sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Code
d759f4aa4b
samba-mirror/lib/util/genrand.h
Volker Lendecke e73ccc06ef Rely on /dev/urandom 
This removes quite a bit of code. All reasonable systems have /dev/urandom
these days. Linux, Solaris and the BSDs do.  In case we find a system
without /dev/urandom, we will have to go hunting in other libraries.

The main reason for this is speed: On Ubuntu 14.04 doing direct reads from
/dev/urandom is 2-3 times faster than our md4 based code. On virtualized
FreeBSD 10 the difference is even larger.

My first approach was to use fopen/fread. It was even faster, but less
than twice as fast. So I thought we could save the additional complexity
when having to deal with throwing away buffers when forking and the
additional memory footprint per process.

With this simple generate_random_buffer it will be easier to adapt new
syscalls to get randomness.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Oct 13 04:25:39 CEST 2015 on sn-devel-104
2015-10-13 04:25:38 +02:00

34 lines
1.2 KiB
C
Raw Blame History

/*
Unix SMB/CIFS implementation.
Functions to create reasonable random numbers for crypto use.
Copyright (C) Jeremy Allison 2001
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
Interface to the (hopefully) good crypto random number generator.
Will use our internal PRNG if more than 40 bytes of random generation
has been requested, otherwise tries to read from /dev/random
**/
void generate_random_buffer(uint8_t *out, int len);
/**
Interface to the (hopefully) good crypto random number generator.
Will always use /dev/urandom if available.
**/
void generate_secret_buffer(uint8_t *out, int len);
View Git Blame Copy Permalink