[PATCH] Update to the Samba crypto requirements document
Andreas Schneider
asn at samba.org
Wed Jan 3 14:23:09 UTC 2018
On Wednesday, 3 January 2018 12:58:50 CET Volker Lendecke wrote:
> On Wed, Jan 03, 2018 at 12:53:18PM +0100, Andreas Schneider via samba-
technical wrote:
> > > > We could also use gnutls_rnd() in generate_random_buffer() which would
> > > > be
> > > > much faster than opening /dev/urandom.
> > >
> > > Do we depend on gnutls even for the plain simple file server?
> >
> > We don't depend on gnutls for Samba FS (yet).
>
> So gnutls_rnd() would have to be #ifdef'ed.
>
> If you look at commit e73ccc06, when I changed to always use
> /dev/urandom, I did measure the speed, and it was not bad. How much
> better is gnutls_rnd(), and does it handle fork() well? We should not
> run into the situation where two smbds have the same random source in
> user space.
I think it is faster because on it calls getentropy(), if it is available. But
we could do that too. See attached patch.
Cheers,
Andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
-------------- next part --------------
>From ed6bb09ec2755c32f3fd166ce362736ba0e5ce9e Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 3 Jan 2018 14:51:40 +0100
Subject: [PATCH] lib:util: Use getentropy() if available
Signed-off-by: Andreas Schneider <asn at samba.org>
---
lib/util/genrand.c | 22 ++++++++++++++++++++++
lib/util/wscript_configure | 2 ++
2 files changed, 24 insertions(+)
diff --git a/lib/util/genrand.c b/lib/util/genrand.c
index a775535c49e..f142e36659a 100644
--- a/lib/util/genrand.c
+++ b/lib/util/genrand.c
@@ -25,6 +25,27 @@
#include "sys_rw_data.h"
#include "lib/util/blocking.h"
+#if defined(HAVE_GETENTROPY)
+#define ENTROPY_MAX 256
+
+_PUBLIC_ void generate_random_buffer(uint8_t *out, int len)
+{
+ int read = 0;
+ int ret;
+
+ for (read = 0; (len - read) > ENTROPY_MAX; read += ENTROPY_MAX) {
+ ret = getentropy(out + read, ENTROPY_MAX);
+ if (ret != 0) {
+ abort();
+ }
+ }
+
+ ret = getentropy(out + read, len - read);
+ if (ret != 0) {
+ abort();
+ }
+}
+#else /* !defined(HAVE_GETENTROPY) */
static int urand_fd = -1;
static void open_urandom(void)
@@ -50,6 +71,7 @@ _PUBLIC_ void generate_random_buffer(uint8_t *out, int len)
abort();
}
}
+#endif /* defined(HAVE_GETENTROPY) */
/*
* Keep generate_secret_buffer in case we ever want to do something
diff --git a/lib/util/wscript_configure b/lib/util/wscript_configure
index 8e5a59c8480..91693e2def5 100644
--- a/lib/util/wscript_configure
+++ b/lib/util/wscript_configure
@@ -7,6 +7,8 @@ if Options.options.disable_fault_handling:
# backtrace could be in libexecinfo or in libc
conf.CHECK_FUNCS_IN('backtrace backtrace_symbols', 'execinfo', checklibc=True, headers='execinfo.h')
+conf.CHECK_FUNCS('getentropy', headers='unistd.h')
+
conf.CHECK_STRUCTURE_MEMBER('struct statvfs', 'f_frsize', define='HAVE_FRSIZE', headers='sys/statvfs.h')
# all the different ways of doing statfs
--
2.15.1
More information about the samba-technical
mailing list