superreview cancelled: [Bug 182758] freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom : [Attachment 235586] Update

Nelson Bolyard <nelson@bolyard.com> has cancelled Julien Pierre
<julien.pierre.bugs@sun.com>'s request for superreview:
Bug 182758: freebl PRNG hashes netstat and /dev/urandom data rather than just
using /dev/urandom
https://bugzilla.mozilla.org/show_bug.cgi?id=182758

Attachment 235586: Update
https://bugzilla.mozilla.org/attachment.cgi?id=235586&action=edit

------- Additional Comments from Nelson Bolyard <nelson@bolyard.com>
I have some minor quibbles with this patch.

1) rather than seeing all the new code be "ifdef solaris" and "ifndef solaris"
which emphasizes the platform-specific nature of the code, 
I'd rather see it use "feature test macros", e.g. "if defined(DO_NETSTAT)" 
and "if !defined(DO_NETSTAT)", where the macro (#define) name is the name of
a feature, not a platform, and then have other #ifdefs that conditionally 
define that feature test macro, or not.  

That way, the Netstat code becomes a feature, to be considered on a platform 
by platform basis, not a platform specific hack, and it is more obvious that 
other platforms may wish to incorporate it, too.  I think all the 
conditionally compiled features for obtaining entropy should be coded that way.


2) I'd like to see the code structured in such a way that there is some 
run time check that ensures that in no build, at no time, is it possible
for this function to "fall out" the bottom without having succesfully 
gotten any entropy from any of its sources.  Perhaps we should have a 
counter of bytes of entropic data recieved/digested, and at the bottom of 
the function abort() if that number is zero.  The code should be structured 
not to bail out early, but to conditionally do subsequent parts only if 
previous ones failed, so that it always gets to the bottom of the function 
and always tests to see if any was succesfully gotten.	

If the code is structured that way, then the next person to come along with
another platform specific hack is likely to follow the established pattern
in the code.  We REALLY don't want this function ever returning without 
succeeding!
0
bugzilla
8/30/2006 8:27:43 AM
mozilla.dev.super-review 29307 articles. 3 followers. Post Follow

0 Replies
509 Views

Similar Articles

[PageSpeed] 50

Reply:

Similar Artilces:

superreview requested: [Bug 182758] freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom : [Attachment 235586] Update
Julien Pierre <julien.pierre.bugs@sun.com> has asked Nelson Bolyard <nelson@bolyard.com> for superreview: Bug 182758: freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom https://bugzilla.mozilla.org/show_bug.cgi?id=182758 Attachment 235586: Update https://bugzilla.mozilla.org/attachment.cgi?id=235586&action=edit ------- Additional Comments from Julien Pierre <julien.pierre.bugs@sun.com> Wan-Teh, This was written from scratch, it wasn't sample code. I switched from assert to PORT_Assert, as well as from malloc/free to ...

superreview requested: [Bug 182758] freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom : [Attachment 235522] On Solaris, use only /dev/urandom if it is available. If
Julien Pierre <julien.pierre.bugs@sun.com> has asked Wan-Teh Chang <wtchang@redhat.com> for superreview: Bug 182758: freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom https://bugzilla.mozilla.org/show_bug.cgi?id=182758 Attachment 235522: On Solaris, use only /dev/urandom if it is available. If not, use libkstat https://bugzilla.mozilla.org/attachment.cgi?id=235522&action=edit ------- Additional Comments from Julien Pierre <julien.pierre.bugs@sun.com> In the libkstat case, I am feeding all kernel statistics to the PRNG, 4 KB ...

superreview denied: [Bug 182758] freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom : [Attachment 235522] On Solaris, use only /dev/urandom if it is available. If not
Wan-Teh Chang <wtchang@redhat.com> has denied Julien Pierre <julien.pierre.bugs@sun.com>'s request for superreview: Bug 182758: freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom https://bugzilla.mozilla.org/show_bug.cgi?id=182758 Attachment 235522: On Solaris, use only /dev/urandom if it is available. If not, use libkstat https://bugzilla.mozilla.org/attachment.cgi?id=235522&action=edit ------- Additional Comments from Wan-Teh Chang <wtchang@redhat.com> These are just some minor problems. But since there are many, I wa...

superreview cancelled: [Bug 182758] freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom : [Attachment 236154] Update with feedback from Nelson and Wan-Teh
Julien Pierre <julien.pierre.bugs@sun.com> has cancelled Julien Pierre <julien.pierre.bugs@sun.com>'s request for superreview: Bug 182758: freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom https://bugzilla.mozilla.org/show_bug.cgi?id=182758 Attachment 236154: Update with feedback from Nelson and Wan-Teh https://bugzilla.mozilla.org/attachment.cgi?id=236154&action=edit ------- Additional Comments from Julien Pierre <julien.pierre.bugs@sun.com> This patch contains several changes : 1) More comments 2) CollectEntropy and R...

superreview requested: [Bug 182758] freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom : [Attachment 236342] update
Julien Pierre <julien.pierre.bugs@sun.com> has asked Wan-Teh Chang <wtchang@redhat.com> for superreview: Bug 182758: freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom https://bugzilla.mozilla.org/show_bug.cgi?id=182758 Attachment 236342: update https://bugzilla.mozilla.org/attachment.cgi?id=236342&action=edit ------- Additional Comments from Julien Pierre <julien.pierre.bugs@sun.com> This patch contains several changes : 1) More comments 2) CollectEntropy and RNG_kstat are both changed to return a SECStatus . This is to ea...

superreview granted: [Bug 182758] freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom : [Attachment 236342] update
Wan-Teh Chang <wtchang@redhat.com> has granted Julien Pierre <julien.pierre.bugs@sun.com>'s request for superreview: Bug 182758: freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom https://bugzilla.mozilla.org/show_bug.cgi?id=182758 Attachment 236342: update https://bugzilla.mozilla.org/attachment.cgi?id=236342&action=edit ------- Additional Comments from Wan-Teh Chang <wtchang@redhat.com> r=wtc. Please remove the 4 extraneous semicolons after closing curly braces. Just search for "};" in the file and remove ...

superreview requested: [Bug 182758] freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom : [Attachment 236154] Update with feedback from Nelson and Wan-Teh
Julien Pierre <julien.pierre.bugs@sun.com> has asked Wan-Teh Chang <wtchang@redhat.com> for superreview: Bug 182758: freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom https://bugzilla.mozilla.org/show_bug.cgi?id=182758 Attachment 236154: Update with feedback from Nelson and Wan-Teh https://bugzilla.mozilla.org/attachment.cgi?id=236154&action=edit ------- Additional Comments from Julien Pierre <julien.pierre.bugs@sun.com> - remove kprintf statements - rename max_entropy_len to max_entropy_buf_len - initialize buffered to zer...

Merging dev-gaia and dev-b2g into dev-fxos
--001a113ce93ebce35d051e4c0c73 Content-Type: text/plain; charset=UTF-8 Hello people of Firefox OS, After a discussion we have decided that the distinction between dev-gaia and dev-b2g mailing lists is not enough to warrant maintaining two lists. So we are deprecating both in favor of dev-fxos. So if you are subscribed to one of the aforementioned lists, you will be subscribed to the new dev-fxos list and we will shortly be decommissioning dev-gaia and dev-b2g. Thanks! Michael --001a113ce93ebce35d051e4c0c73 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: qu...

Merging dev-gaia and dev-b2g into dev-fxos
--001a113ce93ebce35d051e4c0c73 Content-Type: text/plain; charset=UTF-8 Hello people of Firefox OS, After a discussion we have decided that the distinction between dev-gaia and dev-b2g mailing lists is not enough to warrant maintaining two lists. So we are deprecating both in favor of dev-fxos. So if you are subscribed to one of the aforementioned lists, you will be subscribed to the new dev-fxos list and we will shortly be decommissioning dev-gaia and dev-b2g. Thanks! Michael --001a113ce93ebce35d051e4c0c73 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: qu...

superreview requested: [Bug 128673] jprof should use Linux's /dev/rtc for up-to-8KHz sampling : [Attachment 134273] slightly improved patch
Brian Ryner <bryner@brianryner.com> has asked David Baron <dbaron@dbaron.org> for superreview: Bug 128673: jprof should use Linux's /dev/rtc for up-to-8KHz sampling http://bugzilla.mozilla.org/show_bug.cgi?id=128673 Attachment 134273: slightly improved patch http://bugzilla.mozilla.org/attachment.cgi?id=134273&action=edit ...

superreview granted: [Bug 128673] jprof should use Linux's /dev/rtc for up-to-8KHz sampling : [Attachment 134273] slightly improved patch
David Baron <dbaron@dbaron.org> has granted Brian Ryner <bryner@brianryner.com>'s request for superreview: Bug 128673: jprof should use Linux's /dev/rtc for up-to-8KHz sampling http://bugzilla.mozilla.org/show_bug.cgi?id=128673 Attachment 134273: slightly improved patch http://bugzilla.mozilla.org/attachment.cgi?id=134273&action=edit ------- Additional Comments from David Baron <dbaron@dbaron.org> >+ if (!IS_POWER_OF_TWO(rtcHz) || rtcHz < 2) { >+ fprintf(stderr, "JP_RTC_HZ must be power of two and > 2, " Slight dis...

superreview requested: [Bug 128673] jprof should use Linux's /dev/rtc for up-to-8KHz sampling : [Attachment 143092] Patch to make pausing work
Boris Zbarsky <bzbarsky@mit.edu> has asked David Baron <dbaron@dbaron.org> for superreview: Bug 128673: jprof should use Linux's /dev/rtc for up-to-8KHz sampling http://bugzilla.mozilla.org/show_bug.cgi?id=128673 Attachment 143092: Patch to make pausing work http://bugzilla.mozilla.org/attachment.cgi?id=143092&action=edit ...

superreview cancelled: [Bug 149834] Enhance PSM speed by using new NSS API CERT_VerifyCertificateNow : [Attachment 202387] Same patch as before, just updated to apply cleanly to the trunk
Kai Engert (kaie) <kengert@redhat.com> has cancelled Kai Engert (kaie) <kengert@redhat.com>'s request for superreview: Bug 149834: Enhance PSM speed by using new NSS API CERT_VerifyCertificateNow https://bugzilla.mozilla.org/show_bug.cgi?id=149834 Attachment 202387: Same patch as before, just updated to apply cleanly to the trunk https://bugzilla.mozilla.org/attachment.cgi?id=202387&action=edit ...

superreview canceled: [Bug 396137] port Windows font matching code to Mac and use in place of ATSUI font matching : [Attachment 293819] patch, v.1.4, updated based on review comments
John Daggett (:jtd) <jdaggett@mozilla.com> has canceled John Daggett (:jtd) <jdaggett@mozilla.com>'s request for superreview: Bug 396137: port Windows font matching code to Mac and use in place of ATSUI font matching https://bugzilla.mozilla.org/show_bug.cgi?id=3D396137 Attachment 293819: patch, v.1.4, updated based on review comments https://bugzilla.mozilla.org/attachment.cgi?id=3D293819&action=3Dedit ------- Additional Comments from John Daggett (:jtd) <jdaggett@mozilla.com> Yeah, the first thing I want to improve about this is to cache the pref fon= t...

Web resources about - superreview cancelled: [Bug 182758] freebl PRNG hashes netstat and /dev/urandom data rather than just using /dev/urandom : [Attachment 235586] Update - mozilla.dev.super-review

Resources last updated: 11/28/2015 1:35:52 AM