On Sun, Nov 13, 2011 at 08:30:04PM -0500, David Schultz wrote:
I don't have those patches anymore, but I redid them from scratch
using the latest revision from OpenBSD. The patch at
http://www.freebsd.org/~das/patches/vshead.diff syncs our
arc4random.c with OpenBSD's to the extent possible,
On Mon, Nov 14, 2011, Andrey Chernov wrote:
1) We should use
mib[0] = CTL_KERN;
mib[1] = KERN_ARND;
len = sizeof(rnd);
sysctl(mib, 2, rnd, len, NULL, 0);
here instead of /dev/random, like OpenBSD did. It helps jails, and
re-stearing not happens too often in
On Mon, Nov 14, 2011 at 03:58:55PM -0500, David Schultz wrote:
On Mon, Nov 14, 2011, Andrey Chernov wrote:
1) We should use
mib[0] = CTL_KERN;
mib[1] = KERN_ARND;
len = sizeof(rnd);
sysctl(mib, 2, rnd, len, NULL, 0);
here instead of /dev/random, like OpenBSD did.
On Tue, Nov 15, 2011, Andrey Chernov wrote:
On Mon, Nov 14, 2011 at 03:58:55PM -0500, David Schultz wrote:
On Mon, Nov 14, 2011, Andrey Chernov wrote:
1) We should use
mib[0] = CTL_KERN;
mib[1] = KERN_ARND;
len = sizeof(rnd);
sysctl(mib, 2, rnd, len, NULL, 0);
On Mon, Nov 14, 2011 at 06:08:55PM -0500, David Schultz wrote:
Not quite. OpenBSD's implementation is more careful. I just
noticed a funny thing about FreeBSD's KERN_ARND sysctl: If the
random device isn't (or can't be) loaded, KERN_ARND silently
decides to initialize itself with the output
On 11/15/11, Andrey Chernov a...@freebsd.org wrote:
On Mon, Nov 14, 2011 at 06:08:55PM -0500, David Schultz wrote:
Not quite. OpenBSD's implementation is more careful. I just
noticed a funny thing about FreeBSD's KERN_ARND sysctl: If the
random device isn't (or can't be) loaded, KERN_ARND
On Tue, Nov 15, 2011 at 02:11:03AM +0100, Oliver Pinter wrote:
P.S. Do I answer your doubts about rdat key initialization in my prev.
posting?
I think it's a much correct solution, rather than the original patch,
while it initializes the whole structure, not only the key array...
On Tue, Nov 15, 2011, Andrey Chernov wrote:
In case you mean passing later whole structure like:
arc4_addrandom((u_char *)rdat, sizeof(rdat));
it will be incorrect because it change known algorithm parameters, which
defines exact 128 bytes and not anything else.
No, RC4 keys are anything
On Tue, Nov 15, 2011 at 12:49:29AM -0500, David Schultz wrote:
On Tue, Nov 15, 2011, Andrey Chernov wrote:
In case you mean passing later whole structure like:
arc4_addrandom((u_char *)rdat, sizeof(rdat));
it will be incorrect because it change known algorithm parameters, which
On Sat, Nov 12, 2011, Andrey Chernov wrote:
On Sat, Nov 12, 2011 at 10:41:35AM -0500, David Schultz wrote:
On Sat, Nov 12, 2011, Andrey Chernov wrote:
On Tue, Sep 16, 2008 at 04:19:32PM -0400, David Schultz wrote:
secteam@ already agreed to the idea of solving the fork problem as
in
On Tue, Sep 16, 2008 at 04:19:32PM -0400, David Schultz wrote:
secteam@ already agreed to the idea of solving the fork problem as
in OpenBSD over a month ago.
On Wed, Sep 17, 2008 at 12:50:25PM +0400, Andrey Chernov wrote:
I agree with your patch (BTW you can remove unneded #define
On Sat, Nov 12, 2011, Andrey Chernov wrote:
On Tue, Sep 16, 2008 at 04:19:32PM -0400, David Schultz wrote:
secteam@ already agreed to the idea of solving the fork problem as
in OpenBSD over a month ago.
On Wed, Sep 17, 2008 at 12:50:25PM +0400, Andrey Chernov wrote:
I agree with your
On Sat, Nov 12, 2011 at 10:41:35AM -0500, David Schultz wrote:
On Sat, Nov 12, 2011, Andrey Chernov wrote:
On Tue, Sep 16, 2008 at 04:19:32PM -0400, David Schultz wrote:
secteam@ already agreed to the idea of solving the fork problem as
in OpenBSD over a month ago.
On Wed, Sep 17,
13 matches
Mail list logo