Commits on Mar 26, 2014

1. src: seed V8's random number generator at startup …

   The default entropy source is /dev/urandom on UNIX platforms, which is
   okay but we can do better by seeding it from OpenSSL's entropy pool.
   
   On Windows we can certainly do better; on that platform, V8 seeds the
   random number generator using only the current system time.
   
   Fixes #6250.
   
   NB: This is a back-port of commit 7ac2391 from the master branch that
   for some reason never got back-ported to the v0.10 branch.
   
   The default on UNIX platforms in v0.10 is different and arguably worse
   than it is with master: if no entropy source is provided, V8 3.14 calls
   srandom() with a xor of the PID and the current time in microseconds.
   
   That means that on systems with a coarse system clock, the initial
   state of the PRNG may be easily guessable.
   
   The situation on Windows is even more dire because there the PRNG is
   seeded with only the current time... in milliseconds.

   

   bnoordhuis authored and indutny committed Mar 26, 2014
   Copy the full SHA

   70f198d View commit details

   Browse the repository at this point in the history

2. src: ensure that openssl's PRNG is fully seeded …

   Ensure that OpenSSL has enough entropy (at least 256 bits) for its PRNG.
   
   The entropy pool starts out empty and needs to fill up before the PRNG
   can be used securely.
   
   OpenSSL normally fills the pool automatically but not when someone
   starts generating random numbers before the pool is full: in that case
   OpenSSL keeps lowering the entropy estimate to thwart attackers trying
   to guess the initial state of the PRNG.
   
   When that happens, we wait until enough entropy is available, something
   that normally should never take longer than a few milliseconds.
   
   Fixes #7338.

   

   bnoordhuis authored and indutny committed Mar 26, 2014
   Copy the full SHA

   f68a116 View commit details

   Browse the repository at this point in the history