From owner-freebsd-current Sun Jan 20 11:59:29 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 8578737B404; Sun, 20 Jan 2002 11:59:25 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0KJxKi89835; Sun, 20 Jan 2002 19:59:20 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0KJtVt32805; Sun, 20 Jan 2002 19:55:31 GMT (envelope-from mark@grondar.za) Message-Id: <200201201955.g0KJtVt32805@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step1, pam_unix srandomdev fix for review References: <20020120185334.GA23348@nagual.pp.ru> In-Reply-To: <20020120185334.GA23348@nagual.pp.ru> ; from "Andrey A. Chernov" "Sun, 20 Jan 2002 21:53:34 +0300." Date: Sun, 20 Jan 2002 19:55:31 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Bug: > srandomdev() can't be used in libraries because it touch internal RNG > state which may be used by user program which not want true randomness but > pseudo one. > > Fix: > srandomdev() removed, random() replaced by arc4random() which initialize > itself from true randomness automatically. This works, but strikes me as overkill. This is salt, not cryptographic randomness, so 'srandom(junk)' is most likely better as a replacement for srandomdev() (where 'junk' can be time(), pid or anything similar). Salt's purpose is to make pre-computing a dictionary infeasable from the pure space perspective. M > --- pam_unix.c.old Sat Jan 19 21:29:49 2002 > +++ pam_unix.c Sun Jan 20 21:42:47 2002 > @@ -502,15 +502,14 @@ > syslog(LOG_ERR, "cannot set password cipher"); > login_close(lc); > /* Salt suitable for anything */ > - srandomdev(); > gettimeofday(&tv, 0); > - to64(&salt[0], random(), 3); > + to64(&salt[0], arc4random(), 3); > to64(&salt[3], tv.tv_usec, 3); > to64(&salt[6], tv.tv_sec, 2); > - to64(&salt[8], random(), 5); > - to64(&salt[13], random(), 5); > - to64(&salt[17], random(), 5); > - to64(&salt[22], random(), 5); > + to64(&salt[8], arc4random(), 5); > + to64(&salt[13], arc4random(), 5); > + to64(&salt[17], arc4random(), 5); > + to64(&salt[22], arc4random(), 5); > salt[27] = '\0'; > > pwd->pw_passwd = crypt(pass, salt); > @@ -596,15 +595,14 @@ > syslog(LOG_ERR, "cannot set password cipher"); > login_close(lc); > /* Salt suitable for anything */ > - srandomdev(); > gettimeofday(&tv, 0); > - to64(&salt[0], random(), 3); > + to64(&salt[0], arc4random(), 3); > to64(&salt[3], tv.tv_usec, 3); > to64(&salt[6], tv.tv_sec, 2); > - to64(&salt[8], random(), 5); > - to64(&salt[13], random(), 5); > - to64(&salt[17], random(), 5); > - to64(&salt[22], random(), 5); > + to64(&salt[8], arc4random(), 5); > + to64(&salt[13], arc4random(), 5); > + to64(&salt[17], arc4random(), 5); > + to64(&salt[22], arc4random(), 5); > salt[27] = '\0'; > > if (suser_override) > -- > Andrey A. Chernov > http://ache.pp.ru/ -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message