Allowing arbitrary random number generators (#29246)

Issue #29188
2020-06-25 13:05:44 +05:30 · 2020-06-25 13:05:44 +05:30 · 0f7785e8d9
commit 0f7785e8d9
parent 7dfcc0bfd0
2 changed files with 7 additions and 17 deletions
--- a/akka-remote/src/main/mima-filters/2.6.x.backwards.excludes/pr-29246-remove-prng-constans.excludes
+++ b/akka-remote/src/main/mima-filters/2.6.x.backwards.excludes/pr-29246-remove-prng-constans.excludes
@ -0,0 +1,3 @@
+# removed prng constants related to issue #29188 and pr #29246
+ProblemFilters.exclude[DirectMissingMethodProblem]("akka.remote.artery.tcp.SecureRandomFactory.GeneratorSha1Prng")
+ProblemFilters.exclude[DirectMissingMethodProblem]("akka.remote.artery.tcp.SecureRandomFactory.GeneratorNativePrng")
--- a/akka-remote/src/main/scala/akka/remote/artery/tcp/SecureRandomFactory.scala
+++ b/akka-remote/src/main/scala/akka/remote/artery/tcp/SecureRandomFactory.scala
@ -7,7 +7,6 @@ package akka.remote.artery.tcp
 import java.security.SecureRandom

 import akka.annotation.InternalApi
-import akka.event.LogMarker
 import akka.event.MarkerLoggingAdapter
 import com.typesafe.config.Config

@ -16,8 +15,6 @@ import com.typesafe.config.Config
 */
@InternalApi private[akka] object SecureRandomFactory {

-  val GeneratorSha1Prng = "SHA1PRNG"
-  val GeneratorNativePrng = "NativePRNG"
  val GeneratorJdkSecureRandom = "SecureRandom"

  /**
@ -35,22 +32,12 @@ import com.typesafe.config.Config

  def createSecureRandom(randomNumberGenerator: String, log: MarkerLoggingAdapter): SecureRandom = {
    val rng = randomNumberGenerator match {
-      case s @ (GeneratorSha1Prng | GeneratorNativePrng) =>
-        log.debug("SSL random number generator set to: {}", s)
-        // SHA1PRNG needs /dev/urandom to be the source on Linux to prevent problems with /dev/random blocking
-        // However, this also makes the seed source insecure as the seed is reused to avoid blocking (not a problem on FreeBSD).
-        SecureRandom.getInstance(s)
-
      case "" | GeneratorJdkSecureRandom =>
-        log.debug("SSL random number generator set to [SecureRandom]")
-        new SecureRandom
-
-      case unknown =>
-        log.warning(
-          LogMarker.Security,
-          "Unknown SSL random number generator [{}] falling back to SecureRandom",
-          unknown)
+        log.debug("Using platform default SecureRandom algorithm for SSL")
        new SecureRandom
+      case custom =>
+        log.debug("Using {} SecureRandom algorithm for SSL", custom)
+        SecureRandom.getInstance(custom)
    }
    rng.nextInt() // prevent stall on first access
    rng