From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id kJV5KXoFoWJxLgEAbAwnHQ (envelope-from ) for ; Wed, 08 Jun 2022 22:24:26 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id qG1/KXoFoWItQAEAauVa8A (envelope-from ) for ; Wed, 08 Jun 2022 22:24:26 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 6430BB219 for ; Wed, 8 Jun 2022 22:24:26 +0200 (CEST) Received: from localhost ([::1]:48388 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nz2E3-0005Xk-TZ for larch@yhetil.org; Wed, 08 Jun 2022 16:24:24 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:48372) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nz2Di-0005WI-JH for guix-devel@gnu.org; Wed, 08 Jun 2022 16:24:02 -0400 Received: from cascadia.aikidev.net ([2600:3c01:e000:267:0:a171:de7:c]:56928) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nz2Dg-0006bD-RF for guix-devel@gnu.org; Wed, 08 Jun 2022 16:24:02 -0400 Received: from localhost (unknown [IPv6:2600:3c01:e000:21:7:77:0:20]) (Authenticated sender: vagrant@aikidev.net) by cascadia.aikidev.net (Postfix) with ESMTPSA id 7DFEB1AB5A; Wed, 8 Jun 2022 13:23:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=reproducible-builds.org; s=1.vagrant; t=1654719836; bh=hrqYgx4Ipz/Z6RcOMfydmdHkgOCH/jsCMXSCXzugTF8=; h=From:To:Subject:In-Reply-To:References:Date:From; b=IvT8A5niUsIt80pE9Km9xVV8oImPLpagPTadisFqSAlh101UDLpRr4xi87ms51UMl hvlR9MuI1QDqj2w7feRVaOdmkwXdjye+H+tbAyamo5ZrvYrEwRa7aZKvVQ2p+oWks+ dGE1AyVCn14XyRgdDXAAUH5U2dbTs+tWLQDJ8KLyeJWNqGnOIRw9cdUEhsh2nmbTXz RHpiIxXhv33GKipKxWcaVfTJgMbIX9Kmmxry8NB6adrYizuDmJ+nAZQN6mkD/38ZNA H4/C5byj+kHnk2RB88M8uYI/H1Dsu8D2bqldH8CnUD+GabVFBn8nIhjNgAaq9hHVCZ Nam0/cpM8MO4w== From: Vagrant Cascadian To: Liliana Marie Prikler , Guix Devel Subject: Re: maradns reproducibility fixes and the merits of picking a random number In-Reply-To: <8edf50429401e456088d85317f1b43c6ba4859d0.camel@gmail.com> References: <87pmjlfdjl.fsf@contorta> <8edf50429401e456088d85317f1b43c6ba4859d0.camel@gmail.com> Date: Wed, 08 Jun 2022 13:23:36 -0700 Message-ID: <87fskegb07.fsf@contorta> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: none client-ip=2600:3c01:e000:267:0:a171:de7:c; envelope-from=vagrant@reproducible-builds.org; helo=cascadia.aikidev.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1654719866; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=3row9BzOb1jB7x8jGR6Hw9j4qlUrEvX+9y9cZUmLwz8=; b=Z35OXaDisBY46e2bAayA7gh9X8l6PFFR5ZxSLat64b5Kebre56skEhcNlKNuhpK2OOlgL7 PRqSqNkb140XVwB+1FQqCktes3gCc7SB+DGJFV7duKdcujuNR5vIjGOzDITMuY8Gv4bYps ua1EofLH7F0Ba/qkYs6ogNvHi5zTxbLFs+iw9iKR2DrnnbGnfZ+Rlfqv0H46wukiVS8YmH FWda2Ma7leDZowKzTAzdEEjxa6Wbv33qr4vbrc+fPi5w///x4fU8SIvIPm/gCM1amV2G+U 7DkamQ1dq2c7UldOwO3qvLrXuufn36jEVvL+qQE7wR03IpKXTqkF9U5jrS5Kwg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1654719866; a=rsa-sha256; cv=none; b=D0bxkFAfScxOg+TGlbXGAPTYbv9bMtzl1aB4jfAwJPnxJdhqZ5NaMKPRSv/XhFE+qoEaIM DHlKFvq++7K/IhHPdhtMtc3qrzOeU7UCzpPWJnU3GI7HOCnbsCp8CTFpFglvD03xeaNTaw 9RiLbVJMfqv3NlGtHWPKiZmJAKC4XNMSzDHkqOAhSFgtuJ1eqLtdh4bGhoaDL3i2Z2O7Bh LtD7gAnjKdSvOge7rJv2vIMhcaCd/OcXBqN7cM5/R6hWMgJ7fLVSERj348ieKl69vJaMDa pKXr/wTqfYMbkmyb1gYMA3SWQdcBYkvOoSgL70dfhzUDrXjYmFHrea3CKvqevw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=reproducible-builds.org header.s=1.vagrant header.b=IvT8A5ni; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -5.10 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=reproducible-builds.org header.s=1.vagrant header.b=IvT8A5ni; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-devel-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-devel-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 6430BB219 X-Spam-Score: -5.10 X-Migadu-Scanner: scn1.migadu.com X-TUID: Sghr8C9HXK3e --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2022-06-08, Liliana Marie Prikler wrote: > Am Montag, dem 06.06.2022 um 18:49 -0700 schrieb Vagrant Cascadian: >> p.s. Obviously, I picked the best random number. > I beg to differ. >> +-RandomPrime:=C2=A0=C2=A0RandomPrime.c >> +-=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0$(CC) -O3 -o RandomPrime RandomPri= me.c >> +- >> +-DwRandPrime.h: RandomPrime >> +-=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if [ -e /dev/urandom ] ; then ./Ra= ndomPrime > DwRandPrime.h ; >> fi >> ++DwRandPrime.h: >> ++=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0echo '#define MUL_CONSTANT 1238145= 941' > DwRandPrime.h > This does not satisfy requirement #221: chosen by a fair dice roll.=20 > Randomness can therefore not be guaranteed. I will admit to "Obviously, I picked the best random number." as a joke. Hard-coding any supposedly random number seems awfully wrong to me! This is a not particularly great patch to make it compile reproducibly, on the *assumption* that number will not actually be used in practice, because it *supposed* to only be used when /dev/urandom is not available. I would love to see better patches that make fewer assumptions! FWIW, This is effectively the same embedded random number used in the Debian patch, although the maradns packaging in Debian basically comes to the same result by copying files around rather than patching them directly. live well, vagrant --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCYqEFSgAKCRDcUY/If5cW qtEsAP4vHfLrUiaKsKEFGjd538qFG3vcBjwqBLqEv0HfjPiuDQEA4vLXX/EFFW3L YALagmxHB0HbTot3b1mYJb+W3HV4ygI= =QcUC -----END PGP SIGNATURE----- --=-=-=--