Kaydet (Commit) 01bdbad3 authored tarafından Victor Stinner's avatar Victor Stinner

Don't use getentropy() on Linux

Issue #29188: Support glibc 2.24 on Linux: don't use getentropy() function but
read from /dev/urandom to get random bytes, for example in os.urandom().  On
Linux, getentropy() is implemented which getrandom() is blocking mode, whereas
os.urandom() should not block.
üst 98b1c826
...@@ -23,6 +23,11 @@ Extension Modules ...@@ -23,6 +23,11 @@ Extension Modules
Library Library
------- -------
- Issue #29188: Support glibc 2.24 on Linux: don't use getentropy() function
but read from /dev/urandom to get random bytes, for example in os.urandom().
On Linux, getentropy() is implemented which getrandom() is blocking mode,
whereas os.urandom() should not block.
- Issue #29142: In urllib, suffixes in no_proxy environment variable with - Issue #29142: In urllib, suffixes in no_proxy environment variable with
leading dots could match related hostnames again (e.g. .b.c matches a.b.c). leading dots could match related hostnames again (e.g. .b.c matches a.b.c).
Patch by Milan Oberkirch. Patch by Milan Oberkirch.
......
...@@ -97,8 +97,15 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise) ...@@ -97,8 +97,15 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
} }
/* Issue #25003: Don't use getentropy() on Solaris (available since /* Issue #25003: Don't use getentropy() on Solaris (available since
* Solaris 11.3), it is blocking whereas os.urandom() should not block. */ Solaris 11.3), it is blocking whereas os.urandom() should not block.
#elif defined(HAVE_GETENTROPY) && !defined(sun)
Issue #29188: Don't use getentropy() on Linux since the glibc 2.24
implements it with the getrandom() syscall which can fail with ENOSYS,
and this error is not supported in py_getentropy() and getrandom() is called
with flags=0 which blocks until system urandom is initialized, which is not
the desired behaviour to seed the Python hash secret nor for os.urandom():
see the PEP 524 which was only implemented in Python 3.6. */
#elif defined(HAVE_GETENTROPY) && !defined(sun) && !defined(linux)
#define PY_GETENTROPY 1 #define PY_GETENTROPY 1
/* Fill buffer with size pseudo-random bytes generated by getentropy(). /* Fill buffer with size pseudo-random bytes generated by getentropy().
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment