This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Harald Welte laforge at gnumonks.orgHi Max, On Fri, Oct 06, 2017 at 06:57:03PM +0200, Max wrote: > However, from application PoV it should not matter anyway: if call to some function > might fail than we should handle it. There are basically 2 things we can do after > logging the error: > > - terminate the application > > - fallback to insecure random numbers > > So far we used the latter. If understood the summary of ongoing discussion right, > than we should opt for former. Shall I make it configurable via application > vty/config (OsmoBSC/OsmoMSC/OsmoSGSN)? I think it should be a compile time decision for now, and the default should be "no fallback". So basically the entire fallback code is #ifdef'd out unless somebody builds libosmocore with a possibly dangerous compile option and has a good reason to do so. If the user does that, there should be a related warning at the end of the ./configure step, and we should also print runtime WARNING level messages once we actually start to fallback to insecure rand(). -- - Harald Welte <laforge at gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)