[PATCH 0/4] Add MAC authentication support to the Babel protocol
Ondrej Zajicek
santiago at crfreenet.org
Tue Mar 10 18:00:15 CET 2020
On Tue, Mar 10, 2020 at 04:58:26PM +0100, Toke Høiland-Jørgensen wrote:
> > I think that random_bytes() should not fail.
>
> Preferably not; but we don't really have any guarantees that the syscall
> will succeed, do we? I guess I can add some sanity checks on startup and
> bail out if (e.g.) /dev/urandom cannot be opened. It would still be
> possible for read() or getrandom() to fail later on, though, no?
It is mostly whether we want error handling directly in random_bytes(),
or in caller code. If we could have some reasonable error handling code
in the caller (e.g. log error message and drop packet), then we can do
that, but otherwise (as there are no error handling code in Babel patch)
it seems better to just die() directly in random_bytes() code if
underlying syscalls fail.
Definitely, we should not silently ignore these errors.
It seems getrandom() and getentropy() should not fail for buflen <= 256,
so we may die() for unexpected errors from these syscalls.
For read() from /dev/urandom, it might be good to handle EINTR, but we
may die() for other errors.
> > There are '#if defined(NATIVE_LITTLE_ENDIAN)' in the code, does
> > anybody define these?
>
> Hmm, probably not? The FreeBSD Blake implementation seems to have a
> #define based on __BYTE_ORDER, so guess we could just add something like
> that as well?
We already have CPU_BIG_ENDIAN in BIRD, so perhaps just use that.
--
Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
More information about the Bird-users
mailing list