summaryrefslogtreecommitdiff
path: root/source4/libcli/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-07-14 12:14:07 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:57:35 -0500
commitf607197054436a8195e3d0a695fe31574b418059 (patch)
tree90efd6698cf4cf7a499d7b3307c513b8c85d3690 /source4/libcli/auth
parent71d28b8265726a50b6f077115e7dacdb8c4b06f8 (diff)
downloadsamba-f607197054436a8195e3d0a695fe31574b418059.tar.gz
samba-f607197054436a8195e3d0a695fe31574b418059.tar.bz2
samba-f607197054436a8195e3d0a695fe31574b418059.zip
r1498: (merge from 3.0)
Rework our random number generation system. On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork(). For other systems, we now only re-seed after a fork, and on startup. No need to do it per-operation. This removes the 'need_reseed' parameter from generate_random_buffer(). This also requires that we start the secrets subsystem, as that is where the reseed value is stored, for systems without /dev/urandom. In order to aviod identical streams in forked children, the random state is re-initialised after the fork(), at the same point were we do that to the tdbs. Andrew Bartlett (This used to be commit b97d3cb2efd68310b1aea8a3ac40a64979c8cdae)
Diffstat (limited to 'source4/libcli/auth')
-rw-r--r--source4/libcli/auth/ntlmssp.c6
-rw-r--r--source4/libcli/auth/schannel.c2
2 files changed, 4 insertions, 4 deletions
diff --git a/source4/libcli/auth/ntlmssp.c b/source4/libcli/auth/ntlmssp.c
index 3c656f4e9e..75c1e30f56 100644
--- a/source4/libcli/auth/ntlmssp.c
+++ b/source4/libcli/auth/ntlmssp.c
@@ -108,7 +108,7 @@ void debug_ntlmssp_flags(uint32_t neg_flags)
static const uint8_t *get_challenge(const struct ntlmssp_state *ntlmssp_state)
{
static uint8_t chal[8];
- generate_random_buffer(chal, sizeof(chal), False);
+ generate_random_buffer(chal, sizeof(chal));
return chal;
}
@@ -1112,7 +1112,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
E_md4hash(ntlmssp_state->password, nt_hash);
lm_response = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 24);
- generate_random_buffer(lm_response.data, 8, False);
+ generate_random_buffer(lm_response.data, 8);
memset(lm_response.data+8, 0, 16);
memcpy(session_nonce, challenge_blob.data, 8);
@@ -1202,7 +1202,7 @@ static NTSTATUS ntlmssp_client_challenge(struct ntlmssp_state *ntlmssp_state,
if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_KEY_EXCH) {
/* Make up a new session key */
uint8_t client_session_key[16];
- generate_random_buffer(client_session_key, sizeof(client_session_key), False);
+ generate_random_buffer(client_session_key, sizeof(client_session_key));
/* Encrypt the new session key with the old one */
encrypted_session_key = data_blob_talloc(ntlmssp_state->mem_ctx,
diff --git a/source4/libcli/auth/schannel.c b/source4/libcli/auth/schannel.c
index 8a261a506c..aa89e7b84f 100644
--- a/source4/libcli/auth/schannel.c
+++ b/source4/libcli/auth/schannel.c
@@ -194,7 +194,7 @@ NTSTATUS schannel_seal_packet(struct schannel_state *state,
uint8_t sealing_key[16];
static const uint8_t netsec_sig[8] = NETSEC_SEAL_SIGNATURE;
- generate_random_buffer(confounder, 8, False);
+ generate_random_buffer(confounder, 8);
RSIVAL(seq_num, 0, state->seq_num);
SIVAL(seq_num, 4, state->initiator?0x80:0);