On Mon, Jun 10, 2013 at 7:02 AM, Joseph Spadavecchia <[email protected]> wrote: > Hi there, > [...] > AFAIK this is a bug. Could someone please confirm?
Indeed, that looks like a bug to me. Fortunately, it's less terrible than it could be: In the case where on other seed technique besides the /proc/sys/kernel/random/uuid check succeeds, we will re-seed the PRNG way too often, and not discard the initial part of the cipherstream, which will expose the output to statistical baises. (The terrible version of this bug would have been the one with the opposite effect: thinking we thought we were seeded when we weren't.) Good thing we're only using the PRNG for DNS transaction ids. Still, we should get a better PRNG eventually[*] Patching this bug in 2.0 and 2.1. [*] (Oh hey look what I did in my spare time the other month: https://github.com/nmathewson/libottery . But see all the caveats in the README.) yrs, -- Nick *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe libevent-users in the body.
