mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git
synced 2025-12-26 22:50:08 +01:00
6e96d71731
g_random_*() is based on GRand, which is not a CSPRNG. Instead, rely on kernel to give us good random numbers, which is what nm_random_*() does. Note that nm_random_*() calls getrandom() (or reads /dev/urandom), which most likely is slower than GRand. It doesn't matter for our uses though. It is cumbersome to review all uses of g_rand_*() whether their usage of a non-cryptographically secure generator is appropriate. Instead, just always use an appropriate function, thereby avoiding this question. Even glib documentation refers to reading "/dev/urandom" as alternative. Which is what nm_random_*() does. These days, it seems unnecessary to not use the best random generator available, unless it's not fast enough or you need a stable/seedable stream of random numbers. In particular in nmcli, we used g_random_int_range() to generate passwords. That is not appropriate. Sure, it's *only* for the hotspot, but still. |
||
|---|---|---|
| .. | ||
| tests | ||
| nm-fake-ndisc.c | ||
| nm-fake-ndisc.h | ||
| nm-lndp-ndisc.c | ||
| nm-lndp-ndisc.h | ||
| nm-ndisc-private.h | ||
| nm-ndisc.c | ||
| nm-ndisc.h | ||