diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-07-14 04:36:01 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:52:13 -0500 |
commit | 9d0783bf211dffe58845b36b0669f05bf8bf25b5 (patch) | |
tree | 3a7434e8a13cf736d2deb7268ef7cf3864cf9499 /source3/lib/genrand.c | |
parent | 8f93b500320d7d4341dfea37fd1f82d02b1ce980 (diff) | |
download | samba-9d0783bf211dffe58845b36b0669f05bf8bf25b5.tar.gz samba-9d0783bf211dffe58845b36b0669f05bf8bf25b5.tar.bz2 samba-9d0783bf211dffe58845b36b0669f05bf8bf25b5.zip |
r1492: Rework our random number generation system.
On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().
For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation. This removes the 'need_reseed'
parameter from generate_random_buffer().
Andrew Bartlett
(This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f)
Diffstat (limited to 'source3/lib/genrand.c')
-rw-r--r-- | source3/lib/genrand.c | 38 |
1 files changed, 25 insertions, 13 deletions
diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index bc9f21c640..9ccddfa4c5 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -24,21 +24,32 @@ static unsigned char hash[258]; static uint32 counter; -static unsigned char *reseed_data; -static size_t reseed_data_size; + +static BOOL done_reseed = False; +static void (*reseed_callback)(int *newseed); /**************************************************************** Copy any user given reseed data. *****************************************************************/ -void set_rand_reseed_data(unsigned char *data, size_t len) +void set_rand_reseed_callback(void (*fn)(int *)) { - SAFE_FREE(reseed_data); - reseed_data_size = 0; + reseed_callback = fn; + set_need_random_reseed(); +} - reseed_data = (unsigned char *)memdup(data, len); - if (reseed_data) - reseed_data_size = len; +void set_need_random_reseed(void) +{ + done_reseed = False; +} + +static void get_rand_reseed_data(int *reseed_data) +{ + if (reseed_callback) { + reseed_callback(reseed_data); + } else { + *reseed_data = 0; + } } /**************************************************************** @@ -136,6 +147,7 @@ static int do_reseed(BOOL use_fd, int fd) unsigned char seed_inbuf[40]; uint32 v1, v2; struct timeval tval; pid_t mypid; struct passwd *pw; + int reseed_data = 0; if (use_fd) { if (fd != -1) @@ -183,10 +195,11 @@ static int do_reseed(BOOL use_fd, int fd) * Add any user-given reseed data. */ + get_rand_reseed_data(&reseed_data); if (reseed_data) { size_t i; for (i = 0; i < sizeof(seed_inbuf); i++) - seed_inbuf[i] ^= reseed_data[i % reseed_data_size]; + seed_inbuf[i] ^= ((char *)(&reseed_data))[i % sizeof(reseed_data)]; } seed_random_stream(seed_inbuf, sizeof(seed_inbuf)); @@ -198,15 +211,14 @@ static int do_reseed(BOOL use_fd, int fd) Interface to the (hopefully) good crypto random number generator. ********************************************************************/ -void generate_random_buffer( unsigned char *out, int len, BOOL do_reseed_now) +void generate_random_buffer( unsigned char *out, int len) { - static BOOL done_reseed = False; static int urand_fd = -1; unsigned char md4_buf[64]; unsigned char tmp_buf[16]; unsigned char *p; - if(!done_reseed || do_reseed_now) { + if(!done_reseed) { urand_fd = do_reseed(True, urand_fd); done_reseed = True; } @@ -257,7 +269,7 @@ char *generate_random_str(size_t len) if (len > sizeof(retstr)-1) len = sizeof(retstr) -1; - generate_random_buffer( retstr, len, False); + generate_random_buffer( retstr, len); for (i = 0; i < len; i++) retstr[i] = c_list[ retstr[i] % (sizeof(c_list)-1) ]; |