[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17789 [Tor]: Add syscall-based crypto seeding for OS X

Subject: Re: [tor-bugs] #17789 [Tor]: Add syscall-based crypto seeding for OS X
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 10 Dec 2015 03:31:23 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 09 Dec 2015 22:31:33 -0500
In-reply-to: <044.b994f490193ed95ecc6f62fe0ea14454@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.b994f490193ed95ecc6f62fe0ea14454@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17789: Add syscall-based crypto seeding for OS X
--------------------+------------------------------------
 Reporter:  teor    |          Owner:
     Type:  defect  |         Status:  closed
 Priority:  Medium  |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor     |        Version:  Tor: unspecified
 Severity:  Normal  |     Resolution:  wontfix
 Keywords:          |  Actual Points:
Parent ID:          |         Points:
  Sponsor:          |
--------------------+------------------------------------
Changes (by teor):

 * status:  new => closed
 * resolution:   => wontfix


Comment:

 Replying to [comment:2 nickm]:
 > (Which is to say, if they include an internal PRNG I'm not too excited
 about them, and if they just wrap open("/dev/random") I'm not too excited
 about them.)

 In fact, those are the exact two options the Apple APIs support!

 They're also not fork()-safe, and they express this by abort()ing on the
 first call in a child after a fork() but before an exec(). This causes
 issues with (misbehaved) tor unit tests that initialise global random
 state, but don't TT_FORK.

 There are ways to work around this, and the commit comment in my branch
 feature17789-v2 describes them. But they're complex, and pointless since
 we're not getting random bytes from the kernel itself.

 Closing as wontfix, until a better Apple API comes along. At that time,
 the code in feature17789-v2 could be useful as a starting point.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17789#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #17789 [Tor]: Add syscall-based crypto seeding for OS X
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #17739 [Tor]: Refactor clock skew warning code to avoid duplication
Next by Author: [tor-bugs] #17800 [Tor]: Tor Unit Tests should TT_FORK before initialising global PRNG state
Previous by thread: Re: [tor-bugs] #17789 [Tor]: Add syscall-based crypto seeding for OS X
Next by thread: Re: [tor-bugs] #17789 [Tor]: Add syscall-based crypto seeding for OS X
Index(es):
- Author
- Thread