prng change feedback

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.

Max msuraev at sysmocom.de
Mon Oct 9 10:16:50 UTC 2017


I'm somewhat confused with the implementation details: placing fallback into library
would mean we effectively duplicate the fallback logic: the library might or might
not fallback and than the application will have to decide if it's ok with the fallback.

I'd prefer to use secure only random in the library code and make insecure fallback a
compile-time option in the application code. That way we can manage it on application
or even case-by-case basis later on if we decide to drop it altogether.

Although I might be missing smth, so looking forward for your feedback.

On 07.10.2017 08:34, Harald Welte wrote:
> I think it should be a compile time decision for now, and the default
> should be "no fallback".  So basically the entire fallback code is
> #ifdef'd out unless somebody builds libosmocore with a possibly
> dangerous compile option and has a good reason to do so.
>
> If the user does that, there should be a related warning at the end of
> the ./configure step, and we should also print runtime WARNING level
> messages once we actually start to fallback to insecure rand().
>

-- 
Max Suraev <msuraev at sysmocom.de> http://www.sysmocom.de/
======================================================================= 
* sysmocom - systems for mobile communications GmbH
* Alt-Moabit 93 
* 10559 Berlin, Germany
* Sitz / Registered office: Berlin, HRB 134158 B 
* Geschaeftsfuehrer / Managing Director: Harald Welte 







More information about the OpenBSC mailing list