Message267725
| Author |
Colm Buckley |
| Recipients |
Colm Buckley, Lukasa, alex, christian.heimes, doko, dstufft, larry, lemburg, martin.panter, matejcik, ned.deily, python-dev, rhettinger, skrah, thomas-petazzoni, vstinner, ztane |
| Date |
2016年06月07日.18:55:37 |
| SpamBayes Score |
-1.0 |
| Marked as misclassified |
Yes |
| Message-id |
<1465325737.47.0.402353702819.issue26839@psf.upfronthosting.co.za> |
| In-reply-to |
| Content |
To clarify what the various patches do:
3.5.1 as released: os.urandom and hash secret initialization both attempt getrandom() in preference to reading /dev/urandom. Under certain circumstances, this will block, possibly indefinitely.
Changeset 9de508dc4837: both os.urandom and hash secret initialization call getrandom() in nonblocking mode, falling back to (possibly low-entropy) /dev/urandom should getrandom() block due to lack of entropy.
Changeset 9de508dc4837 + nonblocking_urandom_noraise.patch: hash secret initialization calls getrandom() in nonblocking mode (ie: will always succeed, although with a silent fallback to low-entropy data if called when the system has no entropy). os.urandom will always block until there's enough entropy.
I think this final case implements what you need for the 3.5.2 RC.
The issue of "import random" still needs to be resolved; maybe we should de-merge #25420 and pursue Donald's approach there.
Thanks,
Colm |
|
History
|
|---|
| Date |
User |
Action |
Args |
| 2016年06月07日 18:55:37 | Colm Buckley | set | recipients:
+ Colm Buckley, lemburg, rhettinger, doko, vstinner, larry, christian.heimes, matejcik, ned.deily, alex, skrah, python-dev, martin.panter, ztane, dstufft, Lukasa, thomas-petazzoni |
| 2016年06月07日 18:55:37 | Colm Buckley | set | messageid: <1465325737.47.0.402353702819.issue26839@psf.upfronthosting.co.za> |
| 2016年06月07日 18:55:37 | Colm Buckley | link | issue26839 messages |
| 2016年06月07日 18:55:37 | Colm Buckley | create |
|