Re: maradns reproducibility fixes and the merits of picking a random number

[Vagrant Cascadian <vagrant@reproducible-builds.org>]

[-- Attachment #1: Type: text/plain, Size: 1307 bytes --]

On 2022-06-08, Liliana Marie Prikler wrote:
> Am Montag, dem 06.06.2022 um 18:49 -0700 schrieb Vagrant Cascadian:
>> p.s. Obviously, I picked the best random number.
> I beg to differ.
>> +-RandomPrime:  RandomPrime.c
>> +-      $(CC) -O3 -o RandomPrime RandomPrime.c
>> +-
>> +-DwRandPrime.h: RandomPrime
>> +-      if [ -e /dev/urandom ] ; then ./RandomPrime > DwRandPrime.h ;
>> fi
>> ++DwRandPrime.h:
>> ++      echo '#define MUL_CONSTANT 1238145941' > DwRandPrime.h
> This does not satisfy requirement #221: chosen by a fair dice roll. 
> Randomness can therefore not be guaranteed.

I will admit to "Obviously, I picked the best random number." as a
joke. Hard-coding any supposedly random number seems awfully wrong to
me!

This is a not particularly great patch to make it compile reproducibly,
on the *assumption* that number will not actually be used in practice,
because it *supposed* to only be used when /dev/urandom is not
available. I would love to see better patches that make fewer
assumptions!

FWIW, This is effectively the same embedded random number used in the
Debian patch, although the maradns packaging in Debian basically comes
to the same result by copying files around rather than patching them
directly.

live well,
  vagrant

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 227 bytes --]