
On 6/8/22 16:25, Vagrant Cascadian wrote:
On 2022-06-09, Arun Isaac wrote:
Hi Vagrant,

But there's one nervous-making issue this revealed; maradns embeds a
random number at build time ... allegedly for systems that don't have
/dev/urandom... see

   # Since some systems may not have /dev/urandom (Windows, *cough* *cough*), we
   # keep a randomly generated prime around

So it's got some code to generate a random number at build time and
embed it in the binary. Now, if there's anything I know about good
practices about random numbers, this sort of thing is generally a very
large red flag! It also makes the package build differently every

Wow, great find! Has this issue been reported to maradns upstream? If
upstream fixes it or provides us a compile flag to disable this
"feature", it would be even better in the long run.

That does sound like the best long-term approach, definitely!

Will take the issue upstream...

Not sure if this is useful—I've never used MaraDNS, and I know just barely enough about Windows to try to keep free software portable—but, on Windows XP and later, you can get cryptographic-quality randomness by dynamically loading SystemFunction036 from Advapi32.dll, sometimes known as RtlGenRandom. Racket uses this to implement crypto-random-bytes, which uses /dev/urandom on Unix-like systems. It's also apparently used by Chromium, Firefox, and many others.

Racket example: https://github.com/racket/racket/blob/master/racket/collects/racket/private/windows-rand.rkt

C example from Microsoft: http://web.archive.org/web/20180929235240/https://blogs.msdn.microsoft.com/michael_howard/2005/01/14/cryptographically-secure-random-number-on-windows-without-using-cryptoapi/

Documentation, such as it is: https://docs.microsoft.com/en-us/windows/win32/api/ntsecapi/nf-ntsecapi-rtlgenrandom

Mozilla thread explaining why the warnings in that documentation are irrelevant: https://bugzilla.mozilla.org/show_bug.cgi?id=504270#c4


Reply via email to