[PATCH v2] Replace random() and related calls with generate_random_buffer()

Robin McCorkell rmccorkell at karoshi.org.uk
Thu Jul 9 13:32:07 UTC 2015


Result: better seeded random numbers that are cryptographically secure
(not that it matters in this case)

Now calls generate_random_buffer() every iteration, rather than generating an
array of random numbers in one call.

Signed-off-by: Robin McCorkell <rmccorkell at karoshi.org.uk>
---
 dfs_server/dfs_server_ad.c | 22 +++++++++++-----------
 source3/smbd/msdfs.c       |  8 ++++----
 2 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/dfs_server/dfs_server_ad.c b/dfs_server/dfs_server_ad.c
index 3d93e19..ef94cd3 100644
--- a/dfs_server/dfs_server_ad.c
+++ b/dfs_server/dfs_server_ad.c
@@ -40,20 +40,19 @@ struct dc_set {
 
 static void shuffle_dc_set(struct dc_set *list)
 {
-       uint32_t i;
-
-       srandom(time(NULL));
+	uint32_t i;
 
-       for (i = list->count; i > 1; i--) {
-               uint32_t r;
-               const char *tmp;
+	for (i = list->count; i > 1; i--) {
+		uint8_t r;
+		const char *tmp;
 
-               r = random() % i;
+		generate_random_buffer(&r, 1);
+		r = r % i;
 
-               tmp = list->names[i - 1];
-               list->names[i - 1] = list->names[r];
-               list->names[r] = tmp;
-       }
+		tmp = list->names[i - 1];
+		list->names[i - 1] = list->names[r];
+		list->names[r] = tmp;
+	}
 }
 
 /*
@@ -945,3 +944,4 @@ NTSTATUS dfs_server_ad_get_referrals(struct loadparm_context *lp_ctx,
 	/* By default until all the case are handled */
 	return NT_STATUS_NOT_FOUND;
 }
+
diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index a39efce..532535b 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -431,13 +431,13 @@ NTSTATUS create_conn_struct_cwd(TALLOC_CTX *ctx,
 
 static void shuffle_strlist(char **list, int count)
 {
-	int i, r;
+	int i;
+	uint8_t r;
 	char *tmp;
 
-	srandom(time(NULL));
-
 	for (i = count; i > 1; i--) {
-		r = random() % i;
+		generate_random_buffer(&r, 1);
+		r = r % i;
 
 		tmp = list[i-1];
 		list[i-1] = list[r];
-- 
2.4.5




More information about the samba-technical mailing list