Message152758
On Mon, 2012-02-06 at 06:11 +0000, Martin v. Löwis wrote:
> Martin v. Löwis <martin@v.loewis.de> added the comment:
>
> IIUC, Win9x and NT4 are not supported anymore in any of the target releases of the patch, so calling CryptGenRandom should be fine.
> In a security fix release, we shouldn't change the linkage procedures, so I recommend that the LoadLibrary dance remains.
Thanks.
Am attaching tweaked versions of the 2012-02-01 patches, in which I've
removed the indecisive:
#if 1
(void)win32_urandom((unsigned char *)secret, secret_size, 0);
#else
/* fast but weak RNG (fast initialization, weak seed) */
...etc...
#endif
stuff, and simply use the first clause (win32_urandom) on Windows:
add-randomization-to-2.6-dmalcolm-2012-02-06-001.patch
fix-broken-tests-on-2.6-dmalcolm-2012-02-06-001.patch
add-randomization-to-3.1-dmalcolm-2012-02-06-001.patch
fix-broken-tests-on-3.1-dmalcolm-2012-02-06-001.patch |
|
Date |
User |
Action |
Args |
2012-02-06 19:07:47 | dmalcolm | set | recipients:
+ dmalcolm, lemburg, gvanrossum, tim.peters, loewis, barry, georg.brandl, terry.reedy, gregory.p.smith, jcea, mark.dickinson, pitrou, vstinner, christian.heimes, benjamin.peterson, eric.araujo, grahamd, Arfrever, v+python, alex, zbysz, skrah, gz, neologix, Arach, Mark.Shannon, eric.snow, Zhiping.Deng, Huzaifa.Sidhpurwala, Jim.Jewett, PaulMcMillan, fx5, skorgu |
2012-02-06 19:07:45 | dmalcolm | link | issue13703 messages |
2012-02-06 19:07:41 | dmalcolm | create | |
|