mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git
synced 2026-05-17 01:48:07 +02:00
d516a96bfe
g_random_*() is based on GRand, which is not a CSPRNG. Instead, rely on
kernel to give us good random numbers, which is what nm_random_*() does.
Note that nm_random_*() calls getrandom() (or reads /dev/urandom), which
most likely is slower than GRand. It doesn't matter for our uses though.
It is cumbersome to review all uses of g_rand_*() whether their usage of
a non-cryptographically secure generator is appropriate. Instead, just
always use an appropriate function, thereby avoiding this question. Even
glib documentation refers to reading "/dev/urandom" as alternative. Which
is what nm_random_*() does. These days, it seems unnecessary to not use
the best random generator available, unless it's not fast enough or you
need a stable/seedable stream of random numbers.
In particular in nmcli, we used g_random_int_range() to generate
passwords. That is not appropriate. Sure, it's *only* for the hotspot,
but still.
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| tests | ||
| meson.build | ||
| nm-default-client.h | ||
| nm-libnm-aux.c | ||
| nm-libnm-aux.h | ||
| README.md | ||
libnm-client-aux-extern
libnm-client-aux-extern is a static library that:
- uses the public parts of "libnm"
- that can also be statically linked into other users of libnm.
Basically, it is a static library with utility functions that extends libnm.
That means:
- you can use it everywhere where you dynamically link with libnm.
Also, since libnm-client-aux-extern itself only uses public (stable) API of libnm, you theoretically can copy the sources into your own source tree.
This makes it very similar in purpose to ../libnmc-base/. The difference might be that this one is smaller and that you could easier copy+paste this to a libnm application outside this source tree.