search for: arc4random_uniform

https://bugzilla.mindrot.org/show_bug.cgi?id=3629 Bug ID: 3629 Summary: Building with Clang-17 fails due to -fzero-call-used-regs Product: Portable OpenSSH Version: 9.5p1 Hardware: amd64 OS: Mac OS X Status: NEW Severity: critical Priority: P5 Component: Build system

Hi, Yesterday I tried to replace the system openssl in a gentoo system with libressl. With openssh an interesting issue popped up: * RAND_bytes in libressl calls arc4random * arc4random is a compat function both in openssh and libressl * arc4random from openssh uses RAND_bytes So what's happening is a recursion. arc4random wants to use RAND_bytes and RAND_bytes wants to use arc4random. The

...doesn't matter, but you never know when someone copy+pastes your code into their project thinking this is a proper way to generate random passwords, so IMHO its best to avoid the modulo bias. > See here for more details: http://eternallyconfuzzled.com/arts/jsw_art_rand.aspx > And see arc4random_uniform's implementation: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/arc4random.c?rev=1.26;content-type=text%2Fplain > > 3. The generated password needs ~2^107 brute-force attempts (16 * log2(60) + log2(default_rounds=5000)), which is more than enough of course, but usually 128...

On 9/20/18 1:43 AM, Carl Boettiger wrote: > For a well-tested C algorithm, based on my reading of Lemire, the unbiased > "algorithm 3" in https://arxiv.org/abs/1805.10941 is part already of the C > standard library in OpenBSD and macOS (as arc4random_uniform), and in the > GNU standard library. Lemire also provides C++ code in the appendix of his > piece for both this and the faster "nearly divisionless" algorithm. > > It would be excellent if any R core members were interested in considering > bindings to these algorithms as...

...On 9/20/18 1:43 AM, Carl Boettiger wrote: > >> For a well-tested C algorithm, based on my reading of Lemire, the > >> unbiased "algorithm 3" in https://arxiv.org/abs/1805.10941 is part > >> already of the C standard library in OpenBSD and macOS (as > >> arc4random_uniform), and in the GNU standard library. Lemire also > >> provides C++ code in the appendix of his piece for both this and the > >> faster "nearly divisionless" algorithm. > >> > >> It would be excellent if any R core members were interested in > >&gt...

...AM, Ralf Stubner wrote: > On 9/20/18 1:43 AM, Carl Boettiger wrote: >> For a well-tested C algorithm, based on my reading of Lemire, the unbiased >> "algorithm 3" in https://arxiv.org/abs/1805.10941 is part already of the C >> standard library in OpenBSD and macOS (as arc4random_uniform), and in the >> GNU standard library. Lemire also provides C++ code in the appendix of his >> piece for both this and the faster "nearly divisionless" algorithm. >> >> It would be excellent if any R core members were interested in considering >> bindings to...

...rval */ + if (fuzz_ns > INT_MAX) + fuzz_ns = INT_MAX; + if (fuzz_ns > interval_ns) { + /* Shouldn't happen */ + fatal_f("internal error: fuzz %u%% %lldns > interval %lldns", + interval_fuzz_pct, fuzz_ns, interval_ns); + } + interval_ns -= fuzz_ns / 2; + interval_ns += arc4random_uniform(fuzz_ns); + + tmp.tv_sec = interval_ns / (1000 * 1000 * 1000); + tmp.tv_nsec = interval_ns % (1000 * 1000 * 1000); + + timespecadd(now, &tmp, next_interval); +} + /* * Performs keystroke timing obfuscation. Returns non-zero if the * output fd should be polled. @@ -586,8 +616,9 @@ obfuscate...

...Carl Boettiger wrote: > > >> For a well-tested C algorithm, based on my reading of Lemire, the > > >> unbiased "algorithm 3" in https://arxiv.org/abs/1805.10941 is part > > >> already of the C standard library in OpenBSD and macOS (as > > >> arc4random_uniform), and in the GNU standard library. Lemire also > > >> provides C++ code in the appendix of his piece for both this and the > > >> faster "nearly divisionless" algorithm. > > >> > > >> It would be excellent if any R core members were intere...

...if ${CC} supports compile flag -fzero-call-used-regs=all if ${CC} supports compile flag -ftrivial-auto-var-init=zero for sys/sysctl.h for library containing login for closefrom for close_range for library containing dlopen for arc4random for arc4random_buf for arc4random_uniform if libc defines sys_errlist if libc defines sys_nerr for library containing res_query for library containing dn_expand if res_query will link for _getshort for _getlong While most of these configuration difference seem trivial and innocuous, the -fzero-call-used-regs=al...

A quick point of order here: arguing with Duncan in this forum is helpful to expose ideas, but probably neither side will convince the other; eventually, if you want this adopted in core R, you'll need to convince an R-core member to pursue this fix. In the meantime, a good, well-tested implementation in a user-contributed package (presumably written in C for speed) would be enormously

...es checking for GNU libc compatible malloc... yes checking for declarations of fseeko and ftello... yes checking for cc option to enable large file support... none needed checking size of void*... 8 checking size of off_t... 8 checking for getrandom... no checking for arc4random... yes checking for arc4random_uniform... yes checking for library containing setusercontext... none required checking for login_cap.h... yes checking for tzset... yes checking for alarm... yes checking for chroot... yes checking for dup2... yes checking for endpwent... yes checking for gethostname... yes checking for memset... yes chec...

For a well-tested C algorithm, based on my reading of Lemire, the unbiased "algorithm 3" in https://arxiv.org/abs/1805.10941 is part already of the C standard library in OpenBSD and macOS (as arc4random_uniform), and in the GNU standard library. Lemire also provides C++ code in the appendix of his piece for both this and the faster "nearly divisionless" algorithm. It would be excellent if any R core members were interested in considering bindings to these algorithms as a patch, or might expres...

...ttiger wrote: >>>>> For a well-tested C algorithm, based on my reading of Lemire, the >>>>> unbiased "algorithm 3" in https://arxiv.org/abs/1805.10941 is part >>>>> already of the C standard library in OpenBSD and macOS (as >>>>> arc4random_uniform), and in the GNU standard library. Lemire also >>>>> provides C++ code in the appendix of his piece for both this and the >>>>> faster "nearly divisionless" algorithm. >>>>> >>>>> It would be excellent if any R core members were...

Dear all, NSD 4.12.0rc1 pre-release is available: https://nlnetlabs.nl/downloads/nsd/nsd-4.12.0rc1.tar.gz sha256 b9085a3fd08b8318ac30715faf1c7698099781eb3520253774a46f74386342e9 pgp https://nlnetlabs.nl/downloads/nsd/nsd-4.12.0rc1.tar.gz.asc This release introduces Prometheus metrics that can be compiled with `--enable-prometheus-metrics` and configured with `enable-metrics` (see

...ng whether GLOB_NOMATCH is declared... yes checking whether struct dirent allocates space for d_name... configure: WARNING: cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME checking for /proc/pid/fd directory... yes checking for arc4random... no checking for arc4random_buf... no checking for arc4random_uniform... no checking for asprintf... no checking for b64_ntop... no checking for __b64_ntop... yes checking for b64_pton... no checking for __b64_pton... yes checking for bcopy... yes checking for bindresvport_sa... yes checking for clock... yes checking for closefrom... no checking for dirfd... yes chec...