[issue26839] Python 3.5 running on Linux kernel 3.17+ can block at startup or on importing the random module on getrandom()
Colm Buckley
report at bugs.python.org
Tue Jun 7 14:55:37 EDT 2016
Colm Buckley added the comment:
To clarify what the various patches do:
3.5.1 as released: os.urandom and hash secret initialization both attempt getrandom() in preference to reading /dev/urandom. Under certain circumstances, this will block, possibly indefinitely.
Changeset 9de508dc4837: both os.urandom and hash secret initialization call getrandom() in nonblocking mode, falling back to (possibly low-entropy) /dev/urandom should getrandom() block due to lack of entropy.
Changeset 9de508dc4837 + nonblocking_urandom_noraise.patch: hash secret initialization calls getrandom() in nonblocking mode (ie: will always succeed, although with a silent fallback to low-entropy data if called when the system has no entropy). os.urandom will always block until there's enough entropy.
I think this final case implements what you need for the 3.5.2 RC.
The issue of "import random" still needs to be resolved; maybe we should de-merge #25420 and pursue Donald's approach there.
Thanks,
Colm
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue26839>
_______________________________________
More information about the Python-bugs-list
mailing list