[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-10-01 Thread Roundup Robot
Roundup Robot added the comment: New changeset 835085cc28cd by Victor Stinner in branch '3.5': Issue #25003: On Solaris 11.3 or newer, os.urandom() now uses the getrandom() https://hg.python.org/cpython/rev/835085cc28cd -- ___ Python tracker

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-10-01 Thread Roundup Robot
Roundup Robot added the comment: New changeset 202c827f86df by Victor Stinner in branch '2.7': Issue #25003: os.urandom() doesn't use getentropy() on Solaris because https://hg.python.org/cpython/rev/202c827f86df New changeset 83dc79eeaf7f by Victor Stinner in branch '3.4': Issue #25003:

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-10-01 Thread STINNER Victor
STINNER Victor added the comment: Ok, I pushed fixes for Python 2.7, 3.4, 3.5 and 3.6. Summary for Solaris: - Python 2.7, 3.4: read from /dev/urandom (use a private file descriptor) - Python 3.5, 3.6: use the getrandom() function on Solaris 11.3 and newer (no file descriptor), or fallback on

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-10-01 Thread John Beck
John Beck added the comment: Confirmed that test_os runs cleanly on Solaris 12, for each of: * 2.7.10 (plus your patch from 98454:202c827f86df) * 3.4.3 (plus your patch from 98455:83dc79eeaf7f) * 3.5.0 (plus your patch from 98452:835085cc28cd) * 3.6 (tip) --

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-10-01 Thread STINNER Victor
STINNER Victor added the comment: Thanks! I close the issue, it's now fixed. -- resolution: -> fixed status: open -> closed ___ Python tracker ___

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-09-18 Thread STINNER Victor
STINNER Victor added the comment: "I have tested your patch with 3.5, and it works fine, although I did have to make a minor change to get test_os to pass. In test_os.py you had: (...)" Oh right, I fixed test_os too. -- ___ Python tracker

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-09-18 Thread Roundup Robot
Roundup Robot added the comment: New changeset 221e09b89186 by Victor Stinner in branch 'default': Issue #25003: Skip test_os.URandomFDTests on Solaris 11.3 and newer https://hg.python.org/cpython/rev/221e09b89186 -- ___ Python tracker

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-09-18 Thread John Beck
John Beck added the comment: I have tested your patch with 3.5, and it works fine, although I did have to make a minor change to get test_os to pass. In test_os.py you had: ... USE_GETENTROPY = ((sysconfig.get_config_var('HAVE_GETENTROPY') == 1) and not

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-09-11 Thread STINNER Victor
STINNER Victor added the comment: > While testing this, I found out why I had needed EINVAL earlier (and still > do, for now): there is a bug in the Solaris implementation of getrandom(2). > If flags are 0 and the buffer size > 1024, then it fails with EINVAL. That > is only supposed to

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-09-11 Thread John Beck
John Beck added the comment: I have queried the engineer who owns the kernel bug and will post an update once I hear back from him. But as it is already almost midnight on Friday in his geo, it may well be Monday before I hear back. -- ___ Python

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-09-11 Thread STINNER Victor
STINNER Victor added the comment: > But EINVAL should also be checked for to make sure the system call was > invoked with proper parameters. py_getrandom() calls Py_FatalError() or raises an OSError on EINVAL. The error is not silently ignored. > My builds of Python 3.5.0.X (don't recall

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-09-11 Thread John Beck
John Beck added the comment: Yes, those patches work, with a caveat. While testing this, I found out why I had needed EINVAL earlier (and still do, for now): there is a bug in the Solaris implementation of getrandom(2). If flags are 0 and the buffer size > 1024, then it fails with EINVAL.

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris

2015-09-10 Thread STINNER Victor
Changes by STINNER Victor : -- title: os.urandom() should call getrandom(2) not getentropy(2) -> os.urandom() should call getrandom(2) not getentropy(2) on Solaris ___ Python tracker

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-10 Thread STINNER Victor
STINNER Victor added the comment: > Yes, the syscall was failing with EINVAL. Sorry, I don't understand. Do you mean that calling a non-existant syscall on Solaris fails with EINVAL? Calling the getrandom() syscall on Solaris < 11.3 fails with EINVAL? --

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-09-10 Thread STINNER Victor
Changes by STINNER Victor : -- title: os.urandom() should call getrandom(2) not getentropy(2) on Solaris -> os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer ___ Python tracker

[issue25003] os.urandom() should call getrandom(2) not getentropy(2) on Solaris 11.3 and newer

2015-09-10 Thread John Beck
John Beck added the comment: Sorry, let me try to clarify. ENOSYS is the correct errno value to check for, for the situation (e.g., Solaris < 11.3) of a non-existent system call. But EINVAL should also be checked for to make sure the system call was invoked with proper parameters. My builds

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-09 Thread John Beck
John Beck added the comment: Yes, the syscall was failing with EINVAL. -- ___ Python tracker ___ ___

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-09 Thread STINNER Victor
STINNER Victor added the comment: > Prior to applying this patch, I had needed to tweak py_getrandom() to > recognize EINVAL in addition to ENOSYS as sufficient reason to turn off > getrandom_works. In which case getrandom() fails with EINVAL? --

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-09 Thread John Beck
John Beck added the comment: @haypo: Yes, that patch works (applied to 3.5.0rc3; proxy problems are preventing me from updating my clone of the default branch at the moment) i.e., pyconfig.h shows: #define HAVE_GETRANDOM_SYSCALL 1 To answer your other questions: * Calling

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-08 Thread STINNER Victor
STINNER Victor added the comment: Thread on python-dev: https://mail.python.org/pipermail/python-dev/2015-September/141439.html -- ___ Python tracker

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-08 Thread Guido van Rossum
Guido van Rossum added the comment: Also, Theo believes that our Mersenne Twister is outdated and os.urandom() is the only reasonable alternative. So we might as well keep it fast. -- ___ Python tracker

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-08 Thread Guido van Rossum
Guido van Rossum added the comment: To Theo it's probably inconceivable that anyone would be using random numbers for anything besides crypto security. :-) His favorite is arc4random() (but he notes it's not based on RC4 anymore, but uses chacha -- I have no idea what any of that means :-).

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-08 Thread Donald Stufft
Donald Stufft added the comment: (A)RC4 and ChaCha are just two stream ciphers that let you encrypt some data, they work by essentially producing a psuedo-random stream of data in a deterministic manner based off of a key, and than that is XOR'd with the data you want to encrypt. arc4random

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-08 Thread Donald Stufft
Donald Stufft added the comment: Oh yea, and (A)RC4 is broken and shouldn't be used for anything anymore, ChaCha is much better and is pretty great. -- ___ Python tracker

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-08 Thread Tim Peters
Tim Peters added the comment: Guido, you're clearly talking with someone who knows too much ;-) If we're using the Twister for _anything_ related to crypto-level randomness, then I'd appalled - it was utterly unsuitable for any such purpose from day 1. But as a general-purpose generator for

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-08 Thread Guido van Rossum
Changes by Guido van Rossum : -- nosy: -gvanrossum ___ Python tracker ___ ___

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-05 Thread Raymond Hettinger
Changes by Raymond Hettinger : -- assignee: -> haypo ___ Python tracker ___ ___

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-04 Thread John Beck
New submission from John Beck: A recent Solaris build upgrade resulted in a massive slowdown of a package operation (our package client is written in Python). Some DTrace revealed this was because os.urandom() calls had slowed down by a factor of over 300. This turned out to be caused by an

[issue25003] os.urandom() should call getrandom(2) not getentropy(2)

2015-09-04 Thread R. David Murray
Changes by R. David Murray : -- nosy: +haypo stage: -> needs patch type: -> security ___ Python tracker ___