r1498: (merge from 3.0)

Rework our random number generation system.

On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork().

For other systems, we now only re-seed after a fork, and on startup.
No need to do it per-operation.  This removes the 'need_reseed'
parameter from generate_random_buffer().

This also requires that we start the secrets subsystem, as that is
where the reseed value is stored, for systems without /dev/urandom.

In order to aviod identical streams in forked children, the random
state is re-initialised after the fork(), at the same point were we do
that to the tdbs.

Andrew Bartlett
(This used to be commit b97d3cb2efd68310b1aea8a3ac40a64979c8cdae)

2 files changed, 11 insertions, 0 deletions

diff --git a/source4/smbd/process_standard.c b/source4/smbd/process_standard.c
index cc02e84d57..5c2a0a3410 100644
--- a/source4/smbd/process_standard.c
+++ b/source4/smbd/process_standard.c
@@ -74,6 +74,10 @@ static void standard_accept_connection(struct event_context *ev, struct fd_event
 		DEBUG(0,("standard_accept_connection: tdb_reopen_all failed.\n"));
 	}
 
+	/* Ensure that the forked children do not expose identical random streams */
+
+	set_need_random_reseed();
+
 	mem_ctx = talloc_init("server_service_connection");
 	if (!mem_ctx) {
 		DEBUG(0,("talloc_init(server_service_connection) failed\n"));
diff --git a/source4/smbd/rewrite.c b/source4/smbd/rewrite.c
index d0a4bad374..ac241958c7 100644
--- a/source4/smbd/rewrite.c
+++ b/source4/smbd/rewrite.c
@@ -70,6 +70,13 @@ void smbd_process_init(void)
 	if (!init_change_notify())
 		exit(1);
 
+	/* Start old-style secrets subsystem */
+	
+	/* We must perform secrets_init(), as it sets up important
+	 * seeding for the random number generator.
+	 */
+	secrets_init();
+	
 	talloc_destroy(mem_ctx);
 }