[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-09-06 Thread Nick Coghlan
Nick Coghlan added the comment: I've reviewed all the open issues that come up when searching for "getrandom" on the issue tracker, and closed all the ones that were either out of date or rejected based on PEP 524 being accepted and implemented. For the remainder, I either wasn't clear on

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-09-06 Thread Nick Coghlan
Nick Coghlan added the comment: If /dev/urandom isn't available, Python refusing to start is likely to be one of the least of the system's problems, so Py_FatalError sounds reasonable to me - my +1 for a fallback above was a matter of "sounds good if you can find a way to make it work".

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-09-06 Thread Roundup Robot
Roundup Robot added the comment: New changeset ebbfc053360a by Victor Stinner in branch 'default': Issue #27776: include process.h on Windows for getpid() https://hg.python.org/cpython/rev/ebbfc053360a -- ___ Python tracker

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-09-06 Thread STINNER Victor
STINNER Victor added the comment: Nick: "+1 for a fallback in the SIPHash initialisation as well." Sorry but I don't know a simple function to implement this. We might use the LCG RNG, but it's not really designed to be "secure". I don't think that it makes sense to initialize a shiny SIPHash

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-09-06 Thread Roundup Robot
Roundup Robot added the comment: New changeset 45fc0c83ed42 by Victor Stinner in branch 'default': os.urandom() now blocks on Linux https://hg.python.org/cpython/rev/45fc0c83ed42 -- ___ Python tracker

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-08-20 Thread Nick Coghlan
Nick Coghlan added the comment: +1 for a fallback in the SIPHash initialisation as well. That's the case where Nathaniel Smith suggested we may want to issue a warning that the process shouldn't be used to handle untrusted inputs (since that particular remote DoS defence won't be working

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-08-19 Thread STINNER Victor
STINNER Victor added the comment: > _PyOS_URandomNonblock() *can* fail is /dev/urandom is missing or not readable Oh. It looks like Python initialization currently fails with a fatal error in this case, see _PyRandom_Init(). Maybe we should also fall back on clocks/pid in _PyRandom_Init()?

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-08-19 Thread STINNER Victor
STINNER Victor added the comment: Enhanced patch to address Nick's comments and fix mistakes. The new patch now also updates the documentation. I restored the code in _random.Random.seed() to fallback on the system clock: _PyOS_URandomNonblock() *can* fail is /dev/urandom is missing or not

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-08-18 Thread Nick Coghlan
Nick Coghlan added the comment: I have a few requests for clarification and confirmation as review comments, but overall +1 from me. (I'd still like a warning when we need to block in order to make life easier for system administrators attempting to debug any apparent system hangs, but as

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-08-16 Thread STINNER Victor
STINNER Victor added the comment: Patch to make os.urandom() blocking on Linux 3.17+, but use non-blocking urandom in _random.Random constructor and _random.Random.seed() with no seed is set. -- keywords: +patch Added file: http://bugs.python.org/file44126/urandom_nonblock.patch

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-08-16 Thread Roundup Robot
Roundup Robot added the comment: New changeset 86d0d74bc2e1 by Victor Stinner in branch 'default': Issue #27776: Cleanup random.c https://hg.python.org/cpython/rev/86d0d74bc2e1 New changeset ad141164c792 by Victor Stinner in branch 'default': Issue #27776: dev_urandom(raise=0) now closes the

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-08-16 Thread Roundup Robot
Roundup Robot added the comment: New changeset 980e2c781810 by Victor Stinner in branch 'default': Issue #27776: Cleanup random.c https://hg.python.org/cpython/rev/980e2c781810 New changeset 265644bad99e by Victor Stinner in branch 'default': Issue #27776: _PyRandom_Init() doesn't call

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-08-16 Thread Decorater
Decorater added the comment: Wow. ( linux only pep? inb4 a windows thing gets wedged in) -- nosy: +Decorater ___ Python tracker ___

[issue27776] PEP 524: Make os.urandom() blocking on Linux

2016-08-16 Thread STINNER Victor
New submission from STINNER Victor: Issue to track the implementation of the PEP 524. -- messages: 272852 nosy: haypo priority: normal severity: normal status: open title: PEP 524: Make os.urandom() blocking on Linux type: security versions: Python 3.6