Just noting that /dev/urandom will give non-random data if entropy does not exists

When read, the /dev/random device will only return random bytes within the estimated number of bits of noise in the entropy pool. /dev/random should be suitable for uses that need very high quality randomness such as one-time pad or key generation. When the entropy pool is empty, reads from /dev/random will block until additional environmental noise is gathered.

A read from the /dev/urandom device will not block waiting for more entropy. As a result, if there is not sufficient entropy in the entropy pool, the returned values are theoretically vulnerable to a cryptographic attack on the algorithms used by the driver. Knowledge of how to do this is not available in the current unclassified literature, but it is theoretically possible that such an attack may exist. If this is a concern in your application, use /dev/random instead.

Why Sys instead of System?

@bararchy that is a cryptographic myth that kernel developers keep propagating. You cannot "run out" of entropy.

@Sija see #4406 Sys is meant to be a namespace for per-plateform low-level abstraction.

System is more high-level, directly usable by users (to get the hostname, the cpu_count (#4449) ).

@Sija because System already exists and is unrelated (returns informations about the system, like hostname or cpu_count). Also Rust uses sys and I like it. No strong feelings though; I'm open to suggestions (in #4406 please).

@bararchy see https://bugs.ruby-lang.org/issues/9569. The issue links to a bunch of documentation.

@ysbaddaden @RX14
You learn something every day I guess XD Thanks for the links

@ysbaddaden @Sija I like Sys, yet we could also use Platform since that word is used when describing the intent of the namespace. No strong feelings.

I'd very much prefer platform as it is more descriptive and having Sys and System could get confusing.

@ysbaddaden I'd vote for @bcardiff proposition of using Platform instead, for the reasons @RX14 so aptly pointed out.

Looks awesome now! Thanks for bearing with me.

I'll keep an eye on this -- and keep arguing about making Random::System a module 😋

I moved everything to the Crystal::System namespace, which I believe is a better place (thanks @luislavena). What do you think?

I still think that platform describes the contents of the namespace better. But its pretty arbitrary so I won't push it.

I'm ok with Crystal::System.

@ysbaddaden note that we have now the skip_file macro so in some cases it might come handy. As it is coded now, including crystal/** or crystal/system/** will not compile. Maybe it's ok, since the std should use just the crystal/system parts that they depends on.

skip_file is for exactly the kind of platform-specific files this pr introduces. This pr is the best way to test the feature in practice. If it's not the best solution for this pr then it may as well be removed as it's useless.

I started adding the skip_file macros. Here are my impressions:

the good:

• it tells which system(s) an implementation is for (great);

the less good:

• the default / fallback implementation file must list incompatible systems and systems we have other/better implementations (not really useful);

the bad:

• it duplicates the dispatch in the main file, adding a new system or an optimized implementation requires to update multiple places: the dispatch and the skips of the default implementation; there are 3 places in total (dispatch, the system file, the default file) instead of 1.

@ysbaddaden For me the best part of skip file is that it allows the globs to keep working in any directory.

There could be other solutions for this problem: like ignoring in require globs files prefixed with _ for example. With some rule like that the if can remain in the non prefixed main file like it is right now and the user will be able to require crystal/system/**.

@ysbaddaden I don't quite understand what you mean by "it duplicates the dispatch in the main file". Surely you'd just require all the relevant files and let skip_file do it's thing.

And as for the default file, I think there being an entirely cross-platform fallback will be quite rare, so it's best to have a whitelist in all files, (we know the entire set of targets). In that case, adding a new system requires only updating the file of the implementation for that system to add the system to the whitelist.

@RX14 , he probably meant that in linux version would say skip_file unless flag?(:linux), and in the unix if should say. skip_file if flag?(:linux).

Later on, for example in windows, the windows file will say skip_file unless flag?(:windows), but the unix file will need to mention flag?(:windows). That duplication/explosion is not nice.

Having some chained if flag? as currently is easier to get which file will be included given certain flags and is less error prone.

But I do value more the require ../** in this case.

@bcardiff I was suggesting simply not using unless at all and listing all the flags which are not windows or linux by hand. This is a lot more explicit in exactly what platforms the file is used for and solves the problem of multiple updates.

Does a glob of crystal/system/** really makes sense? Why require many files just to skip them when only 1 has the actual implementation? It makes seeking implementations for system X harder, too. Maybe we don't need everything from crystal/system either, just like we don't need everything from lib_c.

@RX14 defaults won't be that rare. Quite often we'll have "if windows else unix" and not much more. NetBSD or another UNIX system, for example, would require to put a bunch of || flag?(:netbsd) everywhere when only a few places would need it (if any).

@ysbaddaden How about adding a :unix flag? There might be non-unix non-windows systems eventually.

My concern with the glob is mainly consistency. The lib_c case is not the same since the path is selected from the triplet there.

If the feature of this PR is fine let's move forward as is. There other PR willing to move things to Crystal::System and wit should be used for windows.

Crystal::System should not be used directly so it's almost fine if globs are not supported maybe. Things can be improved later.

Is this really the place to discuss all of this?
I'm really interested in the technical side of this implementation but following this thread has been painful.

@oprypin sorry, you may click unsubscribe in the right column to stop being notified. I don't expect the technical side to change, and if it does, I'll notify you!

@RX14 an :unix flag would be great, but sometimes a system has a particular implementation; for example :openbsd and :linux here, so it wouldn't help, unless we do if flag?(:unix) && !flag?(:openbsd) && !flag?(:linux) :(

@ysbaddaden I guess a "cover file" which just uses macros to require the correct file is a better solution than skip_file. If we structure the file hierarchy correctly, we can require "crystal/system/*" (not **) and have it work. Surely though, we'd just have a crystal/system.cr which did the correct thing to require all of Crystal::System. Then there would be no need for globs (apart from in crystal/system.cr).

Eventually Crystal::System might have more things in the hierarchy / directory structure.
What if we spit the files in crystal/system and crystal/system.impl so require crystal/system/** will continue to work?

File in crystal/system will contain the condition as they are right now and include things in ../system.imp.

@ysbaddaden, if you don't like it (even with other folder name), no worries and feel free to merge this. So we can start moving other system specific code :-)

@bcardiff Rather then creating a messy and confusing folder layout how about just not using require "crystal/system/**". require "crystal/system" should have the exact same effect of requiring everything. require "lib_c/**" already doesn't work and that's not a bug. Please just keep it simple.

I thought a little more about this and I'll add the skip_file in the file headers, merely as a protection against glob issues. This shouldn't happen but let's play it safe. Let's see if keeping both the skip_file and dispatch working is annoying or not. After all, once implemented that won't change much.

Maybe I can add the :unix flag too? We can't use it right now, but in a next compiler release we could simplify some skip_file and dispatchs as in if unix elsif windows else raise.