diff options
| author | Volker Lendecke <vl@samba.org> | 2015-10-02 00:27:22 +0200 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2015-10-13 04:25:38 +0200 |
| commit | e73ccc06efc3b489cac33e99b2cb86e022aabd7f (patch) | |
| tree | f18c65e4950d2c96bbc60fc04ae60802a12185c2 /source4 | |
| parent | 5380f7b63648e505d6da25dc75d2487658998fdb (diff) | |
| download | samba-e73ccc06efc3b489cac33e99b2cb86e022aabd7f.tar.gz | |
Rely on /dev/urandom
This removes quite a bit of code. All reasonable systems have /dev/urandom
these days. Linux, Solaris and the BSDs do. In case we find a system
without /dev/urandom, we will have to go hunting in other libraries.
The main reason for this is speed: On Ubuntu 14.04 doing direct reads from
/dev/urandom is 2-3 times faster than our md4 based code. On virtualized
FreeBSD 10 the difference is even larger.
My first approach was to use fopen/fread. It was even faster, but less
than twice as fast. So I thought we could save the additional complexity
when having to deal with throwing away buffers when forking and the
additional memory footprint per process.
With this simple generate_random_buffer it will be easier to adapt new
syscalls to get randomness.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 13 04:25:39 CEST 2015 on sn-devel-104
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/param/secrets.c | 53 | ||||
| -rw-r--r-- | source4/param/secrets.h | 8 | ||||
| -rw-r--r-- | source4/smbd/process_standard.c | 6 | ||||
| -rw-r--r-- | source4/smbd/server.c | 6 |
4 files changed, 0 insertions, 73 deletions
diff --git a/source4/param/secrets.c b/source4/param/secrets.c index 92e338a6bab..987408829ea 100644 --- a/source4/param/secrets.c +++ b/source4/param/secrets.c @@ -33,59 +33,6 @@ #include "dsdb/samdb/samdb.h" /** - * Use a TDB to store an incrementing random seed. - * - * Initialised to the current pid, the very first time Samba starts, - * and incremented by one each time it is needed. - * - * @note Not called by systems with a working /dev/urandom. - */ -static void get_rand_seed(struct tdb_wrap *secretsdb, int *new_seed) -{ - *new_seed = getpid(); - if (secretsdb != NULL) { - tdb_change_int32_atomic(secretsdb->tdb, "INFO/random_seed", new_seed, 1); - } -} - -/** - * open up the randseed database and set the random number generator callback - */ -bool randseed_init(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx) -{ - char *fname; - uint8_t dummy; - struct tdb_wrap *tdb; - - fname = lpcfg_private_path(mem_ctx, lp_ctx, "randseed.tdb"); - - tdb = tdb_wrap_open(mem_ctx, fname, - lpcfg_tdb_hash_size(lp_ctx, fname), - lpcfg_tdb_flags(lp_ctx, TDB_DEFAULT), - O_RDWR|O_CREAT, 0600); - - if (!tdb) { - DEBUG(0,("Failed to open %s\n", fname)); - talloc_free(fname); - return false; - } - talloc_free(fname); - - /** - * Set a reseed function for the crypto random generator - * - * This avoids a problem where systems without /dev/urandom - * could send the same challenge to multiple clients - */ - set_rand_reseed_callback((void (*) (void *, int *))get_rand_seed, tdb); - - /* Ensure that the reseed is done now, while we are root, etc */ - generate_random_buffer(&dummy, sizeof(dummy)); - - return true; -} - -/** connect to the secrets ldb */ struct ldb_context *secrets_db_connect(TALLOC_CTX *mem_ctx, diff --git a/source4/param/secrets.h b/source4/param/secrets.h index 1e7849f9788..015ea120041 100644 --- a/source4/param/secrets.h +++ b/source4/param/secrets.h @@ -28,14 +28,6 @@ #define SECRETS_PRINCIPAL_SEARCH "(&(|(realm=%s)(flatname=%s))(servicePrincipalName=%s))" #define SECRETS_LDAP_FILTER "(&(objectclass=ldapSecret)(cn=SAMDB Credentials))" -/** - * Use a TDB to store an incrementing random seed. - * - * Initialised to the current pid, the very first time Samba starts, - * and incremented by one each time it is needed. - * - * @note Not called by systems with a working /dev/urandom. - */ struct loadparm_context; struct tevent_context; struct ldb_message; diff --git a/source4/smbd/process_standard.c b/source4/smbd/process_standard.c index b55a1a7f309..d223776d0e9 100644 --- a/source4/smbd/process_standard.c +++ b/source4/smbd/process_standard.c @@ -277,9 +277,6 @@ static void standard_accept_connection(struct tevent_context *ev, child_pipe[1] = -1; } - /* Ensure that the forked children do not expose identical random streams */ - set_need_random_reseed(); - /* setup the process title */ c = socket_get_peer_addr(sock2, ev); s = socket_get_my_addr(sock2, ev); @@ -356,9 +353,6 @@ static void standard_new_task(struct tevent_context *ev, child_pipe[1] = -1; } - /* Ensure that the forked children do not expose identical random streams */ - set_need_random_reseed(); - setproctitle("task %s server_id[%d]", service_name, (int)pid); /* setup this new task. Cluster ID is PID based for this process model */ diff --git a/source4/smbd/server.c b/source4/smbd/server.c index b0f67c97f07..cb1a20b4ecc 100644 --- a/source4/smbd/server.c +++ b/source4/smbd/server.c @@ -392,12 +392,6 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ pidfile_create(lpcfg_pid_directory(cmdline_lp_ctx), binary_name); - /* Set up a database to hold a random seed, in case we don't - * have /dev/urandom */ - if (!randseed_init(talloc_autofree_context(), cmdline_lp_ctx)) { - return 1; - } - if (lpcfg_server_role(cmdline_lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) { if (!open_schannel_session_store(talloc_autofree_context(), cmdline_lp_ctx)) { exit_daemon("Samba cannot open schannel store for secured NETLOGON operations.", EACCES); |