From efb71742ca8ff9ec3211c5b3cf5d311fdceecd1c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 20 Apr 1998 22:43:54 +0000 Subject: Makefile: Added genrand.o clientgen.c: Changed to fill change password buffer with random stuff. password.c: Changed to get challenge from genrand.c server.c: Added #ifdef around O_SYNC. version.h: Changed to 1.9.19prealpha. genrand.c: New code to generate (hopefully) good random numbers for use in crypto challenges/session keys etc. PLEASE REVIEW THIS CODE AND SUGGEST IMPROVEMENTS !!!!!! Jeremy. (This used to be commit 608e98546392fd0aac9b33f4feac43615dbb4405) --- source3/lib/genrand.c | 137 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 137 insertions(+) create mode 100644 source3/lib/genrand.c (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c new file mode 100644 index 0000000000..b26269f091 --- /dev/null +++ b/source3/lib/genrand.c @@ -0,0 +1,137 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + + Functions to create reasonable random numbers for crypto use. + + Copyright (C) Jeremy Allison 1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +extern int DEBUGLEVEL; + +/************************************************************** + Try and get a good random number seed. Try a number of + different factors. Firstly, try /dev/random and try and + read from this. If this fails iterate through /tmp and + XOR all the file timestamps. If this fails then just use + a combination of pid and time of day (yes I know this + sucks :-). Finally md4 the result. +**************************************************************/ + +static uint32 do_reseed(void) +{ + static int counter = 0; + unsigned char md4_outbuf[16]; + unsigned char md4_inbuf[40]; + BOOL got_random = False; + uint32 v1, v2, ret; + int fd; + struct timeval tval; + + memset(md4_inbuf, '\0', sizeof(md4_inbuf)); + + fd = open( "/dev/random", O_RDONLY); + if(fd >= 0) { + /* + * We can use /dev/random ! + */ + if(read(fd, md4_inbuf, 40) == 40) { + got_random = True; + DEBUG(10,("do_reseed: got 40 bytes from /dev/random.\n")); + } + close(fd); + } + + if(!got_random) { + /* + * /dev/random failed - try /tmp/ for timestamps. + */ + void *dp = sys_opendir("/tmp"); + + if(dp != NULL) { + char *p; + + while ((p = readdirname(dp))) { + struct stat st; + if(sys_stat(p,&st) != 0) + SIVAL(md4_inbuf, ((counter%sizeof(md4_inbuf))/4), + IVAL(md4_inbuf,((counter%sizeof(md4_inbuf))/4)) ^ st.st_atime); + counter++; + DEBUG(10,("do_reseed: value from file %s.\n", p)); + } + } + closedir(dp); + } + + /* + * Finally add the counter, time of day, and pid. + */ + GetTimeOfDay(&tval); + v1 = (counter++) + getpid() + tval.tv_sec; + v2 = (counter++) * getpid() + tval.tv_usec; + + SIVAL(md4_inbuf, 32, v1 ^ IVAL(md4_inbuf, 32)); + SIVAL(md4_inbuf, 36, v1 ^ IVAL(md4_inbuf, 36)); + + mdfour(md4_outbuf, md4_inbuf, sizeof(md4_inbuf)); + + /* XOR everything togther in blocks of 4 bytes. */ + ret = IVAL(md4_outbuf,0); + ret ^= IVAL(md4_outbuf,4); + ret ^= IVAL(md4_outbuf,8); + ret ^= IVAL(md4_outbuf,12); + + DEBUG(10,("do_reseed: returning seed %lu\n", ret)); + + return ret; +} + +/******************************************************************* + Interface to the (hopefully) good crypto random number generator. +********************************************************************/ + +void generate_random_buffer( unsigned char *out, int len, BOOL re_seed) +{ + static BOOL done_reseed = False; + unsigned char tmp_buf[64]; + unsigned char md4_buf[16]; + unsigned char *p; + + if(!done_reseed || re_seed) { + srandom(do_reseed()); + done_reseed = True; + } + + /* + * Generate random numbers in chunks of 64 bytes, + * then md4 them & copy to the output buffer. + */ + + p = out; + while(len > 0) { + int i; + int copy_len = len > 16 ? 16 : len; + for( i = 0; i < 16; i++) + SIVAL(tmp_buf, i*4, random()); + mdfour(md4_buf, tmp_buf, sizeof(tmp_buf)); + memcpy(p, md4_buf, copy_len); + p += copy_len; + len -= copy_len; + } +} -- cgit From 2beb8f3cb5437cb2b214c9be0c919c1b3988a857 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 20 Apr 1998 23:57:29 +0000 Subject: genrand.c: Improved filename based random seed generation. lib/rpc/server/srv_netlog.c: Changed to use generate_random_buffer(). Jeremy. (This used to be commit 093d060a06d75c6ee5b1329d524334f4db97cba6) --- source3/lib/genrand.c | 73 ++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 55 insertions(+), 18 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index b26269f091..5808206f6b 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -24,6 +24,55 @@ #include "includes.h" extern int DEBUGLEVEL; +static uint32 counter = 0; + +/**************************************************************** + Try and get a seed by looking at the atimes of files in a given + directory. XOR them into the buf array. +*****************************************************************/ + +static void do_dirrand(char *name, unsigned char *buf, int buf_len) +{ + void *dp = sys_opendir(name); + pstring fullname; + int len_left; + int fullname_len; + char *pos; + + pstrcpy(fullname, name); + fullname_len = strlen(fullname); + + if(fullname_len + 2 > sizeof(pstring)) + return; + + if(fullname[fullname_len] != '/') { + fullname[fullname_len] = '/'; + fullname[fullname_len+1] = '\0'; + fullname_len = strlen(fullname); + } + + len_left = sizeof(pstring) - fullname_len - 1; + pos = &fullname[fullname_len]; + + if(dp != NULL) { + char *p; + + while ((p = readdirname(dp))) { + struct stat st; + + if(strlen(p) <= len_left) + strcpy(pos, p); + + if(sys_stat(fullname,&st) == 0) { + SIVAL(buf, ((counter * 4)%(buf_len-4)), + IVAL(buf,((counter * 4)%(buf_len-4))) ^ st.st_atime); + counter++; + DEBUG(10,("do_dirrand: value from file %s.\n", fullname)); + } + } + closedir(dp); + } +} /************************************************************** Try and get a good random number seed. Try a number of @@ -36,13 +85,13 @@ extern int DEBUGLEVEL; static uint32 do_reseed(void) { - static int counter = 0; unsigned char md4_outbuf[16]; unsigned char md4_inbuf[40]; BOOL got_random = False; uint32 v1, v2, ret; int fd; struct timeval tval; + pid_t mypid; memset(md4_inbuf, '\0', sizeof(md4_inbuf)); @@ -62,29 +111,17 @@ static uint32 do_reseed(void) /* * /dev/random failed - try /tmp/ for timestamps. */ - void *dp = sys_opendir("/tmp"); - - if(dp != NULL) { - char *p; - - while ((p = readdirname(dp))) { - struct stat st; - if(sys_stat(p,&st) != 0) - SIVAL(md4_inbuf, ((counter%sizeof(md4_inbuf))/4), - IVAL(md4_inbuf,((counter%sizeof(md4_inbuf))/4)) ^ st.st_atime); - counter++; - DEBUG(10,("do_reseed: value from file %s.\n", p)); - } - } - closedir(dp); + do_dirrand("/tmp", md4_inbuf, sizeof(md4_inbuf)); + do_dirrand("/dev", md4_inbuf, sizeof(md4_inbuf)); } /* * Finally add the counter, time of day, and pid. */ GetTimeOfDay(&tval); - v1 = (counter++) + getpid() + tval.tv_sec; - v2 = (counter++) * getpid() + tval.tv_usec; + mypid = getpid(); + v1 = (counter++) + mypid + tval.tv_sec; + v2 = (counter++) * mypid + tval.tv_usec; SIVAL(md4_inbuf, 32, v1 ^ IVAL(md4_inbuf, 32)); SIVAL(md4_inbuf, 36, v1 ^ IVAL(md4_inbuf, 36)); -- cgit From a63bcb436ad41058e6425c84c1a9994036be1166 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 21 Apr 1998 07:17:35 +0000 Subject: improved the secret buffer generation a bit. It now uses /etc/shadow and smbpasswd if possible, and doesn't put it all through a 32 bit bottleneck. (This used to be commit 356ec24840da98f9e0b49b8eecb56aeec5ed848e) --- source3/lib/genrand.c | 61 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 39 insertions(+), 22 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 5808206f6b..78d19da00a 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -26,6 +26,30 @@ extern int DEBUGLEVEL; static uint32 counter = 0; + +/**************************************************************** +get a 16 byte hash from the contents of a file +Note that the hash is not initialised. +*****************************************************************/ +static void do_filehash(char *fname, unsigned char *hash) +{ + unsigned char buf[1011]; /* deliberate weird size */ + unsigned char tmp_md4[16]; + int fd, n; + + fd = open(fname,O_RDONLY); + if (fd == -1) return; + + while ((n = read(fd, (char *)buf, sizeof(buf))) > 0) { + mdfour(tmp_md4, buf, n); + for (n=0;n<16;n++) + hash[n] ^= tmp_md4[n]; + } + close(fd); +} + + + /**************************************************************** Try and get a seed by looking at the atimes of files in a given directory. XOR them into the buf array. @@ -81,14 +105,15 @@ static void do_dirrand(char *name, unsigned char *buf, int buf_len) XOR all the file timestamps. If this fails then just use a combination of pid and time of day (yes I know this sucks :-). Finally md4 the result. + + The result goes in a 16 byte buffer passed from the caller **************************************************************/ -static uint32 do_reseed(void) +static void do_reseed(unsigned char *md4_outbuf) { - unsigned char md4_outbuf[16]; unsigned char md4_inbuf[40]; BOOL got_random = False; - uint32 v1, v2, ret; + uint32 v1, v2; int fd; struct timeval tval; pid_t mypid; @@ -115,6 +140,10 @@ static uint32 do_reseed(void) do_dirrand("/dev", md4_inbuf, sizeof(md4_inbuf)); } + /* possibly add in some secret file contents */ + do_filehash("/etc/shadow", &md4_inbuf[0]); + do_filehash(SMB_PASSWD_FILE, &md4_inbuf[16]); + /* * Finally add the counter, time of day, and pid. */ @@ -124,19 +153,9 @@ static uint32 do_reseed(void) v2 = (counter++) * mypid + tval.tv_usec; SIVAL(md4_inbuf, 32, v1 ^ IVAL(md4_inbuf, 32)); - SIVAL(md4_inbuf, 36, v1 ^ IVAL(md4_inbuf, 36)); + SIVAL(md4_inbuf, 36, v2 ^ IVAL(md4_inbuf, 36)); mdfour(md4_outbuf, md4_inbuf, sizeof(md4_inbuf)); - - /* XOR everything togther in blocks of 4 bytes. */ - ret = IVAL(md4_outbuf,0); - ret ^= IVAL(md4_outbuf,4); - ret ^= IVAL(md4_outbuf,8); - ret ^= IVAL(md4_outbuf,12); - - DEBUG(10,("do_reseed: returning seed %lu\n", ret)); - - return ret; } /******************************************************************* @@ -146,13 +165,13 @@ static uint32 do_reseed(void) void generate_random_buffer( unsigned char *out, int len, BOOL re_seed) { static BOOL done_reseed = False; - unsigned char tmp_buf[64]; + unsigned char tmp_buf[16]; unsigned char md4_buf[16]; unsigned char *p; if(!done_reseed || re_seed) { - srandom(do_reseed()); - done_reseed = True; + do_reseed(md4_buf); + done_reseed = True; } /* @@ -162,12 +181,10 @@ void generate_random_buffer( unsigned char *out, int len, BOOL re_seed) p = out; while(len > 0) { - int i; int copy_len = len > 16 ? 16 : len; - for( i = 0; i < 16; i++) - SIVAL(tmp_buf, i*4, random()); - mdfour(md4_buf, tmp_buf, sizeof(tmp_buf)); - memcpy(p, md4_buf, copy_len); + mdfour(tmp_buf, md4_buf, sizeof(md4_buf)); + memcpy(md4_buf, tmp_buf, sizeof(md4_buf)); + memcpy(p, tmp_buf, copy_len); p += copy_len; len -= copy_len; } -- cgit From 8c7e457ae46a820cef36ac3f99e41f1276bc4587 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 21 Apr 1998 07:26:15 +0000 Subject: many systems don't have /etc/shadow but do have another system for making encrypted passwords secret. For example, with secure NIS+ only root can get the encrypted password. hash in the encrypted password of "root" to provide a nice source of secret on such systems. On systems that don't have this (ie. any user can get roots encrypted password) then the security is so slack that it probably doesn't matter what we do to generate the secret. (This used to be commit 3271e4c29fdc15a1ae61dec94517e484c2457411) --- source3/lib/genrand.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 78d19da00a..8d7084d9f6 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -117,6 +117,7 @@ static void do_reseed(unsigned char *md4_outbuf) int fd; struct timeval tval; pid_t mypid; + struct passwd *pw; memset(md4_inbuf, '\0', sizeof(md4_inbuf)); @@ -144,6 +145,17 @@ static void do_reseed(unsigned char *md4_outbuf) do_filehash("/etc/shadow", &md4_inbuf[0]); do_filehash(SMB_PASSWD_FILE, &md4_inbuf[16]); + /* add in the root encrypted password. On any system where security is taken + seriously this will be secret */ + pw = getpwnam("root"); + if (pw) { + int i; + unsigned char md4_tmp[16]; + mdfour(md4_tmp, pw->pw_passwd, strlen(pw->pw_passwd)); + for (i=0;i<16;i++) + md4_inbuf[8+i] ^= md4_tmp[i]; + } + /* * Finally add the counter, time of day, and pid. */ -- cgit From 8584c6bd6621eefb49aff69581caf28e38b4ceda Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 22 Apr 1998 00:56:38 +0000 Subject: genrand.c: Improved generation of random values, more secure. loadparm.c: Started add of 'security=domain' code. password.c: Fix for security=server NT bugs. reply.c: Started add of 'security=domain' code. server.c: Started add of 'security=domain' code. smb.h: Started add of 'security=domain' code. Jeremy. (This used to be commit e6bda112ebe0d41f54c4249b5c2e1f24011347e1) --- source3/lib/genrand.c | 41 ++++++++++++++++++++++++++++++++--------- 1 file changed, 32 insertions(+), 9 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 8d7084d9f6..e20f054504 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -26,7 +26,6 @@ extern int DEBUGLEVEL; static uint32 counter = 0; - /**************************************************************** get a 16 byte hash from the contents of a file Note that the hash is not initialised. @@ -102,18 +101,19 @@ static void do_dirrand(char *name, unsigned char *buf, int buf_len) Try and get a good random number seed. Try a number of different factors. Firstly, try /dev/random and try and read from this. If this fails iterate through /tmp and - XOR all the file timestamps. If this fails then just use - a combination of pid and time of day (yes I know this + /dev and XOR all the file timestamps. Next add in + a hash of the contents of /etc/shadow and the smb passwd + file and a combination of pid and time of day (yes I know this sucks :-). Finally md4 the result. The result goes in a 16 byte buffer passed from the caller **************************************************************/ -static void do_reseed(unsigned char *md4_outbuf) +static uint32 do_reseed(unsigned char *md4_outbuf) { unsigned char md4_inbuf[40]; BOOL got_random = False; - uint32 v1, v2; + uint32 v1, v2, ret; int fd; struct timeval tval; pid_t mypid; @@ -135,7 +135,7 @@ static void do_reseed(unsigned char *md4_outbuf) if(!got_random) { /* - * /dev/random failed - try /tmp/ for timestamps. + * /dev/random failed - try /tmp and /dev for timestamps. */ do_dirrand("/tmp", md4_inbuf, sizeof(md4_inbuf)); do_dirrand("/dev", md4_inbuf, sizeof(md4_inbuf)); @@ -148,7 +148,7 @@ static void do_reseed(unsigned char *md4_outbuf) /* add in the root encrypted password. On any system where security is taken seriously this will be secret */ pw = getpwnam("root"); - if (pw) { + if (pw && pw->pw_passwd) { int i; unsigned char md4_tmp[16]; mdfour(md4_tmp, pw->pw_passwd, strlen(pw->pw_passwd)); @@ -168,6 +168,16 @@ static void do_reseed(unsigned char *md4_outbuf) SIVAL(md4_inbuf, 36, v2 ^ IVAL(md4_inbuf, 36)); mdfour(md4_outbuf, md4_inbuf, sizeof(md4_inbuf)); + + /* + * Return a 32 bit int created from XORing the + * 16 bit return buffer. + */ + + ret = IVAL(md4_outbuf, 0); + ret ^= IVAL(md4_outbuf, 4); + ret ^= IVAL(md4_outbuf, 8); + return (ret ^ IVAL(md4_outbuf, 12)); } /******************************************************************* @@ -177,25 +187,38 @@ static void do_reseed(unsigned char *md4_outbuf) void generate_random_buffer( unsigned char *out, int len, BOOL re_seed) { static BOOL done_reseed = False; + static unsigned char md4_buf[16]; unsigned char tmp_buf[16]; - unsigned char md4_buf[16]; unsigned char *p; if(!done_reseed || re_seed) { - do_reseed(md4_buf); + srandom(do_reseed(md4_buf)); done_reseed = True; } /* * Generate random numbers in chunks of 64 bytes, * then md4 them & copy to the output buffer. + * Added XOR with output from random, seeded + * by the original md4_buf. This is to stop the + * output from this function being the previous + * md4_buf md4'ed. The output from this function + * is often output onto the wire, and so it should + * not be possible to guess the next output from + * this function based on the previous output. + * XORing in the output from random(), seeded by + * the original md4 hash should stop this. JRA. */ p = out; while(len > 0) { + int i; int copy_len = len > 16 ? 16 : len; mdfour(tmp_buf, md4_buf, sizeof(md4_buf)); memcpy(md4_buf, tmp_buf, sizeof(md4_buf)); + /* XOR in output from random(). */ + for(i = 0; i < 4; i++) + SIVAL(tmp_buf, i*4, (IVAL(tmp_buf, i*4) ^ (uint32)random())); memcpy(p, tmp_buf, copy_len); p += copy_len; len -= copy_len; -- cgit From a85f5bc268a1c13334b86ac3a44a026359c09371 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 23 Apr 1998 18:54:57 +0000 Subject: genrand.c: Changed SMB_PASSWD_FILE to lp_smb_passwd_file(). password.c: Started the initial code for domain_client_validate(). All bracketed with #ifdef DOMAIN_CLIENT for now. reply.c: Call to domain_client_validate(). All bracketed with #ifdef DOMAIN_CLIENT for now. smbpass.c: New code to get/set machine passwords. Tidied up nesting of lock calls. Jeremy. (This used to be commit 89fe059a6816f32d2cc5c4c04c4089b60590e7e6) --- source3/lib/genrand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index e20f054504..3eae47486f 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -143,7 +143,7 @@ static uint32 do_reseed(unsigned char *md4_outbuf) /* possibly add in some secret file contents */ do_filehash("/etc/shadow", &md4_inbuf[0]); - do_filehash(SMB_PASSWD_FILE, &md4_inbuf[16]); + do_filehash(lp_smb_passwd_file(), &md4_inbuf[16]); /* add in the root encrypted password. On any system where security is taken seriously this will be secret */ -- cgit From 19f76f391b97b405879fd8574e711a6d59e4e60c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 5 May 1998 19:24:32 +0000 Subject: genrand.c: SGI compile warning fix. ipc.c: Fix for duplicate printer names being long. loadparm.c: Set bNetWkstaUserLogon to false by default - new code in password.c protects us. nmbd_logonnames.c: nmbd_namequery.c: nmbd_namerelease.c: Debug messages fix. password.c: SGI compile warning fix, fix for tcon() with bNetWkstaUserLogon call. reply.c: SGI compile warning fix. server.c Debug messages fix. smbpass.c: Fix for incorrect pointer. Jeremy. (This used to be commit 567d3f838988cafab4770fce1cf68b73085e6c71) --- source3/lib/genrand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 3eae47486f..b09f683e62 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -151,7 +151,7 @@ static uint32 do_reseed(unsigned char *md4_outbuf) if (pw && pw->pw_passwd) { int i; unsigned char md4_tmp[16]; - mdfour(md4_tmp, pw->pw_passwd, strlen(pw->pw_passwd)); + mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd)); for (i=0;i<16;i++) md4_inbuf[8+i] ^= md4_tmp[i]; } -- cgit From f888868f46a5418bac9ab528497136c152895305 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 12 May 1998 00:55:32 +0000 Subject: This is a security audit change of the main source. It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb) --- source3/lib/genrand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index b09f683e62..5e87275ce8 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -84,7 +84,7 @@ static void do_dirrand(char *name, unsigned char *buf, int buf_len) struct stat st; if(strlen(p) <= len_left) - strcpy(pos, p); + pstrcpy(pos, p); if(sys_stat(fullname,&st) == 0) { SIVAL(buf, ((counter * 4)%(buf_len-4)), -- cgit From 18556274139cc5a00593471bd745354d98a35303 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 1 Sep 1998 20:11:54 +0000 Subject: More abstraction of file system data types, to move to a 64 bit file interface for the NT SMB's. Created a new define, SMB_STRUCT_STAT that currently is defined to be struct stat - this wil change to a user defined type containing 64 bit info when the correct wrappers are written for 64 bit stat(), fstat() and lstat() calls. Also changed all sys_xxxx() calls that were previously just wrappers to the same call prefixed by a dos_to_unix() call into dos_xxxx() calls. This makes it explicit when a pathname translation is being done, and when it is not. Now, all sys_xxx() calls are meant to be wrappers to mask OS differences, and not silently converting filenames on the fly. Jeremy. (This used to be commit 28aa182dbffaa4ffd86047e608400de4b26e80eb) --- source3/lib/genrand.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 5e87275ce8..c36cdd4b8c 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -56,7 +56,7 @@ static void do_filehash(char *fname, unsigned char *hash) static void do_dirrand(char *name, unsigned char *buf, int buf_len) { - void *dp = sys_opendir(name); + void *dp = dos_opendir(name); pstring fullname; int len_left; int fullname_len; @@ -81,12 +81,12 @@ static void do_dirrand(char *name, unsigned char *buf, int buf_len) char *p; while ((p = readdirname(dp))) { - struct stat st; + SMB_STRUCT_STAT st; if(strlen(p) <= len_left) pstrcpy(pos, p); - if(sys_stat(fullname,&st) == 0) { + if(dos_stat(fullname,&st) == 0) { SIVAL(buf, ((counter * 4)%(buf_len-4)), IVAL(buf,((counter * 4)%(buf_len-4))) ^ st.st_atime); counter++; -- cgit From 5f7ee360567a6b4e1a6f43ff01da057d2998fef8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 25 Sep 1998 23:40:49 +0000 Subject: Makefile.in: Fixed bug with continuation line causing proto to fail. Added $(PROGS) $(SPROGS) as targets for make clean. acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES. configure.in: Added sys/capability.h header check. Added function checks for srandom random srand rand. Added HAVE_IRIX_SPECIFIC_CAPABILITIES test. includes.h: Added #include . ntdomain.h: Moved struct acct_info into here from smb.h smb.h: Added KERNEL_OPLOCK_CAPABILITY define. Moved enum action_type into rpcclient.h Moved struct cli_state into client.h Moved struct nt_client_info, struct tar_client_info, struct client_info into rpcclient.h lib/genrand.c: Changed to use sys_random() & friends. lib/smbrun.c: Lose capabilities after fork. lib/system.c: Added set_process_capability(), set_inherited_process_capability() sys_random(), sys_srandom(). lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an 32 bit mounted NFS filesystem. nmbd/nmbd.c: Changed to use sys_random() & friends. nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends. passdb/ldap.c: Missed one pdb_encode_acct_ctrl call. passdb/passdb.c: Changed to Ander's code for ' ' characters. passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ. script/mkproto.awk: Added 'long' to prototypes. smbd/chgpasswd.c: Lose capabilities after fork. smbd/open.c: Do the mmap *after* the kernel oplock. smbd/oplock.c: Removed stub code from kernel oplock path. Added set_process_capability(), set_inherited_process_capability() calls. smbd/reply.c: Initialize count = 0, offset = 0. smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls. tests/summary.c: Ensure we have RANDOM or RAND. utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ. utils/torture.c: Changed to use sys_random() & friends. Jeremy. (This used to be commit e8be306f23963ac00b1a383ebe0cc1421529fb02) --- source3/lib/genrand.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index c36cdd4b8c..bb1922e4f5 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -192,7 +192,7 @@ void generate_random_buffer( unsigned char *out, int len, BOOL re_seed) unsigned char *p; if(!done_reseed || re_seed) { - srandom(do_reseed(md4_buf)); + sys_srandom(do_reseed(md4_buf)); done_reseed = True; } @@ -218,7 +218,7 @@ void generate_random_buffer( unsigned char *out, int len, BOOL re_seed) memcpy(md4_buf, tmp_buf, sizeof(md4_buf)); /* XOR in output from random(). */ for(i = 0; i < 4; i++) - SIVAL(tmp_buf, i*4, (IVAL(tmp_buf, i*4) ^ (uint32)random())); + SIVAL(tmp_buf, i*4, (IVAL(tmp_buf, i*4) ^ (uint32)sys_random())); memcpy(p, tmp_buf, copy_len); p += copy_len; len -= copy_len; -- cgit From 768761820e8d7481c586c4e0ab4ac7cb36d18c4b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 17 Nov 1998 20:50:07 +0000 Subject: Added the same open()/fopen()/creat()/mmap() -> sys_XXX calls. Tidied up some of the mess (no other word for it). Still doesn't compile cleanly. There are calls with incorrect parameters that don't seem to be doing the right thing. This code still needs surgery :-(. Jeremy. (This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac) --- source3/lib/genrand.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index bb1922e4f5..8b05b02f94 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -36,7 +36,7 @@ static void do_filehash(char *fname, unsigned char *hash) unsigned char tmp_md4[16]; int fd, n; - fd = open(fname,O_RDONLY); + fd = sys_open(fname,O_RDONLY,0); if (fd == -1) return; while ((n = read(fd, (char *)buf, sizeof(buf))) > 0) { @@ -121,7 +121,7 @@ static uint32 do_reseed(unsigned char *md4_outbuf) memset(md4_inbuf, '\0', sizeof(md4_inbuf)); - fd = open( "/dev/random", O_RDONLY); + fd = sys_open( "/dev/random", O_RDONLY,0); if(fd >= 0) { /* * We can use /dev/random ! -- cgit From bfc38ff872446e0ad365c22327c779e72a81bef9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 25 Nov 1998 21:17:20 +0000 Subject: Makefile.in: Added maintainer mode fixes. aclocal.m4: Added AC_LIBTESTFUNC. configure.in: Fixed -lsecurity -lsec problems. client.c: dos_ fixes. groupdb/aliasunix.c: Dead code removal. include/includes.h: Added default PRINTCAP_NAME. lib/genrand.c: dos_ fixes. lib/replace.c: Added strtoul. lib/system.c: dos_ fixes. lib/util.c: dos_ fixes. lib/util_sid.c: Signed/unsigned fixes. lib/util_str.c: removed bad const. locking/locking_slow.c: dos_ fixes. printing/printing.c: dos_ fixes. rpc_server/srv_samr.c: Dead code removal. rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN ! smbd/dir.c: dos_ fixes. smbd/open.c: dos_ fixes. smbd/oplock.c: dos_ fixes. smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes. Jeremy. (This used to be commit 6acb4b68f68d516e2ac3c47e500f5600d653435e) --- source3/lib/genrand.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 8b05b02f94..90e4a3194e 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -56,7 +56,7 @@ static void do_filehash(char *fname, unsigned char *hash) static void do_dirrand(char *name, unsigned char *buf, int buf_len) { - void *dp = dos_opendir(name); + DIR *dp = opendir(name); pstring fullname; int len_left; int fullname_len; @@ -86,7 +86,7 @@ static void do_dirrand(char *name, unsigned char *buf, int buf_len) if(strlen(p) <= len_left) pstrcpy(pos, p); - if(dos_stat(fullname,&st) == 0) { + if(sys_stat(fullname,&st) == 0) { SIVAL(buf, ((counter * 4)%(buf_len-4)), IVAL(buf,((counter * 4)%(buf_len-4))) ^ st.st_atime); counter++; -- cgit From 4d24845de600f3720e8eac4c18a82d85a9e34100 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 28 Apr 1999 02:00:38 +0000 Subject: use /dev/urandom not /dev/random in head branch. also got rid of /tmp time based random source. I saw a system with a huge number of files in /tmp and logging in was taking a _long_ time. (This used to be commit d48e452915ab92ba431ca8b40838a6bb8ed31640) --- source3/lib/genrand.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 90e4a3194e..a2fd1e0860 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -99,13 +99,17 @@ static void do_dirrand(char *name, unsigned char *buf, int buf_len) /************************************************************** Try and get a good random number seed. Try a number of - different factors. Firstly, try /dev/random and try and + different factors. Firstly, try /dev/urandom and try and read from this. If this fails iterate through /tmp and /dev and XOR all the file timestamps. Next add in a hash of the contents of /etc/shadow and the smb passwd file and a combination of pid and time of day (yes I know this sucks :-). Finally md4 the result. + We use /dev/urandom as a read of /dev/random can block if + the entropy pool dries up. This leads clients to timeout + or be very slow on connect. + The result goes in a 16 byte buffer passed from the caller **************************************************************/ @@ -121,23 +125,22 @@ static uint32 do_reseed(unsigned char *md4_outbuf) memset(md4_inbuf, '\0', sizeof(md4_inbuf)); - fd = sys_open( "/dev/random", O_RDONLY,0); + fd = sys_open( "/dev/urandom", O_RDONLY,0); if(fd >= 0) { /* - * We can use /dev/random ! + * We can use /dev/urandom ! */ if(read(fd, md4_inbuf, 40) == 40) { got_random = True; - DEBUG(10,("do_reseed: got 40 bytes from /dev/random.\n")); + DEBUG(10,("do_reseed: got 40 bytes from /dev/urandom.\n")); } close(fd); } if(!got_random) { /* - * /dev/random failed - try /tmp and /dev for timestamps. + * /dev/urandom failed - try /dev for timestamps. */ - do_dirrand("/tmp", md4_inbuf, sizeof(md4_inbuf)); do_dirrand("/dev", md4_inbuf, sizeof(md4_inbuf)); } -- cgit From 56128244261f8e4c6e1144da66c736fbc2104665 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Mon, 25 Oct 1999 19:03:27 +0000 Subject: - typecast malloc / Realloc issues. - signed / unsigned issues. (This used to be commit c8fd555179314baf1672a23db34dc8ad9f2d02bf) --- source3/lib/genrand.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index a2fd1e0860..ab0dadebcf 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -58,8 +58,8 @@ static void do_dirrand(char *name, unsigned char *buf, int buf_len) { DIR *dp = opendir(name); pstring fullname; - int len_left; - int fullname_len; + size_t len_left; + size_t fullname_len; char *pos; pstrcpy(fullname, name); -- cgit From 3db52feb1f3b2c07ce0b06ad4a7099fa6efe3fc7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 13 Dec 1999 13:27:58 +0000 Subject: first pass at updating head branch to be to be the same as the SAMBA_2_0 branch (This used to be commit 453a822a76780063dff23526c35408866d0c0154) --- source3/lib/genrand.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index ab0dadebcf..a9698d4cd1 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -58,8 +58,8 @@ static void do_dirrand(char *name, unsigned char *buf, int buf_len) { DIR *dp = opendir(name); pstring fullname; - size_t len_left; - size_t fullname_len; + int len_left; + int fullname_len; char *pos; pstrcpy(fullname, name); @@ -150,7 +150,7 @@ static uint32 do_reseed(unsigned char *md4_outbuf) /* add in the root encrypted password. On any system where security is taken seriously this will be secret */ - pw = getpwnam("root"); + pw = sys_getpwnam("root"); if (pw && pw->pw_passwd) { int i; unsigned char md4_tmp[16]; -- cgit From 693ffb8466ada58ecc59fde754ba79fc6f51528d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 2 May 2000 02:23:41 +0000 Subject: Added sys_fork() and sys_getpid() functions to stop the overhead of doing a system call every time we want to just get our pid. Jeremy. (This used to be commit 148628b616b5c29ba6340d65fc3ddbcabba6e67a) --- source3/lib/genrand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index a9698d4cd1..102eec6300 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -163,7 +163,7 @@ static uint32 do_reseed(unsigned char *md4_outbuf) * Finally add the counter, time of day, and pid. */ GetTimeOfDay(&tval); - mypid = getpid(); + mypid = sys_getpid(); v1 = (counter++) + mypid + tval.tv_sec; v2 = (counter++) * mypid + tval.tv_usec; -- cgit From 09a5daf032b6e206e9371e63ca06ef60ef841b6a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 12 Apr 2001 07:00:08 +0000 Subject: Changed lp_add/delete/enum scripts to use lockdir if spool dir doesn't exist for printer. Rather than using pid for suffix, use a 16 byte random string. Created generate_random_str() function in genrand.c. Still needs more testing but this is the way to go. Jeremy. (This used to be commit 71a330987f990007beb16f00fc468107361b5e9d) --- source3/lib/genrand.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 102eec6300..67fbbc7a06 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -227,3 +227,27 @@ void generate_random_buffer( unsigned char *out, int len, BOOL re_seed) len -= copy_len; } } + +/******************************************************************* + Use the random number generator to generate a random string. +********************************************************************/ + +static char c_list[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+ _-#.,"; + +char *generate_random_str(size_t len) +{ + static unsigned char retstr[256]; + size_t i; + + memset(retstr, '\0', sizeof(retstr)); + + if (len > sizeof(retstr)-1) + len = sizeof(retstr) -1; + generate_random_buffer( retstr, len, False); + for (i = 0; i < len; i++) + retstr[i] = c_list[ retstr[i] % sizeof(c_list) ]; + + retstr[i] = '\0'; + + return retstr; +} -- cgit From 874356646acf782edab9042039442b9de1d93b66 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 12 Apr 2001 07:20:15 +0000 Subject: Can't use space in random string used for exec. Jeremy. (This used to be commit 8ab1d5663e6b25bc101cd388ef6c312ddb88b988) --- source3/lib/genrand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 67fbbc7a06..c8c39d026e 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -232,7 +232,7 @@ void generate_random_buffer( unsigned char *out, int len, BOOL re_seed) Use the random number generator to generate a random string. ********************************************************************/ -static char c_list[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+ _-#.,"; +static char c_list[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.,"; char *generate_random_str(size_t len) { -- cgit From 2ef68c7e92d4661664f0410509f7cb551e74a198 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 13 Apr 2001 19:12:06 +0000 Subject: Merge of Andrew's changes in 2.2. Jeremy. (This used to be commit fc76681812b1469208ad6c8847afdfc68bc6db49) --- source3/lib/genrand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index c8c39d026e..4a7de802e8 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -249,5 +249,5 @@ char *generate_random_str(size_t len) retstr[i] = '\0'; - return retstr; + return (char *)retstr; } -- cgit From 00cdd8cfa2cadb89c4502b061d9889998025ab9a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 24 May 2001 18:24:54 +0000 Subject: Fix for random stream generator. Jeremy. (This used to be commit b2867ddfa26ffbc94d022d88b849ef58fd1cc788) --- source3/lib/genrand.c | 354 ++++++++++++++++++++++++++------------------------ 1 file changed, 186 insertions(+), 168 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 4a7de802e8..86b3b56696 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -1,10 +1,10 @@ /* Unix SMB/Netbios implementation. - Version 1.9. + Version 2.2 Functions to create reasonable random numbers for crypto use. - Copyright (C) Jeremy Allison 1998 + Copyright (C) Jeremy Allison 2001 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -24,12 +24,88 @@ #include "includes.h" extern int DEBUGLEVEL; -static uint32 counter = 0; + + +static unsigned char hash[258]; +static uint32 counter; +unsigned char *reseed_data; +size_t reseed_data_size; + +/**************************************************************** + Copy any user given reseed data. +*****************************************************************/ + +void set_rand_reseed_data(unsigned char *data, size_t len) +{ + if (reseed_data) + free(reseed_data); + reseed_data_size = 0; + + reseed_data = (unsigned char *)memdup(data, len); + if (reseed_data) + reseed_data_size = len; +} + +/**************************************************************** + Setup the seed. +*****************************************************************/ + +static void seed_random_stream(unsigned char *seedval, size_t seedlen) +{ + unsigned char j = 0; + size_t ind; + + for (ind = 0; ind < 256; ind++) + hash[ind] = (unsigned char)ind; + + for( ind = 0; ind < 256; ind++) { + unsigned char tc; + + j += (hash[ind] + seedval[ind%seedlen]); + + tc = hash[ind]; + hash[ind] = hash[j]; + hash[j] = tc; + } + + hash[256] = 0; + hash[257] = 0; +} + +/**************************************************************** + Get datasize bytes worth of random data. +*****************************************************************/ + +static void get_random_stream(unsigned char *data, size_t datasize) +{ + unsigned char index_i = hash[256]; + unsigned char index_j = hash[257]; + size_t ind; + + for( ind = 0; ind < datasize; ind++) { + unsigned char tc; + unsigned char t; + + index_i++; + index_j += hash[index_i]; + + tc = hash[index_i]; + hash[index_i] = hash[index_j]; + hash[index_j] = tc; + + t = hash[index_i] + hash[index_j]; + data[ind] = hash[t]; + } + + hash[256] = index_i; + hash[257] = index_j; +} /**************************************************************** -get a 16 byte hash from the contents of a file -Note that the hash is not initialised. + Get a 16 byte hash from the contents of a file. + Note that the hash is not initialised. *****************************************************************/ + static void do_filehash(char *fname, unsigned char *hash) { unsigned char buf[1011]; /* deliberate weird size */ @@ -37,7 +113,8 @@ static void do_filehash(char *fname, unsigned char *hash) int fd, n; fd = sys_open(fname,O_RDONLY,0); - if (fd == -1) return; + if (fd == -1) + return; while ((n = read(fd, (char *)buf, sizeof(buf))) > 0) { mdfour(tmp_md4, buf, n); @@ -47,185 +124,126 @@ static void do_filehash(char *fname, unsigned char *hash) close(fd); } - - -/**************************************************************** - Try and get a seed by looking at the atimes of files in a given - directory. XOR them into the buf array. -*****************************************************************/ - -static void do_dirrand(char *name, unsigned char *buf, int buf_len) -{ - DIR *dp = opendir(name); - pstring fullname; - int len_left; - int fullname_len; - char *pos; - - pstrcpy(fullname, name); - fullname_len = strlen(fullname); - - if(fullname_len + 2 > sizeof(pstring)) - return; - - if(fullname[fullname_len] != '/') { - fullname[fullname_len] = '/'; - fullname[fullname_len+1] = '\0'; - fullname_len = strlen(fullname); - } - - len_left = sizeof(pstring) - fullname_len - 1; - pos = &fullname[fullname_len]; - - if(dp != NULL) { - char *p; - - while ((p = readdirname(dp))) { - SMB_STRUCT_STAT st; - - if(strlen(p) <= len_left) - pstrcpy(pos, p); - - if(sys_stat(fullname,&st) == 0) { - SIVAL(buf, ((counter * 4)%(buf_len-4)), - IVAL(buf,((counter * 4)%(buf_len-4))) ^ st.st_atime); - counter++; - DEBUG(10,("do_dirrand: value from file %s.\n", fullname)); - } - } - closedir(dp); - } -} - /************************************************************** Try and get a good random number seed. Try a number of - different factors. Firstly, try /dev/urandom and try and - read from this. If this fails iterate through /tmp and - /dev and XOR all the file timestamps. Next add in - a hash of the contents of /etc/shadow and the smb passwd - file and a combination of pid and time of day (yes I know this - sucks :-). Finally md4 the result. + different factors. Firstly, try /dev/urandom - use if exists. We use /dev/urandom as a read of /dev/random can block if the entropy pool dries up. This leads clients to timeout or be very slow on connect. - The result goes in a 16 byte buffer passed from the caller + If we can't use /dev/urandom then seed the stream random generator + above... **************************************************************/ -static uint32 do_reseed(unsigned char *md4_outbuf) +static int do_reseed(BOOL use_fd, int fd) { - unsigned char md4_inbuf[40]; - BOOL got_random = False; - uint32 v1, v2, ret; - int fd; - struct timeval tval; - pid_t mypid; - struct passwd *pw; - - memset(md4_inbuf, '\0', sizeof(md4_inbuf)); - - fd = sys_open( "/dev/urandom", O_RDONLY,0); - if(fd >= 0) { - /* - * We can use /dev/urandom ! - */ - if(read(fd, md4_inbuf, 40) == 40) { - got_random = True; - DEBUG(10,("do_reseed: got 40 bytes from /dev/urandom.\n")); - } - close(fd); - } - - if(!got_random) { - /* - * /dev/urandom failed - try /dev for timestamps. - */ - do_dirrand("/dev", md4_inbuf, sizeof(md4_inbuf)); - } - - /* possibly add in some secret file contents */ - do_filehash("/etc/shadow", &md4_inbuf[0]); - do_filehash(lp_smb_passwd_file(), &md4_inbuf[16]); - - /* add in the root encrypted password. On any system where security is taken - seriously this will be secret */ - pw = sys_getpwnam("root"); - if (pw && pw->pw_passwd) { - int i; - unsigned char md4_tmp[16]; - mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd)); - for (i=0;i<16;i++) - md4_inbuf[8+i] ^= md4_tmp[i]; - } - - /* - * Finally add the counter, time of day, and pid. - */ - GetTimeOfDay(&tval); - mypid = sys_getpid(); - v1 = (counter++) + mypid + tval.tv_sec; - v2 = (counter++) * mypid + tval.tv_usec; - - SIVAL(md4_inbuf, 32, v1 ^ IVAL(md4_inbuf, 32)); - SIVAL(md4_inbuf, 36, v2 ^ IVAL(md4_inbuf, 36)); - - mdfour(md4_outbuf, md4_inbuf, sizeof(md4_inbuf)); - - /* - * Return a 32 bit int created from XORing the - * 16 bit return buffer. - */ - - ret = IVAL(md4_outbuf, 0); - ret ^= IVAL(md4_outbuf, 4); - ret ^= IVAL(md4_outbuf, 8); - return (ret ^ IVAL(md4_outbuf, 12)); + unsigned char seed_inbuf[40]; + uint32 v1, v2; struct timeval tval; pid_t mypid; + struct passwd *pw; + + if (use_fd) { + if (fd != -1) + return fd; + + fd = sys_open( "/dev/urandom", O_RDONLY,0); + if(fd >= 0) + return fd; + } + + /* Add in some secret file contents */ + + do_filehash("/etc/shadow", &seed_inbuf[0]); + do_filehash(lp_smb_passwd_file(), &seed_inbuf[16]); + + /* + * Add in the root encrypted password. + * On any system where security is taken + * seriously this will be secret. + */ + + pw = sys_getpwnam("root"); + if (pw && pw->pw_passwd) { + size_t i; + unsigned char md4_tmp[16]; + mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd)); + for (i=0;i<16;i++) + seed_inbuf[8+i] ^= md4_tmp[i]; + } + + /* + * Add the counter, time of day, and pid. + */ + + GetTimeOfDay(&tval); + mypid = sys_getpid(); + v1 = (counter++) + mypid + tval.tv_sec; + v2 = (counter++) * mypid + tval.tv_usec; + + SIVAL(seed_inbuf, 32, v1 ^ IVAL(seed_inbuf, 32)); + SIVAL(seed_inbuf, 36, v2 ^ IVAL(seed_inbuf, 36)); + + /* + * Add any user-given reseed data. + */ + + if (reseed_data) { + size_t i; + for (i = 0; i < sizeof(seed_inbuf); i++) + seed_inbuf[i] ^= reseed_data[i % reseed_data_size]; + } + + seed_random_stream(seed_inbuf, sizeof(seed_inbuf)); + + return -1; } /******************************************************************* Interface to the (hopefully) good crypto random number generator. ********************************************************************/ -void generate_random_buffer( unsigned char *out, int len, BOOL re_seed) +void generate_random_buffer( unsigned char *out, int len, BOOL do_reseed_now) { - static BOOL done_reseed = False; - static unsigned char md4_buf[16]; - unsigned char tmp_buf[16]; - unsigned char *p; - - if(!done_reseed || re_seed) { - sys_srandom(do_reseed(md4_buf)); - done_reseed = True; - } - - /* - * Generate random numbers in chunks of 64 bytes, - * then md4 them & copy to the output buffer. - * Added XOR with output from random, seeded - * by the original md4_buf. This is to stop the - * output from this function being the previous - * md4_buf md4'ed. The output from this function - * is often output onto the wire, and so it should - * not be possible to guess the next output from - * this function based on the previous output. - * XORing in the output from random(), seeded by - * the original md4 hash should stop this. JRA. - */ - - p = out; - while(len > 0) { - int i; - int copy_len = len > 16 ? 16 : len; - mdfour(tmp_buf, md4_buf, sizeof(md4_buf)); - memcpy(md4_buf, tmp_buf, sizeof(md4_buf)); - /* XOR in output from random(). */ - for(i = 0; i < 4; i++) - SIVAL(tmp_buf, i*4, (IVAL(tmp_buf, i*4) ^ (uint32)sys_random())); - memcpy(p, tmp_buf, copy_len); - p += copy_len; - len -= copy_len; - } + static BOOL done_reseed = False; + static int urand_fd = -1; + unsigned char md4_buf[64]; + unsigned char tmp_buf[16]; + unsigned char *p; + + if(!done_reseed || do_reseed_now) { + urand_fd = do_reseed(True, urand_fd); + done_reseed = True; + } + + if (urand_fd != -1 && len > 0) { + + if (read(urand_fd, out, len) == len) + return; /* len bytes of random data read from urandom. */ + + /* Read of urand error, drop back to non urand method. */ + close(urand_fd); + urand_fd = -1; + do_reseed(False, -1); + done_reseed = True; + } + + /* + * Generate random numbers in chunks of 64 bytes, + * then md4 them & copy to the output buffer. + * This way the raw state of the stream is never externally + * seen. + */ + + p = out; + while(len > 0) { + int copy_len = len > 16 ? 16 : len; + + get_random_stream(md4_buf, sizeof(md4_buf)); + mdfour(tmp_buf, md4_buf, sizeof(md4_buf)); + memcpy(p, tmp_buf, copy_len); + p += copy_len; + len -= copy_len; + } } /******************************************************************* -- cgit From 1744a49cae89d47b1e6c69840a55d4c817f9c358 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 29 May 2001 07:34:51 +0000 Subject: Fixed compiler warning. (This used to be commit adb61490af7bbd5f028892692bfe831af8c79f23) --- source3/lib/genrand.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 86b3b56696..d5556149af 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -106,7 +106,7 @@ static void get_random_stream(unsigned char *data, size_t datasize) Note that the hash is not initialised. *****************************************************************/ -static void do_filehash(char *fname, unsigned char *hash) +static void do_filehash(char *fname, unsigned char *the_hash) { unsigned char buf[1011]; /* deliberate weird size */ unsigned char tmp_md4[16]; @@ -119,7 +119,7 @@ static void do_filehash(char *fname, unsigned char *hash) while ((n = read(fd, (char *)buf, sizeof(buf))) > 0) { mdfour(tmp_md4, buf, n); for (n=0;n<16;n++) - hash[n] ^= tmp_md4[n]; + the_hash[n] ^= tmp_md4[n]; } close(fd); } -- cgit From 484a7c0341fe033fe26fe1e6b597ed1c456c39d4 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 17 Sep 2001 02:19:44 +0000 Subject: move to SAFE_FREE() (This used to be commit 60e907b7e8e1c008463a88ed2b076344278986ef) --- source3/lib/genrand.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index d5556149af..c4fb925a75 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -37,8 +37,7 @@ size_t reseed_data_size; void set_rand_reseed_data(unsigned char *data, size_t len) { - if (reseed_data) - free(reseed_data); + SAFE_FREE(reseed_data); reseed_data_size = 0; reseed_data = (unsigned char *)memdup(data, len); -- cgit From dc1fc3ee8ec2199bc73bb5d7ec711c6800f61d65 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 2 Oct 2001 04:29:50 +0000 Subject: Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header. (This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e) --- source3/lib/genrand.c | 3 --- 1 file changed, 3 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index c4fb925a75..39e56db960 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -23,9 +23,6 @@ #include "includes.h" -extern int DEBUGLEVEL; - - static unsigned char hash[258]; static uint32 counter; unsigned char *reseed_data; -- cgit From 158efc3aa2060e21f40e231a1e8aa945b6a3ab71 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 23 Jan 2002 12:59:24 +0000 Subject: getpwnam -> getpwnam_alloc. idra has promised not to revert these this time :-) (This used to be commit f556ad67e82518f5a024ffe9184ff9430ab5c541) --- source3/lib/genrand.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 39e56db960..4a56235c3d 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -158,13 +158,14 @@ static int do_reseed(BOOL use_fd, int fd) * seriously this will be secret. */ - pw = sys_getpwnam("root"); + pw = getpwnam_alloc("root"); if (pw && pw->pw_passwd) { size_t i; unsigned char md4_tmp[16]; mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd)); for (i=0;i<16;i++) seed_inbuf[8+i] ^= md4_tmp[i]; + passwd_free(&pw); } /* -- cgit From cd68afe31256ad60748b34f7318a180cfc2127cc Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 30 Jan 2002 06:08:46 +0000 Subject: Removed version number from file header. Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa) --- source3/lib/genrand.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 4a56235c3d..6296ead726 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -1,6 +1,5 @@ /* - Unix SMB/Netbios implementation. - Version 2.2 + Unix SMB/CIFS implementation. Functions to create reasonable random numbers for crypto use. -- cgit From e90b65284812aaa5ff9e9935ce9bbad7791cbbcd Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 15 Jul 2002 10:35:28 +0000 Subject: updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce) --- source3/lib/genrand.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 6296ead726..ee8bc0b1d5 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -24,8 +24,8 @@ static unsigned char hash[258]; static uint32 counter; -unsigned char *reseed_data; -size_t reseed_data_size; +static unsigned char *reseed_data; +static size_t reseed_data_size; /**************************************************************** Copy any user given reseed data. -- cgit From b2edf254eda92f775e7d3d9b6793b4d77f9000b6 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 17 Aug 2002 17:00:51 +0000 Subject: sync 3.0 branch with head (This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290) --- source3/lib/genrand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index ee8bc0b1d5..fe756169a6 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -259,7 +259,7 @@ char *generate_random_str(size_t len) len = sizeof(retstr) -1; generate_random_buffer( retstr, len, False); for (i = 0; i < len; i++) - retstr[i] = c_list[ retstr[i] % sizeof(c_list) ]; + retstr[i] = c_list[ retstr[i] % (sizeof(c_list)-1) ]; retstr[i] = '\0'; -- cgit From 634c54310c92c48dd4eceec602e230a021bdcfc5 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 3 Jan 2003 08:28:12 +0000 Subject: Merge from HEAD - make Samba compile with -Wwrite-strings without additional warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c) --- source3/lib/genrand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index fe756169a6..bc9f21c640 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -101,7 +101,7 @@ static void get_random_stream(unsigned char *data, size_t datasize) Note that the hash is not initialised. *****************************************************************/ -static void do_filehash(char *fname, unsigned char *the_hash) +static void do_filehash(const char *fname, unsigned char *the_hash) { unsigned char buf[1011]; /* deliberate weird size */ unsigned char tmp_md4[16]; -- cgit From 9d0783bf211dffe58845b36b0669f05bf8bf25b5 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 14 Jul 2004 04:36:01 +0000 Subject: r1492: Rework our random number generation system. On systems with /dev/urandom, this avoids a change to secrets.tdb for every fork(). For other systems, we now only re-seed after a fork, and on startup. No need to do it per-operation. This removes the 'need_reseed' parameter from generate_random_buffer(). Andrew Bartlett (This used to be commit 36741d3cf53a7bd17d361251f2bb50851cdb035f) --- source3/lib/genrand.c | 38 +++++++++++++++++++++++++------------- 1 file changed, 25 insertions(+), 13 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index bc9f21c640..9ccddfa4c5 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -24,21 +24,32 @@ static unsigned char hash[258]; static uint32 counter; -static unsigned char *reseed_data; -static size_t reseed_data_size; + +static BOOL done_reseed = False; +static void (*reseed_callback)(int *newseed); /**************************************************************** Copy any user given reseed data. *****************************************************************/ -void set_rand_reseed_data(unsigned char *data, size_t len) +void set_rand_reseed_callback(void (*fn)(int *)) { - SAFE_FREE(reseed_data); - reseed_data_size = 0; + reseed_callback = fn; + set_need_random_reseed(); +} - reseed_data = (unsigned char *)memdup(data, len); - if (reseed_data) - reseed_data_size = len; +void set_need_random_reseed(void) +{ + done_reseed = False; +} + +static void get_rand_reseed_data(int *reseed_data) +{ + if (reseed_callback) { + reseed_callback(reseed_data); + } else { + *reseed_data = 0; + } } /**************************************************************** @@ -136,6 +147,7 @@ static int do_reseed(BOOL use_fd, int fd) unsigned char seed_inbuf[40]; uint32 v1, v2; struct timeval tval; pid_t mypid; struct passwd *pw; + int reseed_data = 0; if (use_fd) { if (fd != -1) @@ -183,10 +195,11 @@ static int do_reseed(BOOL use_fd, int fd) * Add any user-given reseed data. */ + get_rand_reseed_data(&reseed_data); if (reseed_data) { size_t i; for (i = 0; i < sizeof(seed_inbuf); i++) - seed_inbuf[i] ^= reseed_data[i % reseed_data_size]; + seed_inbuf[i] ^= ((char *)(&reseed_data))[i % sizeof(reseed_data)]; } seed_random_stream(seed_inbuf, sizeof(seed_inbuf)); @@ -198,15 +211,14 @@ static int do_reseed(BOOL use_fd, int fd) Interface to the (hopefully) good crypto random number generator. ********************************************************************/ -void generate_random_buffer( unsigned char *out, int len, BOOL do_reseed_now) +void generate_random_buffer( unsigned char *out, int len) { - static BOOL done_reseed = False; static int urand_fd = -1; unsigned char md4_buf[64]; unsigned char tmp_buf[16]; unsigned char *p; - if(!done_reseed || do_reseed_now) { + if(!done_reseed) { urand_fd = do_reseed(True, urand_fd); done_reseed = True; } @@ -257,7 +269,7 @@ char *generate_random_str(size_t len) if (len > sizeof(retstr)-1) len = sizeof(retstr) -1; - generate_random_buffer( retstr, len, False); + generate_random_buffer( retstr, len); for (i = 0; i < len; i++) retstr[i] = c_list[ retstr[i] % (sizeof(c_list)-1) ]; -- cgit From 54abd2aa66069e6baf7769c496f46d9dba18db39 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 30 Sep 2005 17:13:37 +0000 Subject: r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3) --- source3/lib/genrand.c | 61 +++------------------------------------------------ 1 file changed, 3 insertions(+), 58 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 9ccddfa4c5..f37bbc9c2f 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -22,7 +22,7 @@ #include "includes.h" -static unsigned char hash[258]; +static unsigned char smb_arc4_state[258]; static uint32 counter; static BOOL done_reseed = False; @@ -52,61 +52,6 @@ static void get_rand_reseed_data(int *reseed_data) } } -/**************************************************************** - Setup the seed. -*****************************************************************/ - -static void seed_random_stream(unsigned char *seedval, size_t seedlen) -{ - unsigned char j = 0; - size_t ind; - - for (ind = 0; ind < 256; ind++) - hash[ind] = (unsigned char)ind; - - for( ind = 0; ind < 256; ind++) { - unsigned char tc; - - j += (hash[ind] + seedval[ind%seedlen]); - - tc = hash[ind]; - hash[ind] = hash[j]; - hash[j] = tc; - } - - hash[256] = 0; - hash[257] = 0; -} - -/**************************************************************** - Get datasize bytes worth of random data. -*****************************************************************/ - -static void get_random_stream(unsigned char *data, size_t datasize) -{ - unsigned char index_i = hash[256]; - unsigned char index_j = hash[257]; - size_t ind; - - for( ind = 0; ind < datasize; ind++) { - unsigned char tc; - unsigned char t; - - index_i++; - index_j += hash[index_i]; - - tc = hash[index_i]; - hash[index_i] = hash[index_j]; - hash[index_j] = tc; - - t = hash[index_i] + hash[index_j]; - data[ind] = hash[t]; - } - - hash[256] = index_i; - hash[257] = index_j; -} - /**************************************************************** Get a 16 byte hash from the contents of a file. Note that the hash is not initialised. @@ -202,7 +147,7 @@ static int do_reseed(BOOL use_fd, int fd) seed_inbuf[i] ^= ((char *)(&reseed_data))[i % sizeof(reseed_data)]; } - seed_random_stream(seed_inbuf, sizeof(seed_inbuf)); + smb_arc4_init(smb_arc4_state, seed_inbuf, sizeof(seed_inbuf)); return -1; } @@ -246,7 +191,7 @@ void generate_random_buffer( unsigned char *out, int len) while(len > 0) { int copy_len = len > 16 ? 16 : len; - get_random_stream(md4_buf, sizeof(md4_buf)); + smb_arc4_crypt(smb_arc4_state, md4_buf, sizeof(md4_buf)); mdfour(tmp_buf, md4_buf, sizeof(md4_buf)); memcpy(p, tmp_buf, copy_len); p += copy_len; -- cgit From 0af1500fc0bafe61019f1b2ab1d9e1d369221240 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 3 Feb 2006 22:19:41 +0000 Subject: r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f) --- source3/lib/genrand.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index f37bbc9c2f..5b643bf297 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -114,14 +114,14 @@ static int do_reseed(BOOL use_fd, int fd) * seriously this will be secret. */ - pw = getpwnam_alloc("root"); + pw = getpwnam_alloc(NULL, "root"); if (pw && pw->pw_passwd) { size_t i; unsigned char md4_tmp[16]; mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd)); for (i=0;i<16;i++) seed_inbuf[8+i] ^= md4_tmp[i]; - passwd_free(&pw); + talloc_free(pw); } /* -- cgit From fb5362c069b5b6548478b2217a0519c56d856705 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 20 Feb 2006 17:59:58 +0000 Subject: r13571: Replace all calls to talloc_free() with thye TALLOC_FREE() macro which sets the freed pointer to NULL. (This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2) --- source3/lib/genrand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 5b643bf297..1897b86818 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -121,7 +121,7 @@ static int do_reseed(BOOL use_fd, int fd) mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd)); for (i=0;i<16;i++) seed_inbuf[8+i] ^= md4_tmp[i]; - talloc_free(pw); + TALLOC_FREE(pw); } /* -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/lib/genrand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 1897b86818..8766e0b9ce 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -7,7 +7,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, -- cgit From 5e54558c6dea67b56bbfaba5698f3a434d3dffb6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 00:52:41 +0000 Subject: r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07) --- source3/lib/genrand.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 8766e0b9ce..a08fe6719f 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -16,8 +16,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ #include "includes.h" -- cgit From 30191d1a5704ad2b158386b511558972d539ce47 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 18 Oct 2007 17:40:25 -0700 Subject: RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f) --- source3/lib/genrand.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/lib/genrand.c') diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index a08fe6719f..4590b812c5 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -24,7 +24,7 @@ static unsigned char smb_arc4_state[258]; static uint32 counter; -static BOOL done_reseed = False; +static bool done_reseed = False; static void (*reseed_callback)(int *newseed); /**************************************************************** @@ -86,7 +86,7 @@ static void do_filehash(const char *fname, unsigned char *the_hash) above... **************************************************************/ -static int do_reseed(BOOL use_fd, int fd) +static int do_reseed(bool use_fd, int fd) { unsigned char seed_inbuf[40]; uint32 v1, v2; struct timeval tval; pid_t mypid; -- cgit