From 91adebe749beb0dc23cacaea316cb2b724776aad Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 13 Jun 2007 05:44:24 +0000 Subject: r23456: Update Samba4 to current lorikeet-heimdal. Andrew Bartlett (This used to be commit ae0f81ab235c72cceb120bcdeb051a483cf3cc4f) --- source4/heimdal/lib/hcrypto/rand.c | 215 +++++++++++++++++++++++++++++++++++++ 1 file changed, 215 insertions(+) create mode 100644 source4/heimdal/lib/hcrypto/rand.c (limited to 'source4/heimdal/lib/hcrypto/rand.c') diff --git a/source4/heimdal/lib/hcrypto/rand.c b/source4/heimdal/lib/hcrypto/rand.c new file mode 100644 index 0000000000..29f2d46dba --- /dev/null +++ b/source4/heimdal/lib/hcrypto/rand.c @@ -0,0 +1,215 @@ +/* + * Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +RCSID("$Id: rand.c 20126 2007-02-01 22:08:41Z lha $"); + +#include +#include +#include +#include + +#include + +#ifndef O_BINARY +#define O_BINARY 0 +#endif + + +const static RAND_METHOD *selected_meth = NULL; + +static void +init_method(void) +{ + if (selected_meth != NULL) + return; + + if ((*hc_rand_unix_method.status)() == 1) + selected_meth = &hc_rand_unix_method; + else + selected_meth = &hc_rand_fortuna_method; +} + +void +RAND_seed(const void *indata, size_t size) +{ + init_method(); + (*selected_meth->seed)(indata, size); +} + +int +RAND_bytes(void *outdata, size_t size) +{ + init_method(); + return (*selected_meth->bytes)(outdata, size); +} + +void +RAND_cleanup(void) +{ + init_method(); + (*selected_meth->cleanup)(); +} + +void +RAND_add(const void *indata, size_t size, double entropi) +{ + init_method(); + (*selected_meth->add)(indata, size, entropi); +} + +int +RAND_pseudo_bytes(void *outdata, size_t size) +{ + init_method(); + return (*selected_meth->pseudorand)(outdata, size); +} + +int +RAND_status(void) +{ + init_method(); + return (*selected_meth->status)(); +} + +int +RAND_set_rand_method(const RAND_METHOD *meth) +{ + selected_meth = meth; + return 1; +} + +const RAND_METHOD * +RAND_get_rand_method(void) +{ + return selected_meth; +} + +int +RAND_set_rand_engine(ENGINE *engine) +{ + return 1; +} + +#define RAND_FILE_SIZE 1024 + +int +RAND_load_file(const char *filename, size_t size) +{ + unsigned char buf[128]; + size_t len; + ssize_t slen; + int fd; + + fd = open(filename, O_RDONLY | O_BINARY, 0600); + if (fd < 0) + return 0; + + len = 0; + while(len < size) { + slen = read(fd, buf, sizeof(buf)); + if (slen <= 0) + break; + RAND_seed(buf, slen); + len += slen; + } + close(fd); + + return len ? 1 : 0; +} + +int +RAND_write_file(const char *filename) +{ + unsigned char buf[128]; + size_t len; + int res = 0, fd; + + fd = open(filename, O_WRONLY | O_CREAT | O_BINARY, 0600); + if (fd < 0) + return 0; + + len = 0; + while(len < RAND_FILE_SIZE) { + res = RAND_bytes(buf, sizeof(buf)); + if (res != 1) + break; + if (write(fd, buf, sizeof(buf)) != sizeof(buf)) { + res = 0; + break; + } + len += sizeof(buf); + } + + close(fd); + + return res; +} + +const char * +RAND_file_name(char *filename, size_t size) +{ + const char *e = NULL; + int pathp = 0, ret; + + if (!issuid()) { + e = getenv("RANDFILE"); + if (e == NULL) { + e = getenv("HOME"); + if (e) + pathp = 1; + } + } + if (e == NULL) { + struct passwd *pw = getpwuid(getuid()); + if (pw) { + e = pw->pw_dir; + pathp = 1; + } + } + if (e == NULL) + return NULL; + + if (pathp) + ret = snprintf(filename, size, "%s/.rnd", e); + else + ret = snprintf(filename, size, "%s", e); + + if (ret <= 0 || ret >= size) + return NULL; + + return filename; +} -- cgit From ec0035c9b8e0690f3bc21f3de089c39eae660916 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 3 Jul 2007 08:00:08 +0000 Subject: r23678: Update to current lorikeet-heimdal (-r 767), which should fix the panics on hosts without /dev/random. Andrew Bartlett (This used to be commit 14a4ddb131993fec72316f7e8e371638749e6f1f) --- source4/heimdal/lib/hcrypto/rand.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'source4/heimdal/lib/hcrypto/rand.c') diff --git a/source4/heimdal/lib/hcrypto/rand.c b/source4/heimdal/lib/hcrypto/rand.c index 29f2d46dba..248fdde620 100644 --- a/source4/heimdal/lib/hcrypto/rand.c +++ b/source4/heimdal/lib/hcrypto/rand.c @@ -35,7 +35,7 @@ #include #endif -RCSID("$Id: rand.c 20126 2007-02-01 22:08:41Z lha $"); +RCSID("$Id: rand.c 21198 2007-06-20 05:10:41Z lha $"); #include #include @@ -56,11 +56,7 @@ init_method(void) { if (selected_meth != NULL) return; - - if ((*hc_rand_unix_method.status)() == 1) - selected_meth = &hc_rand_unix_method; - else - selected_meth = &hc_rand_fortuna_method; + selected_meth = &hc_rand_fortuna_method; } void -- cgit From 9e6b0c28712ee77ce878809c8576826a3ba08d95 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 19 Mar 2008 10:17:42 +1100 Subject: Merge lorikeet-heimdal -r 787 into Samba4 tree. Andrew Bartlett (This used to be commit d88b530522d3cef67c24422bd5182fb875d87ee2) --- source4/heimdal/lib/hcrypto/rand.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'source4/heimdal/lib/hcrypto/rand.c') diff --git a/source4/heimdal/lib/hcrypto/rand.c b/source4/heimdal/lib/hcrypto/rand.c index 248fdde620..79dd39eb76 100644 --- a/source4/heimdal/lib/hcrypto/rand.c +++ b/source4/heimdal/lib/hcrypto/rand.c @@ -35,7 +35,7 @@ #include #endif -RCSID("$Id: rand.c 21198 2007-06-20 05:10:41Z lha $"); +RCSID("$Id: rand.c 22199 2007-12-07 13:43:25Z lha $"); #include #include @@ -189,13 +189,12 @@ RAND_file_name(char *filename, size_t size) pathp = 1; } } - if (e == NULL) { - struct passwd *pw = getpwuid(getuid()); - if (pw) { - e = pw->pw_dir; - pathp = 1; - } - } + /* + * Here we really want to call getpwuid(getuid()) but this will + * cause recursive lookups if the nss library uses + * gssapi/krb5/hcrypto to authenticate to the ldap servers. + */ + if (e == NULL) return NULL; -- cgit From a925f039ee382df0f3be434108416bab0d17e8c0 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 1 Aug 2008 07:08:51 +0200 Subject: heimdal: update to lorikeet-heimdal rev 801 metze (This used to be commit d6c54a66fb23c784ef221a3c1cf766b72bdb5a0b) --- source4/heimdal/lib/hcrypto/rand.c | 166 ++++++++++++++++++++++++++++++++++++- 1 file changed, 162 insertions(+), 4 deletions(-) (limited to 'source4/heimdal/lib/hcrypto/rand.c') diff --git a/source4/heimdal/lib/hcrypto/rand.c b/source4/heimdal/lib/hcrypto/rand.c index 79dd39eb76..1561f2ad39 100644 --- a/source4/heimdal/lib/hcrypto/rand.c +++ b/source4/heimdal/lib/hcrypto/rand.c @@ -35,7 +35,7 @@ #include #endif -RCSID("$Id: rand.c 22199 2007-12-07 13:43:25Z lha $"); +RCSID("$Id: rand.c 23464 2008-07-27 12:15:21Z lha $"); #include #include @@ -48,8 +48,14 @@ RCSID("$Id: rand.c 22199 2007-12-07 13:43:25Z lha $"); #define O_BINARY 0 #endif +/** + * @page page_rand RAND - random number + * + * See the library functions here: @ref hcrypto_rand + */ const static RAND_METHOD *selected_meth = NULL; +static ENGINE *selected_engine = NULL; static void init_method(void) @@ -59,6 +65,16 @@ init_method(void) selected_meth = &hc_rand_fortuna_method; } +/** + * Seed that random number generator. Secret material can securely be + * feed into the function, they will never be returned. + * + * @param indata seed data + * @param size length seed data + * + * @ingroup hcrypto_rand + */ + void RAND_seed(const void *indata, size_t size) { @@ -66,6 +82,16 @@ RAND_seed(const void *indata, size_t size) (*selected_meth->seed)(indata, size); } +/** + * Get a random block from the random generator, can be used for key material. + * + * @param outdata random data + * @param size length random data + * + * @return 1 on success, 0 on failure. + * + * @ingroup hcrypto_rand + */ int RAND_bytes(void *outdata, size_t size) { @@ -73,13 +99,39 @@ RAND_bytes(void *outdata, size_t size) return (*selected_meth->bytes)(outdata, size); } +/** + * Reset and free memory used by the random generator. + * + * @ingroup hcrypto_rand + */ + void RAND_cleanup(void) { - init_method(); - (*selected_meth->cleanup)(); + const RAND_METHOD *meth = selected_meth; + ENGINE *engine = selected_engine; + + selected_meth = NULL; + selected_engine = NULL; + + if (meth) + (*meth->cleanup)(); + if (engine) + ENGINE_finish(engine); } +/** + * Seed that random number generator. Secret material can securely be + * feed into the function, they will never be returned. + * + * @param indata the input data. + * @param size size of in data. + * @param entropi entropi in data. + * + * + * @ingroup hcrypto_rand + */ + void RAND_add(const void *indata, size_t size, double entropi) { @@ -87,6 +139,17 @@ RAND_add(const void *indata, size_t size, double entropi) (*selected_meth->add)(indata, size, entropi); } +/** + * Get a random block from the random generator, should NOT be used for key material. + * + * @param outdata random data + * @param size length random data + * + * @return 1 on success, 0 on failure. + * + * @ingroup hcrypto_rand + */ + int RAND_pseudo_bytes(void *outdata, size_t size) { @@ -94,6 +157,14 @@ RAND_pseudo_bytes(void *outdata, size_t size) return (*selected_meth->pseudorand)(outdata, size); } +/** + * Return status of the random generator + * + * @return 1 if the random generator can deliver random data. + * + * @ingroup hcrypto_rand + */ + int RAND_status(void) { @@ -101,27 +172,92 @@ RAND_status(void) return (*selected_meth->status)(); } +/** + * Set the default random method. + * + * @param meth set the new default method. + * + * @return 1 on success. + * + * @ingroup hcrypto_rand + */ + int RAND_set_rand_method(const RAND_METHOD *meth) { + const RAND_METHOD *old = selected_meth; selected_meth = meth; + if (old) + (*old->cleanup)(); + if (selected_engine) { + ENGINE_finish(selected_engine); + selected_engine = NULL; + } return 1; } +/** + * Get the default random method. + * + * @ingroup hcrypto_rand + */ + const RAND_METHOD * RAND_get_rand_method(void) { + init_method(); return selected_meth; } +/** + * Set the default random method from engine. + * + * @param engine use engine, if NULL is passed it, old method and engine is cleared. + * + * @return 1 on success, 0 on failure. + * + * @ingroup hcrypto_rand + */ + int RAND_set_rand_engine(ENGINE *engine) { + const RAND_METHOD *meth, *old = selected_meth; + + if (engine) { + ENGINE_up_ref(engine); + meth = ENGINE_get_RAND(engine); + if (meth == NULL) { + ENGINE_finish(engine); + return 0; + } + } else { + meth = NULL; + } + + if (old) + (*old->cleanup)(); + + if (selected_engine) + ENGINE_finish(selected_engine); + + selected_engine = engine; + selected_meth = meth; + return 1; } #define RAND_FILE_SIZE 1024 +/** + * Load a a file and feed it into RAND_seed(). + * + * @param filename name of file to read. + * @param size minimum size to read. + * + * @ingroup hcrypto_rand + */ + int RAND_load_file(const char *filename, size_t size) { @@ -133,7 +269,7 @@ RAND_load_file(const char *filename, size_t size) fd = open(filename, O_RDONLY | O_BINARY, 0600); if (fd < 0) return 0; - + rk_cloexec(fd); len = 0; while(len < size) { slen = read(fd, buf, sizeof(buf)); @@ -147,6 +283,15 @@ RAND_load_file(const char *filename, size_t size) return len ? 1 : 0; } +/** + * Write of random numbers to a file to store for later initiation with RAND_load_file(). + * + * @param filename name of file to write. + * + * @return 1 on success and non-one on failure. + * @ingroup hcrypto_rand + */ + int RAND_write_file(const char *filename) { @@ -157,6 +302,7 @@ RAND_write_file(const char *filename) fd = open(filename, O_WRONLY | O_CREAT | O_BINARY, 0600); if (fd < 0) return 0; + rk_cloexec(fd); len = 0; while(len < RAND_FILE_SIZE) { @@ -175,6 +321,18 @@ RAND_write_file(const char *filename) return res; } +/** + * Return the default random state filename for a user to use for + * RAND_load_file(), and RAND_write_file(). + * + * @param filename buffer to hold file name. + * @param size size of buffer filename. + * + * @return the buffer filename or NULL on failure. + * + * @ingroup hcrypto_rand + */ + const char * RAND_file_name(char *filename, size_t size) { -- cgit From 243321b4bbe273cf3a9105ca132caa2b53e2f263 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 26 Aug 2008 19:35:52 +0200 Subject: heimdal: import heimdal's trunk svn rev 23697 + lorikeet-heimdal patches This is based on f56a3b1846c7d462542f2e9527f4d0ed8a34748d in my heimdal-wip repo. metze (This used to be commit 467a1f2163a63cdf1a4c83a69473db50e8794f53) --- source4/heimdal/lib/hcrypto/rand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/heimdal/lib/hcrypto/rand.c') diff --git a/source4/heimdal/lib/hcrypto/rand.c b/source4/heimdal/lib/hcrypto/rand.c index 1561f2ad39..4278300325 100644 --- a/source4/heimdal/lib/hcrypto/rand.c +++ b/source4/heimdal/lib/hcrypto/rand.c @@ -35,7 +35,7 @@ #include #endif -RCSID("$Id: rand.c 23464 2008-07-27 12:15:21Z lha $"); +RCSID("$Id$"); #include #include -- cgit