diff options
| author | Douglas Bagnall <douglas.bagnall@catalyst.net.nz> | 2019-08-05 00:10:53 +1200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2022-07-28 05:23:28 +0000 |
| commit | 9849e7440e30853c61a80ce1f11b7b244ed766fe (patch) | |
| tree | 8bf0fca7b758f2229dd5f6b3034d8dfff84b47cc /lib/util | |
| parent | 4286e359b359b9ce07fb3a1c377b1803885c37b6 (diff) | |
| download | samba-9849e7440e30853c61a80ce1f11b7b244ed766fe.tar.gz | |
util/genrand: don't ignore errors in random number generation
In this case it is probably better to crash out.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15103
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'lib/util')
| -rw-r--r-- | lib/util/genrand.c | 29 | ||||
| -rw-r--r-- | lib/util/wscript_build | 2 |
2 files changed, 27 insertions, 4 deletions
diff --git a/lib/util/genrand.c b/lib/util/genrand.c index 18ffa0d95e6..fd6f457d27d 100644 --- a/lib/util/genrand.c +++ b/lib/util/genrand.c @@ -20,6 +20,7 @@ */ #include "replace.h" +#include "lib/util/fault.h" #include "lib/util/genrand.h" #include <gnutls/gnutls.h> @@ -31,10 +32,26 @@ * https://nikmav.blogspot.com/2017/03/improving-by-simplifying-gnutls-prng.html */ + +_NORETURN_ static void genrand_panic(int err, + const char *location, + const char *func) +{ + char buf[200]; + snprintf(buf, sizeof(buf), + "%s:%s: GnuTLS could not generate a random buffer: %s [%d]\n", + location, func, gnutls_strerror_name(err), err); + smb_panic(buf); +} + + _PUBLIC_ void generate_random_buffer(uint8_t *out, int len) { /* Random number generator for temporary keys. */ - gnutls_rnd(GNUTLS_RND_RANDOM, out, len); + int ret = gnutls_rnd(GNUTLS_RND_RANDOM, out, len); + if (ret != 0) { + genrand_panic(ret, __location__, __func__); + } } _PUBLIC_ void generate_secret_buffer(uint8_t *out, int len) @@ -48,7 +65,10 @@ _PUBLIC_ void generate_secret_buffer(uint8_t *out, int len) * the limit for a re-seed. For its re-seed it mixes mixes data obtained * from the OS random device with the previous key. */ - gnutls_rnd(GNUTLS_RND_KEY, out, len); + int ret = gnutls_rnd(GNUTLS_RND_KEY, out, len); + if (ret != 0) { + genrand_panic(ret, __location__, __func__); + } } _PUBLIC_ void generate_nonce_buffer(uint8_t *out, int len) @@ -60,5 +80,8 @@ _PUBLIC_ void generate_nonce_buffer(uint8_t *out, int len) * bytes (typically few megabytes), or after few hours of operation * without reaching the limit has passed. */ - gnutls_rnd(GNUTLS_RND_NONCE, out, len); + int ret = gnutls_rnd(GNUTLS_RND_NONCE, out, len); + if (ret != 0) { + genrand_panic(ret, __location__, __func__); + } } diff --git a/lib/util/wscript_build b/lib/util/wscript_build index df235c13a70..d26aa4e5843 100644 --- a/lib/util/wscript_build +++ b/lib/util/wscript_build @@ -143,7 +143,7 @@ bld.SAMBA_LIBRARY('msghdr', bld.SAMBA_LIBRARY('genrand', source='genrand.c', - deps='replace gnutls', + deps='replace gnutls smb-panic', local_include=False, private_library=True) |