > This works, but strikes me as overkill. This is salt, not cryptographic
> > randomness, so 'srandom(junk)' is most likely better as a replacement
> > for srandomdev() (where 'junk' can be time(), pid or anything similar).
> 
> You can't call srandom() from the libraries for the same purposes as
> srandomdev(), i.e. it damages user application current RNG state in the
> same way.
> 
> I mean this:
> 
> 1) User call srandom(3)
> 
> 2) Library calls srandomdev() or srandom(123)
> 
> Second step is effectively damages srandom(3) RNG state.

Since the library is a totally encapsulated usage, it makes sense
for it to save and restore state aroun its use of the functions,
which would effectively allow concurrent use of the generator
with other code that uses it.

Other code that cares about the state should do the same.

-- Terry

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message