Page MenuHome GnuPG
Create Task
Maniphest T5706

libgcrypt: random: Remove the feature getting randomness from random daemon
Closed, ResolvedPublic
Actions

Description

random daemon has been experimental and not used.
Now, most machine has random generator hardware.

It's good to stop use of the daemon in libgcrypt.

See D544: Deprecation of random daemon part 1 (remove use of random daemon).

Revisions and Commits

rC libgcrypt
rC27d945084f69 random: Keep --enable-random-daemon, but not its use from runtime.
rC14f5d73e2731 random: Remove random-daemon use remained.
rC754ad5815b5b random: Remove use of experimental random daemon.

Related Objects

Event Timeline

gniibe triaged this task as Normal priority.Nov 30 2021, 5:11 AM
gniibe created this task.
gniibe renamed this task from libgcrypt: random: Remove access to random daemon to libgcrypt: random: Remove the feature getting randomness from random daemon.Nov 30 2021, 10:57 AM
werner added a subscriber: werner.Dec 6 2021, 11:28 AM

Yeah, remove it.

gniibe added a project: Restricted Project.Dec 7 2021, 2:12 AM
gniibe added a commit: rC754ad5815b5b: random: Remove use of experimental random daemon..Dec 7 2021, 2:13 AM
gniibe added a comment.Dec 7 2021, 2:35 AM

The patch has been applied.

Jakuje added a subscriber: Jakuje.Dec 16 2021, 1:38 PM

the random daemon is still part of the configure.ac and the undefined _gcry_daemon_initialize_basics() and _gcry_daemon_randomize() is still used under the USE_RANDOM_DAEMON guard in several places. I think at least the following cases should be removed too (or the configure check to be modified to throw error or warning):

$ git grep -i random_daemon
[...]
configure.ac:              [use_random_daemon=$enableval],
configure.ac:              [use_random_daemon=no])
configure.ac:AC_MSG_RESULT($use_random_daemon)
configure.ac:if test x$use_random_daemon = xyes ; then
configure.ac:    AC_DEFINE(USE_RANDOM_DAEMON,1,
configure.ac:AM_CONDITIONAL(USE_RANDOM_DAEMON, test x$use_random_daemon = xyes)
configure.ac:if test "$use_random_daemon" = "yes"; then
[...]
random/random-csprng.c:#ifdef USE_RANDOM_DAEMON
random/random-csprng.c:#endif /*USE_RANDOM_DAEMON*/
random/random.h:#ifdef USE_RANDOM_DAEMON
random/random.h:#endif /*USE_RANDOM_DAEMON*/
[...]
src/Makefile.am:if USE_RANDOM_DAEMON
src/Makefile.am:endif USE_RANDOM_DAEMON
src/Makefile.am:if USE_RANDOM_DAEMON
src/Makefile.am:endif USE_RANDOM_DAEMON
[...]
gniibe added a commit: rC14f5d73e2731: random: Remove random-daemon use remained..Dec 17 2021, 1:32 AM
gniibe added a comment.Dec 17 2021, 1:36 AM

Good catch. I pushed the change to remove use of random daemon remained.

Still, build of random daemon (gcryptrnd) itself is remained (in configure.ac and src/gcryptrnd.c and src/getrandom.c).

It is unlikely that there are some users for gcryptrnd, but still, it's better for libgcrypt to be conservative for the migration; The plan is: (1) Remove the use of the random daemon in 1.10, then, (2) Remove the random daemon in 1.11.

gniibe added a commit: rC27d945084f69: random: Keep --enable-random-daemon, but not its use from runtime..Dec 17 2021, 1:45 AM
gniibe added a comment.Dec 17 2021, 1:46 AM

Pushed another patch to clarify the semantics of --enable-random-daemon;
It's only for building gcryptrnd and the test program getrandom.

gniibe closed this task as Resolved.Feb 2 2022, 3:36 AM
gniibe removed a project: Restricted Project.
gniibe mentioned this in T5811: libgcrypt: Remove random-daemon (server side).Feb 2 2022, 3:41 AM
gniibe merged a task: T5396: Remove USE_RANDOM_DAEMON support from libgcrypt.Mar 29 2022, 1:41 AM
gniibe mentioned this in T5396: Remove USE_RANDOM_DAEMON support from libgcrypt.