[PATCH v3] Seed random generator in main()

Simo simo at samba.org
Wed Jun 17 08:58:37 MDT 2015


On Wed, 2015-06-17 at 15:52 +0200, Volker Lendecke wrote:
> On Wed, Jun 17, 2015 at 09:49:31AM -0400, Simo wrote:
> > On Wed, 2015-06-17 at 15:38 +0200, Volker Lendecke wrote:
> > > On Wed, Jun 17, 2015 at 09:36:00AM -0400, Simo wrote:
> > > > On Wed, 2015-06-17 at 08:23 +0200, Volker Lendecke wrote:
> > > > > On Wed, Jun 17, 2015 at 05:11:37PM +1200, Andrew Bartlett wrote:
> > > > > > In other parts of Samba we just use the generate_random() function,
> > > > > > which avoids needing to think about all this.  We have cryptographic
> > > > > > random numbers in Samba, we can just use those for this. 
> > > > > > 
> > > > > > We set up a PRNG using MD4 over a RC4 stream from 40 bytes of random
> > > > > > data.  It isn't the best, but it avoids the bad pattern of using
> > > > > > srandom() et al, which will just trigger folks either re-using in more
> > > > > > important places or alternately writing to us with 'security' warnings
> > > > > > about using it. 
> > > > > 
> > > > > Seen from another angle: The BSD world seems to settle on
> > > > > the arc4random family of functions. There's a libbsd
> > > > > replacement on Linux for those. Shouldn't we get rid of our
> > > > > own random number generator and just use that, possibly with
> > > > > the libbsd code in libreplace?
> > > > 
> > > > Why are we not just using urandom ? Why do we want to get in the
> > > > business of guaranteeing proper random number generation ????
> > > 
> > > Portability?
> > 
> > krb5 runs on all platforms and uses cryptographically secure PRNGs
> > (urandom on Linux), perhaps we can use that libraries for random number
> > generation.
> 
> Ah, ok. "using urandom" means going through Kerberos, right?

Well for me it meant "not using our own PRNG", so yeah we can use krb5
or openssl or what you have, as long as we use something that is vetted
an updated by people that know what they are doing and consider good
random number generation as one of their top priorities.

Simo.

-- 
Simo Sorce



More information about the samba-technical mailing list