1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-07 17:18:11 +03:00
Commit Graph

25 Commits

Author SHA1 Message Date
Dmitry Antipov
cea9b25571 lib:util: prefer size_t for random data generation functions
Prefer 'size_t' over 'int' in generate_random_buffer(),
generate_secret_buffer() and generate_nonce_buffer() to
match an underlying gnutls_rnd() calls.

Signed-off-by: Dmitry Antipov <dantipov@cloudlinux.com>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2023-05-16 23:29:32 +00:00
Douglas Bagnall
9849e7440e util/genrand: don't ignore errors in random number generation
In this case it is probably better to crash out.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15103

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
2022-07-28 05:23:28 +00:00
Andreas Schneider
97c441d7c2 lib:util: Fix documentation for random number functions
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2019-08-14 15:07:24 +00:00
Andreas Schneider
bf52ab7d29 lib:util: Add better documentation for generate_secret_buffer()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-08-12 09:23:40 +00:00
Andreas Schneider
70ff216935 lib:util: Add generate_nonce_buffer()
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-08-12 09:23:39 +00:00
Andreas Schneider
664eed2e92 lib:util: Use GnuTLS random number generator in genrand.c
FIPS requires that a random number generator from a certified crypto
library is used.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Jul 18 01:30:20 UTC 2019 on sn-devel-184
2019-07-18 01:30:20 +00:00
Volker Lendecke
e73ccc06ef Rely on /dev/urandom
This removes quite a bit of code. All reasonable systems have /dev/urandom
these days. Linux, Solaris and the BSDs do.  In case we find a system
without /dev/urandom, we will have to go hunting in other libraries.

The main reason for this is speed: On Ubuntu 14.04 doing direct reads from
/dev/urandom is 2-3 times faster than our md4 based code. On virtualized
FreeBSD 10 the difference is even larger.

My first approach was to use fopen/fread. It was even faster, but less
than twice as fast. So I thought we could save the additional complexity
when having to deal with throwing away buffers when forking and the
additional memory footprint per process.

With this simple generate_random_buffer it will be easier to adapt new
syscalls to get randomness.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 13 04:25:39 CEST 2015 on sn-devel-104
2015-10-13 04:25:38 +02:00
Volker Lendecke
0934134d2e lib: Streamline genrand.c includes
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-06-23 22:12:08 +02:00
Volker Lendecke
95cd4b1708 lib: Fix whitespace
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-06-23 22:12:08 +02:00
Volker Lendecke
39a1894bf4 lib: Strip genrand.c a bit
This moves for example password complexity checks out of the core random
number generator

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-06-23 22:12:08 +02:00
Volker Lendecke
a2d6511f90 Fix signed/unsigned comparisons
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-07 00:12:07 +01:00
Volker Lendecke
c71d6ecbcb genrand: Slightly simplify do_reseed
The only caller set "use_fd" to "true".

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 14 20:29:56 CEST 2013 on sn-devel-104
2013-06-14 20:29:56 +02:00
Stefan Metzmacher
65f2bba559 lib/util: improve check_password_quality() to handle utf8
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-02-04 17:14:22 +01:00
Volker Lendecke
79fe4bbf73 s3: Fix the clustering build
ctdb_private.h already defines set_close_on_exec.

Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sat Dec 17 18:41:39 CET 2011 on sn-devel-104
2011-12-17 18:41:39 +01:00
Andrew Tridgell
d581c9d284 genrand: use set_close_on_exec()
this prevents a fd leak to child processes
2011-12-15 23:36:22 +01:00
Andrew Bartlett
6441a5b0b9 Explain why we don't use certain characters in the generated pw 2010-03-11 15:34:01 +11:00
Endi S. Dewata
a6253a45c0 lib/util - Removed curly braces from generate_random_password(). 2010-03-11 15:31:08 +11:00
Stefan Metzmacher
792dd38d7c lib/util: add generate_random_password()
metze
2010-02-26 08:57:28 +01:00
Andrew Tridgell
f49818e422 lib-util: check for too many combinations in generate_unique_strs() 2009-10-20 11:34:49 +11:00
Andrew Tridgell
d680729dfb util: fixed generate_unique_strs() to be portable
'place' was going negative, and giving undefined results. The result
was duplicate names which gave errors in SMB2-DIR on PPC and other
systems.
2009-10-19 22:47:45 +11:00
Günther Deschner
014a3a9926 lib/util: fix build warning.
Guenther
2009-09-25 15:19:07 +02:00
Steven Danneman
11bd19c007 lib/util: add unique string generator helper function 2009-09-08 13:43:06 -07:00
Tim Prouty
04c3dfde0f lib util: Fix const warning 2009-07-20 16:08:24 -07:00
Matthieu Patou
a817cff5a0 Fix broken password quality check
This fixes broken password tests when the passwords contain non ASCII characters
(e.g. accentuated chars like ('e, `e, ...)
2009-07-19 16:00:19 +02:00
Jelmer Vernooij
caa4e42860 Move lib/util from source4 to top-level libutil.
Conflicts:

	source4/Makefile
2008-10-11 21:05:38 +02:00