Skip to content

Refactor secure randomness check #10840

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nickvergessen merged 2 commits into from
Sep 13, 2018
Merged

Refactor secure randomness check #10840

nickvergessen merged 2 commits into from
Sep 13, 2018

Conversation

@Hecke29
Copy link
Contributor

@Hecke29 Hecke29 commented Aug 24, 2018

closes #5530

@Hecke29 Hecke29 changed the title Refactor/5530 urandom check Refactor secure randomness check Aug 24, 2018
@MorrisJobke MorrisJobke added the 3. to review Waiting for reviews label Aug 24, 2018
Hecke29 added 2 commits August 24, 2018 23:12
@Hecke29
Change check if secure randomness is possible.
006e150 
Signed-off-by: Timo Förster <tfoerster@webfoersterei.de>
@Hecke29
Allow any Random generator that implements ISecureRandom for setupCheck
8d8189c 
Signed-off-by: Timo Förster <tfoerster@webfoersterei.de>
@rullzer rullzer added this to the Nextcloud 15 milestone Aug 26, 2018
ChristophWurst
ChristophWurst approved these changes Sep 5, 2018
View reviewed changes
Copy link
Member

@ChristophWurst ChristophWurst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change makes sense, code looks good 👍

Thanks a lot!

@ChristophWurst
Copy link
Member

ChristophWurst commented Sep 5, 2018

First-time contributor

Congratulations, btw 🎊

@nickvergessen nickvergessen merged commit a1c969a into nextcloud:master Sep 13, 2018
@mrclschstr
Copy link

mrclschstr commented Mar 19, 2019

Giving read access to /dev/urandom is still recommended in the admin manual: https://github.com/nextcloud/documentation/blob/master/admin_manual/installation/harden_server.rst#give-php-read-access-to-devurandom

Should this be updated as well?

@nickvergessen
Copy link
Member

nickvergessen commented Mar 19, 2019

Well it's one of the fallbacks inside php and doesn't hurt.
So when you get the warning it is valid to check that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@icewind1991 icewind1991 icewind1991 approved these changes

@ChristophWurst ChristophWurst ChristophWurst approved these changes

@juliusknorr juliusknorr Awaiting requested review from juliusknorr

@rullzer rullzer Awaiting requested review from rullzer

@nickvergessen nickvergessen Awaiting requested review from nickvergessen

Assignees

No one assigned

Labels

3. to review Waiting for reviews

Projects

None yet

Milestone

Nextcloud 15

Development

Successfully merging this pull request may close these issues.

/dev/urandom warning seems unnecessary

7 participants

@Hecke29 @ChristophWurst @mrclschstr @nickvergessen @icewind1991 @rullzer @MorrisJobke