diff options
author | Jeremy Allison <jra@samba.org> | 1998-04-20 22:43:54 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 1998-04-20 22:43:54 +0000 |
commit | efb71742ca8ff9ec3211c5b3cf5d311fdceecd1c (patch) | |
tree | a153db84a0a571cbe2e49d591025e5c4659a3676 /source3/lib | |
parent | ec6fde99ab739ff2c410e5459bba06b06d18b5dc (diff) | |
download | samba-efb71742ca8ff9ec3211c5b3cf5d311fdceecd1c.tar.gz samba-efb71742ca8ff9ec3211c5b3cf5d311fdceecd1c.tar.bz2 samba-efb71742ca8ff9ec3211c5b3cf5d311fdceecd1c.zip |
Makefile: Added genrand.o
clientgen.c: Changed to fill change password buffer with random stuff.
password.c: Changed to get challenge from genrand.c
server.c: Added #ifdef around O_SYNC.
version.h: Changed to 1.9.19prealpha.
genrand.c:
New code to generate (hopefully) good random numbers for
use in crypto challenges/session keys etc.
PLEASE REVIEW THIS CODE AND SUGGEST IMPROVEMENTS !!!!!!
Jeremy.
(This used to be commit 608e98546392fd0aac9b33f4feac43615dbb4405)
Diffstat (limited to 'source3/lib')
-rw-r--r-- | source3/lib/genrand.c | 137 |
1 files changed, 137 insertions, 0 deletions
diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c new file mode 100644 index 0000000000..b26269f091 --- /dev/null +++ b/source3/lib/genrand.c @@ -0,0 +1,137 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + + Functions to create reasonable random numbers for crypto use. + + Copyright (C) Jeremy Allison 1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +extern int DEBUGLEVEL; + +/************************************************************** + Try and get a good random number seed. Try a number of + different factors. Firstly, try /dev/random and try and + read from this. If this fails iterate through /tmp and + XOR all the file timestamps. If this fails then just use + a combination of pid and time of day (yes I know this + sucks :-). Finally md4 the result. +**************************************************************/ + +static uint32 do_reseed(void) +{ + static int counter = 0; + unsigned char md4_outbuf[16]; + unsigned char md4_inbuf[40]; + BOOL got_random = False; + uint32 v1, v2, ret; + int fd; + struct timeval tval; + + memset(md4_inbuf, '\0', sizeof(md4_inbuf)); + + fd = open( "/dev/random", O_RDONLY); + if(fd >= 0) { + /* + * We can use /dev/random ! + */ + if(read(fd, md4_inbuf, 40) == 40) { + got_random = True; + DEBUG(10,("do_reseed: got 40 bytes from /dev/random.\n")); + } + close(fd); + } + + if(!got_random) { + /* + * /dev/random failed - try /tmp/ for timestamps. + */ + void *dp = sys_opendir("/tmp"); + + if(dp != NULL) { + char *p; + + while ((p = readdirname(dp))) { + struct stat st; + if(sys_stat(p,&st) != 0) + SIVAL(md4_inbuf, ((counter%sizeof(md4_inbuf))/4), + IVAL(md4_inbuf,((counter%sizeof(md4_inbuf))/4)) ^ st.st_atime); + counter++; + DEBUG(10,("do_reseed: value from file %s.\n", p)); + } + } + closedir(dp); + } + + /* + * Finally add the counter, time of day, and pid. + */ + GetTimeOfDay(&tval); + v1 = (counter++) + getpid() + tval.tv_sec; + v2 = (counter++) * getpid() + tval.tv_usec; + + SIVAL(md4_inbuf, 32, v1 ^ IVAL(md4_inbuf, 32)); + SIVAL(md4_inbuf, 36, v1 ^ IVAL(md4_inbuf, 36)); + + mdfour(md4_outbuf, md4_inbuf, sizeof(md4_inbuf)); + + /* XOR everything togther in blocks of 4 bytes. */ + ret = IVAL(md4_outbuf,0); + ret ^= IVAL(md4_outbuf,4); + ret ^= IVAL(md4_outbuf,8); + ret ^= IVAL(md4_outbuf,12); + + DEBUG(10,("do_reseed: returning seed %lu\n", ret)); + + return ret; +} + +/******************************************************************* + Interface to the (hopefully) good crypto random number generator. +********************************************************************/ + +void generate_random_buffer( unsigned char *out, int len, BOOL re_seed) +{ + static BOOL done_reseed = False; + unsigned char tmp_buf[64]; + unsigned char md4_buf[16]; + unsigned char *p; + + if(!done_reseed || re_seed) { + srandom(do_reseed()); + done_reseed = True; + } + + /* + * Generate random numbers in chunks of 64 bytes, + * then md4 them & copy to the output buffer. + */ + + p = out; + while(len > 0) { + int i; + int copy_len = len > 16 ? 16 : len; + for( i = 0; i < 16; i++) + SIVAL(tmp_buf, i*4, random()); + mdfour(md4_buf, tmp_buf, sizeof(tmp_buf)); + memcpy(p, md4_buf, copy_len); + p += copy_len; + len -= copy_len; + } +} |