[PATCH v3] Seed random generator in main()

Andrew Bartlett abartlet at samba.org
Tue Jun 16 23:11:37 MDT 2015


On Tue, 2015-06-16 at 22:41 +0100, Robin McCorkell wrote:
> sys_random() and sys_srandom() control the "junk" random generator, not
> the cryptographically secure one (which is accessed via
> generate_random() and associated functions, see lib/util/genrand.c).
> This patch only affects the seeding of the "junk" random generator, so
> that it gets seeded once at the beginning of the process instead of each
> iteration of MSDFS referral shuffling or whatever.
> 
> In summary, this has no effect at all on the quality of the randomness
> for cryptographically secure uses, and improves the shuffling on things
> that use "junk" randomness like MSDFS shuffling (and DNS round-robin as
> per my other patch), which used to call srandom() every time the shuffle
> function was called.

In other parts of Samba we just use the generate_random() function,
which avoids needing to think about all this.  We have cryptographic
random numbers in Samba, we can just use those for this. 

We set up a PRNG using MD4 over a RC4 stream from 40 bytes of random
data.  It isn't the best, but it avoids the bad pattern of using
srandom() et al, which will just trigger folks either re-using in more
important places or alternately writing to us with 'security' warnings
about using it. 

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team         http://samba.org
Samba Development and Support, Catalyst IT   http://catalyst.net.nz/services/samba





-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150617/37bda7d5/attachment.pgp>


More information about the samba-technical mailing list