<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#ffffff"><div><div style="font-family: Calibri,sans-serif; font-size: 11pt;">Can we get any new function on all platforms, deferring to urandom() if getrandom() isn't there?<br><br>If the pattern is really going to be the hasattr check you posted earlier<br><br>Top-posted from my Windows Phone</div></div><div dir="ltr"><hr><span style="font-family: Calibri,sans-serif; font-size: 11pt; font-weight: bold;">From: </span><span style="font-family: Calibri,sans-serif; font-size: 11pt;"><a href="mailto:larry@hastings.org">Larry Hastings</a></span><br><span style="font-family: Calibri,sans-serif; font-size: 11pt; font-weight: bold;">Sent: </span><span style="font-family: Calibri,sans-serif; font-size: 11pt;">6/10/2016 8:50</span><br><span style="font-family: Calibri,sans-serif; font-size: 11pt; font-weight: bold;">To: </span><span style="font-family: Calibri,sans-serif; font-size: 11pt;"><a href="mailto:python-dev@python.org">python-dev@python.org</a></span><br><span style="font-family: Calibri,sans-serif; font-size: 11pt; font-weight: bold;">Subject: </span><span style="font-family: Calibri,sans-serif; font-size: 11pt;">Re: [Python-Dev] BDFL ruling request: should we block foreverwaiting for high-quality random bits?</span><br><br></div>
<div class="moz-cite-prefix"><br>
On 06/09/2016 03:44 PM, Ethan Furman wrote:<br>
</div>
<blockquote cite="mid:5759F13B.2000909@stoneleaf.us" type="cite">On
06/09/2016 03:22 PM, Larry Hastings wrote:
<br>
<blockquote type="cite">
Okay, it's decided: os.urandom() must be changed for 3.5.2 to
never
<br>
block on a getrandom() call.
<br>
</blockquote>
<br>
One way to not block is to raise an exception. Since this is such
a rare occurrence anyway I don't see this being a problem, plus it
keeps everybody mostly happy: normal users won't see it hang,
crypto-folk won't see vulnerable-from-this-cause-by-default
machines, and those running Python early in the boot sequence will
have something they can figure out, plus an existing knob to work
around it [hashseed, I think?].<br>
</blockquote>
<br>
<br>
Nope, I want the old behavior back. os.urandom() should read
/dev/random if getrandom() would block. As the British say, "it
should do what it says on the tin".<br>
<br>
<br>
<i>/arry</i><br>
</body></html>