krb5_abortx()

Andrew Bartlett abartlet at samba.org
Mon Jun 18 02:47:39 GMT 2007


On Mon, 2007-06-18 at 04:43 +0200, Love Hörnquist Åstrand wrote:
> >> What should I use for a random source on those platforms without / 
> >> dev/
> >> *random to generate cryptographic keys ?
> >>
> >> I can use the old method from libdes that fell out when I
> >> restructured the random code, but its questionable if that is really
> >> secure, it "works" though.
> >
> > Perhaps allow the app to supply a random callback?  (At least then it
> > can be just as bad as samba without /dev/random).
> 
> That is just fine, when flying home I though I could port the old code
> but never enable it in the core distribution and have you add the
> RAND_method if you wanted that stuff.
> 
> What random source does samba4 use for crypto keys ?

Without privileges, it boils down to time and pid, and then it is pushed
out via RC4... 

	/* Add in some secret file contents */

	do_filehash("/etc/shadow", &seed_inbuf[0]);

	/*
	 * Add the counter, time of day, and pid.
	 */

	GetTimeOfDay(&tval);
	mypid = getpid();
	v1 = (counter++) + mypid + tval.tv_sec;
	v2 = (counter++) * mypid + tval.tv_usec;

	SIVAL(seed_inbuf, 32, v1 ^ IVAL(seed_inbuf, 32));
	SIVAL(seed_inbuf, 36, v2 ^ IVAL(seed_inbuf, 36));

I'm not sure this is any better...

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20070618/cf44d9ab/attachment.bin


More information about the samba-technical mailing list