[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: maradns reproducibility fixes and the merits of picking a random num

From: Philip McGrath
Subject: Re: maradns reproducibility fixes and the merits of picking a random number
Date: Tue, 14 Jun 2022 13:16:44 -0400
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.1


On 6/8/22 16:25, Vagrant Cascadian wrote:
On 2022-06-09, Arun Isaac wrote:
Hi Vagrant,

But there's one nervous-making issue this revealed; maradns embeds a
random number at build time ... allegedly for systems that don't have
/dev/urandom... see

   # Since some systems may not have /dev/urandom (Windows, *cough* *cough*), we
   # keep a randomly generated prime around

So it's got some code to generate a random number at build time and
embed it in the binary. Now, if there's anything I know about good
practices about random numbers, this sort of thing is generally a very
large red flag! It also makes the package build differently every

Wow, great find! Has this issue been reported to maradns upstream? If
upstream fixes it or provides us a compile flag to disable this
"feature", it would be even better in the long run.

That does sound like the best long-term approach, definitely!

Will take the issue upstream...

Not sure if this is useful—I've never used MaraDNS, and I know just barely enough about Windows to try to keep free software portable—but, on Windows XP and later, you can get cryptographic-quality randomness by dynamically loading SystemFunction036 from Advapi32.dll, sometimes known as RtlGenRandom. Racket uses this to implement crypto-random-bytes, which uses /dev/urandom on Unix-like systems. It's also apparently used by Chromium, Firefox, and many others.

Racket example:

C example from Microsoft:

Documentation, such as it is:

Mozilla thread explaining why the warnings in that documentation are irrelevant:


reply via email to

[Prev in Thread] Current Thread [Next in Thread]