r25660: Add a new interface 'generate_secret_buffer()', to be used when we

require top-quality entropy.  We don't want to waste system enropy
generating challenges (which simply need to be unpredictable, not
secret) or when generating UUIDs.

Rework generate_random_buffer() to use /dev/urandom less often, only
to seed the existing RC4 based PRNG.  (With an exception to ensure we
don't waste this setup cost for very small entropy requests).

Perhaps we should be using heimdal's code for this instead?

This should drasticly reduce our entropy use, particularly in the
build farm (automated Samba build on hosts without much other source
of entropy).

Andrew Bartlett
(This used to be commit 6a5630d37191542022f02fae519227b7829ef620)

1 files changed, 8 insertions, 0 deletions

diff --git a/source4/lib/util/util.h b/source4/lib/util/util.h
index 42dde70a44..fc9cb1e57a 100644
--- a/source4/lib/util/util.h
+++ b/source4/lib/util/util.h
@@ -226,10 +226,18 @@ _PUBLIC_ void set_need_random_reseed(void);
 
 /**
  Interface to the (hopefully) good crypto random number generator.
+ Will use our internal PRNG if more than 40 bytes of random generation
+ has been requested, otherwise tries to read from /dev/random
 **/
 _PUBLIC_ void generate_random_buffer(uint8_t *out, int len);
 
 /**
+ Interface to the (hopefully) good crypto random number generator.
+ Will always use /dev/urandom if available.
+**/
+_PUBLIC_ void generate_secret_buffer(uint8_t *out, int len);
+
+/**
   generate a single random uint32_t
 **/
 _PUBLIC_ uint32_t generate_random(void);