guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: maradns reproducibility fixes and the merits of picking a random num


From: Philip McGrath
Subject: Re: maradns reproducibility fixes and the merits of picking a random number
Date: Tue, 14 Jun 2022 13:16:44 -0400
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1

Hi,

On 6/8/22 16:25, Vagrant Cascadian wrote:
On 2022-06-09, Arun Isaac wrote:
Hi Vagrant,

But there's one nervous-making issue this revealed; maradns embeds a
random number at build time ... allegedly for systems that don't have
/dev/urandom... see
maradns-3.5.0020/deadwood-3.5.0020/src/Makefile.ubuntu2004:

   # Since some systems may not have /dev/urandom (Windows, *cough* *cough*), we
   # keep a randomly generated prime around

So it's got some code to generate a random number at build time and
embed it in the binary. Now, if there's anything I know about good
practices about random numbers, this sort of thing is generally a very
large red flag! It also makes the package build differently every
time!

Wow, great find! Has this issue been reported to maradns upstream? If
upstream fixes it or provides us a compile flag to disable this
"feature", it would be even better in the long run.

That does sound like the best long-term approach, definitely!

Will take the issue upstream...


Not sure if this is useful—I've never used MaraDNS, and I know just barely enough about Windows to try to keep free software portable—but, on Windows XP and later, you can get cryptographic-quality randomness by dynamically loading SystemFunction036 from Advapi32.dll, sometimes known as RtlGenRandom. Racket uses this to implement crypto-random-bytes, which uses /dev/urandom on Unix-like systems. It's also apparently used by Chromium, Firefox, and many others.

Racket example: https://github.com/racket/racket/blob/master/racket/collects/racket/private/windows-rand.rkt

C example from Microsoft: http://web.archive.org/web/20180929235240/https://blogs.msdn.microsoft.com/michael_howard/2005/01/14/cryptographically-secure-random-number-on-windows-without-using-cryptoapi/

Documentation, such as it is: https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-rtlgenrandom

Mozilla thread explaining why the warnings in that documentation are irrelevant: https://bugzilla.mozilla.org/show_bug.cgi?id=504270#c4

-Philip



reply via email to

[Prev in Thread] Current Thread [Next in Thread]