many systems don't have /etc/shadow but do have another system for

making encrypted passwords secret. For example, with secure NIS+ only
root can get the encrypted password.

hash in the encrypted password of "root" to provide a nice source of
secret on such systems. On systems that don't have this (ie. any user
can get roots encrypted password) then the security is so slack that
it probably doesn't matter what we do to generate the secret.
(This used to be commit 3271e4c29fdc15a1ae61dec94517e484c2457411)

1 files changed, 12 insertions, 0 deletions

diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c
index 78d19da00a..8d7084d9f6 100644
--- a/source3/lib/genrand.c
+++ b/source3/lib/genrand.c
@@ -117,6 +117,7 @@ static void do_reseed(unsigned char *md4_outbuf)
   int fd;
   struct timeval tval;
   pid_t mypid;
+  struct passwd *pw;
 
   memset(md4_inbuf, '\0', sizeof(md4_inbuf));
 
@@ -144,6 +145,17 @@ static void do_reseed(unsigned char *md4_outbuf)
   do_filehash("/etc/shadow", &md4_inbuf[0]);
   do_filehash(SMB_PASSWD_FILE, &md4_inbuf[16]);
 
+  /* add in the root encrypted password. On any system where security is taken
+     seriously this will be secret */
+  pw = getpwnam("root");
+  if (pw) {
+	  int i;
+	  unsigned char md4_tmp[16];
+	  mdfour(md4_tmp, pw->pw_passwd, strlen(pw->pw_passwd));
+	  for (i=0;i<16;i++)
+		  md4_inbuf[8+i] ^= md4_tmp[i];
+  }
+
   /*
    * Finally add the counter, time of day, and pid.
    */