[PATCH v3] Seed random generator in main()
Volker.Lendecke at SerNet.DE
Wed Jun 17 00:23:47 MDT 2015
On Wed, Jun 17, 2015 at 05:11:37PM +1200, Andrew Bartlett wrote:
> In other parts of Samba we just use the generate_random() function,
> which avoids needing to think about all this. We have cryptographic
> random numbers in Samba, we can just use those for this.
> We set up a PRNG using MD4 over a RC4 stream from 40 bytes of random
> data. It isn't the best, but it avoids the bad pattern of using
> srandom() et al, which will just trigger folks either re-using in more
> important places or alternately writing to us with 'security' warnings
> about using it.
Seen from another angle: The BSD world seems to settle on
the arc4random family of functions. There's a libbsd
replacement on Linux for those. Shouldn't we get rid of our
own random number generator and just use that, possibly with
the libbsd code in libreplace?
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba-technical