Nmap Development mailing list archives
Re: PRNG benchmark results and proposal
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Mon, 5 May 2008 04:18:22 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 4 May 2008 18:19:49 -0700 or thereabouts Fyodor <fyodor () insecure org> wrote:
On Mon, May 05, 2008 at 12:45:05AM +0000, Brandon Enright wrote:So, I propose we change all random number generation to use DNet's PRNG at all times. It is fast, portable C, already included in Nmap, and quite a bit higher quality than we actually /need/.Thanks for benchmarking. Sounds good to me!I'd like someone to weigh in on BSD/GPL licensing conflicts before I proceed to either use rand.c or re-write rand.c for nbase_rnd.I believe the BSD/GPL licensing conflict involves traditional BSD with advertising clause. Libdnet doesn't have that clause (see nmap/libdnet-stripped/LICENSE). So code from dnet's rand.c can be used. Of course the rand.c authors need to be credited in the code (even if it is rewritten). So I'm not opposed to rewriting the code if it is short, but we don't have to either. Cheers, -F
Okay, attached is the patch to move (with re-write) dnet's rand.c routine into nbase_rnd.c The re-write ended up going pretty smoothly and I was able to adapt the dnet rand API to better fit into the nbase API. I decided to eliminate the malloc/free state struct design in favor of using a static struct. Nmap doesn't need multiple RNG states so this ends up being cleaner. I've tested this patch on Linux x86 and Linux x86_64. I'd like it if someone more familiar with other OSes (like Windows) give the patch a look-over/test. Note that although this patch dramatically speeds up the random number generation, generating random IPs with -iR isn't speed up much because most of the time is spent in other routines. Nmap should probably be profiled while using -iR; there are likely to be some big and easy gains in the other routines involved. Once I get the thumbs up, I'll check this patch in and remove dnet/rand.c I'll also go through the rest of Nmap's code and transition all rand() calls over to use the nbase_rnd API. Brandon -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkgeipUACgkQqaGPzAsl94KO1wCfc+pAOXKo9zF0WJ/KGDWYi74Q ZQkAnj+X1tX+nHliH7htTCDfq6XzT18w =9dSe -----END PGP SIGNATURE-----
Attachment:
nmap_rand.diff
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- PRNG benchmark results and proposal Brandon Enright (May 04)
- Re: PRNG benchmark results and proposal Fyodor (May 04)
- Re: PRNG benchmark results and proposal Brandon Enright (May 04)
- Re: PRNG benchmark results and proposal doug (May 04)
- Re: PRNG benchmark results and proposal Fyodor (May 04)