[SCM] Samba Shared Repository - branch master updated
Andreas Schneider
asn at samba.org
Mon Aug 12 10:43:03 UTC 2019
The branch, master has been updated
via c3ba556f52b libcli:auth: Use generate_secret_buffer() for netlogon challenge
via a21770cfdff s4:rpc_server: Use generate_secret_buffer() for netlogon challange
via 5a62056b453 s4:rpc_server: Use generate_secret_buffer() for backupkey wap_key
via 4b2480518bd s4:rpc_server: Use generate_secret_buffer() to create a session key
via bf52ab7d298 lib:util: Add better documentation for generate_secret_buffer()
via 2b2df6cd398 s3:smbd: Use generate_nonce_buffer() for AES-CCM and AES-GCM nonce
via b2506f24074 libcli:smb: Use generate_nonce_buffer() for AES-CCM and AES-GCM nonce
via 70ff216935a lib:util: Add generate_nonce_buffer()
from e6b7d782020 s3: VFS: vfs_snapper: Make setxattr return errno = EROFS on a shadow copy path.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c3ba556f52b15dd80efc26e4fb8f43ce2ee3a7f0
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 31 15:44:24 2019 +0200
libcli:auth: Use generate_secret_buffer() for netlogon challenge
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Mon Aug 12 10:42:35 UTC 2019 on sn-devel-184
commit a21770cfdffd2a21045a1bc87e489af0f4c6f130
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 31 15:42:26 2019 +0200
s4:rpc_server: Use generate_secret_buffer() for netlogon challange
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 5a62056b4530e4c509444be9164a1fca1dce193f
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 31 15:41:29 2019 +0200
s4:rpc_server: Use generate_secret_buffer() for backupkey wap_key
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 4b2480518bd3887be3a6cfb713523ac084e09fd5
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 31 15:40:12 2019 +0200
s4:rpc_server: Use generate_secret_buffer() to create a session key
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit bf52ab7d2982de84a68a1b9c6d2f68250b7e7cca
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 31 15:38:50 2019 +0200
lib:util: Add better documentation for generate_secret_buffer()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 2b2df6cd398c9cb62989710f9b1642665ec89406
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 31 15:28:34 2019 +0200
s3:smbd: Use generate_nonce_buffer() for AES-CCM and AES-GCM nonce
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit b2506f2407429efb40c3e4e4c360f5817ac13d27
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 31 15:25:35 2019 +0200
libcli:smb: Use generate_nonce_buffer() for AES-CCM and AES-GCM nonce
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 70ff216935acc099b762b527033b6191ba3307d0
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 31 15:16:37 2019 +0200
lib:util: Add generate_nonce_buffer()
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/util/genrand.c | 27 +++++++++++++++++++------
lib/util/genrand.h | 17 +++++++++++++++-
libcli/auth/netlogon_creds_cli.c | 3 ++-
libcli/smb/smbXcli_base.c | 4 ++--
source3/smbd/smb2_sesssetup.c | 4 ++--
source4/rpc_server/backupkey/dcesrv_backupkey.c | 3 ++-
source4/rpc_server/netlogon/dcerpc_netlogon.c | 3 ++-
source4/rpc_server/samr/samr_password.c | 5 +++--
8 files changed, 50 insertions(+), 16 deletions(-)
Changeset truncated at 500 lines:
diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index 55997c3dd55..a5809aa2bc9 100644
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -25,7 +25,11 @@
#include <gnutls/gnutls.h>
#include <gnutls/crypto.h>
-/* TODO: Add API for generating nonce or use gnutls_rnd directly everywhere. */
+/*
+ * Details about the GnuTLS CSPRNG:
+ *
+ * https://nikmav.blogspot.com/2017/03/improving-by-simplifying-gnutls-prng.html
+ */
_PUBLIC_ void generate_random_buffer(uint8_t *out, int len)
{
@@ -33,12 +37,23 @@ _PUBLIC_ void generate_random_buffer(uint8_t *out, int len)
gnutls_rnd(GNUTLS_RND_RANDOM, out, len);
}
-/*
- * Keep generate_secret_buffer in case we ever want to do something
- * different
- */
_PUBLIC_ void generate_secret_buffer(uint8_t *out, int len)
{
- /* Thread and fork safe random number generator for long term keys. */
+ /* The key generator, will re-seed after a fixed amount of bytes is
+ * generated (typically less than the nonce), and will also re-seed
+ * based on time, i.e., after few hours of operation without reaching
+ * the limit for a re-seed. For its re-seed it mixes mixes data obtained
+ * from the OS random device with the previous key.
+ */
gnutls_rnd(GNUTLS_RND_KEY, out, len);
}
+
+_PUBLIC_ void generate_nonce_buffer(uint8_t *out, int len)
+{
+ /*
+ * The nonce generator will reseed after outputting a fixed amount of
+ * bytes (typically few megabytes), or after few hours of operation
+ * without reaching the limit has passed.
+ */
+ gnutls_rnd(GNUTLS_RND_NONCE, out, len);
+}
diff --git a/lib/util/genrand.h b/lib/util/genrand.h
index 899ce8badc0..abb8ce2c10a 100644
--- a/lib/util/genrand.h
+++ b/lib/util/genrand.h
@@ -25,6 +25,21 @@
void generate_random_buffer(uint8_t *out, int len);
/**
- * Thread and fork safe random number generator for long term keys.
+ * @brief Generate random values for key buffers (e.g. session keys)
+ *
+ * @param[in] out A pointer to the buffer to fill with random data.
+ *
+ * @param[in] len The size of the buffer to fill.
*/
void generate_secret_buffer(uint8_t *out, int len);
+
+/**
+ * @brief Generate random values for a nonce buffer.
+ *
+ * This is also known as initialization vector.
+ *
+ * @param[in] out A pointer to the buffer to fill with random data.
+ *
+ * @param[in] len The size of the buffer to fill.
+ */
+void generate_nonce_buffer(uint8_t *out, int len);
diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c
index 50a5f50a57d..18143ca36d0 100644
--- a/libcli/auth/netlogon_creds_cli.c
+++ b/libcli/auth/netlogon_creds_cli.c
@@ -1177,7 +1177,8 @@ static void netlogon_creds_cli_auth_challenge_start(struct tevent_req *req)
TALLOC_FREE(state->creds);
- generate_random_buffer(state->client_challenge.data,
+ /* We need to use a CSPRNG which reseeds for generating session keys. */
+ generate_secret_buffer(state->client_challenge.data,
sizeof(state->client_challenge.data));
subreq = dcerpc_netr_ServerReqChallenge_send(state, state->ev,
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index 0375101b034..fab87be1299 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -6254,8 +6254,8 @@ NTSTATUS smb2cli_session_set_session_key(struct smbXcli_session *session,
*
* NOTE: We assume nonces greater than 8 bytes.
*/
- generate_random_buffer((uint8_t *)&session->smb2->nonce_high_random,
- sizeof(session->smb2->nonce_high_random));
+ generate_nonce_buffer((uint8_t *)&session->smb2->nonce_high_random,
+ sizeof(session->smb2->nonce_high_random));
switch (conn->smb2.server.cipher) {
case SMB2_ENCRYPTION_AES128_CCM:
nonce_size = AES_CCM_128_NONCE_SIZE;
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 770c22b00f1..591d5c37160 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -419,8 +419,8 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
*
* NOTE: We assume nonces greater than 8 bytes.
*/
- generate_random_buffer((uint8_t *)&x->nonce_high_random,
- sizeof(x->nonce_high_random));
+ generate_nonce_buffer((uint8_t *)&x->nonce_high_random,
+ sizeof(x->nonce_high_random));
switch (xconn->smb2.server.cipher) {
case SMB2_ENCRYPTION_AES128_CCM:
nonce_size = AES_CCM_128_NONCE_SIZE;
diff --git a/source4/rpc_server/backupkey/dcesrv_backupkey.c b/source4/rpc_server/backupkey/dcesrv_backupkey.c
index a826ae083f4..d192858e468 100644
--- a/source4/rpc_server/backupkey/dcesrv_backupkey.c
+++ b/source4/rpc_server/backupkey/dcesrv_backupkey.c
@@ -1263,7 +1263,8 @@ static WERROR generate_bkrp_server_wrap_key(TALLOC_CTX *ctx, struct ldb_context
char *secret_name;
TALLOC_CTX *frame = talloc_stackframe();
- generate_random_buffer(wrap_key.key, sizeof(wrap_key.key));
+ /* We need to use a CSPRNG which reseeds for generating session keys. */
+ generate_secret_buffer(wrap_key.key, sizeof(wrap_key.key));
ndr_err = ndr_push_struct_blob(&blob_wrap_key, ctx, &wrap_key, (ndr_push_flags_fn_t)ndr_push_bkrp_dc_serverwrap_key);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index ac745e32b02..f4e24b7fd7f 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -90,7 +90,8 @@ static NTSTATUS dcesrv_netr_ServerReqChallenge(struct dcesrv_call_state *dce_cal
pipe_state->client_challenge = *r->in.credentials;
- generate_random_buffer(pipe_state->server_challenge.data,
+ /* We need to use a CSPRNG which reseeds for generating session keys. */
+ generate_secret_buffer(pipe_state->server_challenge.data,
sizeof(pipe_state->server_challenge.data));
*r->out.return_credentials = pipe_state->server_challenge;
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index b04e37f06f3..6bf907181c8 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -733,9 +733,10 @@ NTSTATUS samr_set_password_buffers(struct dcesrv_call_state *dce_call,
nt_errstr(nt_status)));
/*
- * Windows just uses a random key
+ * Windows just uses a random key. We need to use a CSPRNG
+ * which reseeds for generating session keys.
*/
- generate_random_buffer(random_session_key,
+ generate_secret_buffer(random_session_key,
sizeof(random_session_key));
session_key = data_blob_const(random_session_key,
sizeof(random_session_key));
--
Samba Shared Repository
More information about the samba-cvs
mailing list