[PATCH v2] Seed random generator in main()

Robin McCorkell rmccorkell at karoshi.org.uk
Tue Jun 9 05:33:16 MDT 2015


Remove srandom() from DFS shuffling, only seed once during process init.
Improves performance and gives better shuffling.

Use of random() replaced with sys_random() in places to improve
protection against renamed libc functions

Move sys_random() and sys_srandom() to lib/util
---
 dfs_server/dfs_server_ad.c |  4 +---
 lib/util/samba_util.h      |  4 ++++
 lib/util/system.c          | 25 +++++++++++++++++++++++++
 source3/include/proto.h    |  2 --
 source3/lib/system.c       | 32 --------------------------------
 source3/smbd/msdfs.c       |  4 +---
 source3/smbd/server.c      |  2 ++
 source4/smbd/server.c      |  2 ++
 8 files changed, 35 insertions(+), 40 deletions(-)

diff --git a/dfs_server/dfs_server_ad.c b/dfs_server/dfs_server_ad.c
index 3d93e19..6ee5087 100644
--- a/dfs_server/dfs_server_ad.c
+++ b/dfs_server/dfs_server_ad.c
@@ -42,13 +42,11 @@ static void shuffle_dc_set(struct dc_set *list)
 {
        uint32_t i;
 
-       srandom(time(NULL));
-
        for (i = list->count; i > 1; i--) {
                uint32_t r;
                const char *tmp;
 
-               r = random() % i;
+               r = sys_random() % i;
 
                tmp = list->names[i - 1];
                list->names[i - 1] = list->names[r];
diff --git a/lib/util/samba_util.h b/lib/util/samba_util.h
index 1c974cd..3a3663c 100644
--- a/lib/util/samba_util.h
+++ b/lib/util/samba_util.h
@@ -78,6 +78,7 @@ _PUBLIC_ bool register_fault_handler(const char *name, void (*fault_handler)(int
 
 struct sockaddr;
 
+/* The following definitions come from lib/util/system.c */
 _PUBLIC_ int sys_getnameinfo(const struct sockaddr *psa,
 			     int salen,
 			     char *host,
@@ -86,6 +87,9 @@ _PUBLIC_ int sys_getnameinfo(const struct sockaddr *psa,
 			     size_t servlen,
 			     int flags);
 
+_PUBLIC_ long sys_random(void);
+_PUBLIC_ void sys_srandom(unsigned int seed);
+
 /* The following definitions come from lib/util/genrand.c  */
 /**
  Copy any user given reseed data.
diff --git a/lib/util/system.c b/lib/util/system.c
index 558aa5b..70c02a3 100644
--- a/lib/util/system.c
+++ b/lib/util/system.c
@@ -63,3 +63,28 @@ _PUBLIC_ int sys_getnameinfo(const struct sockaddr *psa,
 	}
 	return getnameinfo(psa, salen, host, hostlen, service, servlen, flags);
 }
+
+long sys_random(void)
+{
+#if defined(HAVE_RANDOM)
+	return (long)random();
+#elif defined(HAVE_RAND)
+	return (long)rand();
+#else
+	DEBUG(0,("Error - no random function available !\n"));
+	exit(1);
+#endif
+}
+
+void sys_srandom(unsigned int seed)
+{
+#if defined(HAVE_SRANDOM)
+	srandom(seed);
+#elif defined(HAVE_SRAND)
+	srand(seed);
+#else
+	DEBUG(0,("Error - no srandom function available !\n"));
+	exit(1);
+#endif
+}
+
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 0858289..450ee00 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -263,8 +263,6 @@ int sys_waitpid(pid_t pid,int *status,int options);
 char *sys_getwd(void);
 void set_effective_capability(enum smbd_capability capability);
 void drop_effective_capability(enum smbd_capability capability);
-long sys_random(void);
-void sys_srandom(unsigned int seed);
 int groups_max(void);
 int sys_getgroups(int setlen, gid_t *gidset);
 int sys_setgroups(gid_t UNUSED(primary_gid), int setlen, gid_t *gidset);
diff --git a/source3/lib/system.c b/source3/lib/system.c
index e54b946..8930795 100644
--- a/source3/lib/system.c
+++ b/source3/lib/system.c
@@ -738,38 +738,6 @@ void drop_effective_capability(enum smbd_capability capability)
 #endif /* HAVE_POSIX_CAPABILITIES */
 }
 
-/**************************************************************************
- Wrapper for random().
-****************************************************************************/
-
-long sys_random(void)
-{
-#if defined(HAVE_RANDOM)
-	return (long)random();
-#elif defined(HAVE_RAND)
-	return (long)rand();
-#else
-	DEBUG(0,("Error - no random function available !\n"));
-	exit(1);
-#endif
-}
-
-/**************************************************************************
- Wrapper for srandom().
-****************************************************************************/
-
-void sys_srandom(unsigned int seed)
-{
-#if defined(HAVE_SRANDOM)
-	srandom(seed);
-#elif defined(HAVE_SRAND)
-	srand(seed);
-#else
-	DEBUG(0,("Error - no srandom function available !\n"));
-	exit(1);
-#endif
-}
-
 #ifndef NGROUPS_MAX
 #define NGROUPS_MAX 32 /* Guess... */
 #endif
diff --git a/source3/smbd/msdfs.c b/source3/smbd/msdfs.c
index a39efce..3a27293 100644
--- a/source3/smbd/msdfs.c
+++ b/source3/smbd/msdfs.c
@@ -434,10 +434,8 @@ static void shuffle_strlist(char **list, int count)
 	int i, r;
 	char *tmp;
 
-	srandom(time(NULL));
-
 	for (i = count; i > 1; i--) {
-		r = random() % i;
+		r = sys_random() % i;
 
 		tmp = list[i-1];
 		list[i-1] = list[r];
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 9746d84..93cb91e 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1154,6 +1154,8 @@ extern void build_options(bool screen);
 
 	TimeInit();
 
+	sys_srandom(time(NULL) ^ getpid());
+
 #ifdef HAVE_SET_AUTH_PARAMETERS
 	set_auth_parameters(argc,argv);
 #endif
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index b0f67c9..a77c4b5 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -365,6 +365,8 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[
 	setup_logging(binary_name, opt_interactive?DEBUG_STDOUT:DEBUG_FILE);
 	setup_signals();
 
+	sys_srandom(time(NULL) ^ getpid());
+
 	/* we want total control over the permissions on created files,
 	   so set our umask to 0 */
 	umask(0);
-- 
1.9.1



More information about the samba-technical mailing list