On Tue, May 17, 2016 at 5:50 PM, Theo de Raadt <[email protected]> wrote:
> > > https://github.com/libressl-portable/portable/tree/master/m4 > > > has autoconf checks with an OS whitelist for arc4random. > > > It would be nice to keep things similar to these so that > > > updates can be merged across from newer versions easily. > > > > I disagree. > > > > > > libressl is making extremely conservative decisions, to protect > > the way that libressl is (1) used and (2) seen. > > Furthermore, libressl makes that decision to decide if it should > provide a *better replacement*. > > In the library being discussed here it is quite likely that a shitty > arc4random() is still better than most other things it has available. > > Unless the goal is to keep everyone using customized non-standardized > /dev/urandom codepaths (if it hits fd-exhaustion, does the library > call _exit or abort? Good luck with satisfying people..) > > Even libbsd can improve: https://cgit.freedesktop.org/libbsd/commit/?id=874a0e51d3a38596006b3ef7396e62194f467abf https://cgit.freedesktop.org/libbsd/commit/?id=9a9a8b2dba2f511c0888499726597add59ae1215
