First Last Prev Next    This bug is not in your last search results.
Bug 46260 - makepasswd blocks, reads from /dev/random (instead urandom)
makepasswd blocks, reads from /dev/random (instead urandom)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: General
UCS 4.3
Other Linux
: P5 normal (vote)
: UCS 4.3
Assigned To: Jürn Brodersen
Stefan Gohmann
https://alioth.debian.org/scm/loggerh...
: interim-3
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-02-08 14:07 CET by Felix Botner
Modified: 2018-03-14 14:38 CET (History)
2 users (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
NonBlocking.patch (287 bytes, patch)
2018-02-09 00:55 CET, Arvid Requate 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Felix Botner univentionstaff 2018-02-08 14:07:59 CET 
since 1.10-10 makepasswd in debian stretch reads from /dev/random and potentially blocks ...

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792535

maybe we should revert this:

 * Convert from Crypt::OpenSSL::Random to Bytes::Random::Secure (closes:
    #792535).
Comment 1 Arvid Requate univentionstaff 2018-02-09 00:55:22 CET 
Created attachment 9380 [details]
NonBlocking.patch

I've looked at the POD and code of libbytes-random-secure-perl-0.28/lib/Bytes/Random/Secure.pm and came up with this patch. Worked in my quick test (repeated strace ./makepasswd 2>&1 | grep urandom).
Comment 2 Jürn Brodersen univentionstaff 2018-02-27 11:39:27 CET 
(In reply to Arvid Requate from comment #1)
> Created attachment 9380 [details]
> NonBlocking.patch
> 
> I've looked at the POD and code of
> libbytes-random-secure-perl-0.28/lib/Bytes/Random/Secure.pm and came up with
> this patch. Worked in my quick test (repeated strace ./makepasswd 2>&1 |
> grep urandom).

Looks good.
Without patch makepasswd opens random, with patch urandom.

r18028: added patch
Comment 3 Jürn Brodersen univentionstaff 2018-03-02 11:19:46 CET 
[4.3-0 278a474226] Bug #46260: changelog
Comment 4 Stefan Gohmann univentionstaff 2018-03-02 13:35:08 CET 
OK, /dev/urandom is used.

I've made a small change to the changelog entry:
[4.3-0 37124a5528] Bug #46260
Comment 5 Stefan Gohmann univentionstaff 2018-03-14 14:38:15 CET 
UCS 4.3 has been released:
 https://docs.software-univention.de/release-notes-4.3-0-en.html
 https://docs.software-univention.de/release-notes-4.3-0-de.html

If this error occurs again, please use "Clone This Bug".
First Last Prev Next    This bug is not in your last search results.