[PATCH v3] Seed random generator in main()
abartlet at samba.org
Tue Jun 16 23:11:37 MDT 2015
On Tue, 2015-06-16 at 22:41 +0100, Robin McCorkell wrote:
> sys_random() and sys_srandom() control the "junk" random generator, not
> the cryptographically secure one (which is accessed via
> generate_random() and associated functions, see lib/util/genrand.c).
> This patch only affects the seeding of the "junk" random generator, so
> that it gets seeded once at the beginning of the process instead of each
> iteration of MSDFS referral shuffling or whatever.
> In summary, this has no effect at all on the quality of the randomness
> for cryptographically secure uses, and improves the shuffling on things
> that use "junk" randomness like MSDFS shuffling (and DNS round-robin as
> per my other patch), which used to call srandom() every time the shuffle
> function was called.
In other parts of Samba we just use the generate_random() function,
which avoids needing to think about all this. We have cryptographic
random numbers in Samba, we can just use those for this.
We set up a PRNG using MD4 over a RC4 stream from 40 bytes of random
data. It isn't the best, but it avoids the bad pattern of using
srandom() et al, which will just trigger folks either re-using in more
important places or alternately writing to us with 'security' warnings
about using it.
Authentication Developer, Samba Team http://samba.org
Samba Development and Support, Catalyst IT http://catalyst.net.nz/services/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: This is a digitally signed message part
More information about the samba-technical