Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 20 Jan 2002 19:55:31 +0000
From:      Mark Murray <mark@grondar.za>
To:        "Andrey A. Chernov" <ache@nagual.pp.ru>
Cc:        des@freebsd.org, current@freebsd.org
Subject:   Re: Step1, pam_unix srandomdev fix for review 
Message-ID:  <200201201955.g0KJtVt32805@grimreaper.grondar.org>
In-Reply-To: <20020120185334.GA23348@nagual.pp.ru> ; from "Andrey A. Chernov" <ache@nagual.pp.ru>  "Sun, 20 Jan 2002 21:53:34 %2B0300."
References:  <20020120185334.GA23348@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 
> Bug:
> srandomdev() can't be used in libraries because it touch internal RNG
> state which may be used by user program which not want true randomness but
> pseudo one.
> 
> Fix:
> srandomdev() removed, random() replaced by arc4random() which initialize 
> itself from true randomness automatically.

This works, but strikes me as overkill. This is salt, not cryptographic
randomness, so 'srandom(junk)' is most likely better as a replacement
for srandomdev() (where 'junk' can be time(), pid or anything similar).

Salt's purpose is to make pre-computing a dictionary infeasable from
the pure space perspective.

M

> --- pam_unix.c.old	Sat Jan 19 21:29:49 2002
> +++ pam_unix.c	Sun Jan 20 21:42:47 2002
> @@ -502,15 +502,14 @@
>  		syslog(LOG_ERR, "cannot set password cipher");
>  	login_close(lc);
>  	/* Salt suitable for anything */
> -	srandomdev();
>  	gettimeofday(&tv, 0);
> -	to64(&salt[0], random(), 3);
> +	to64(&salt[0], arc4random(), 3);
>  	to64(&salt[3], tv.tv_usec, 3);
>  	to64(&salt[6], tv.tv_sec, 2);
> -	to64(&salt[8], random(), 5);
> -	to64(&salt[13], random(), 5);
> -	to64(&salt[17], random(), 5);
> -	to64(&salt[22], random(), 5);
> +	to64(&salt[8], arc4random(), 5);
> +	to64(&salt[13], arc4random(), 5);
> +	to64(&salt[17], arc4random(), 5);
> +	to64(&salt[22], arc4random(), 5);
>  	salt[27] = '\0';
>  
>  	pwd->pw_passwd = crypt(pass, salt);
> @@ -596,15 +595,14 @@
>  		syslog(LOG_ERR, "cannot set password cipher");
>  	login_close(lc);
>  	/* Salt suitable for anything */
> -	srandomdev();
>  	gettimeofday(&tv, 0);
> -	to64(&salt[0], random(), 3);
> +	to64(&salt[0], arc4random(), 3);
>  	to64(&salt[3], tv.tv_usec, 3);
>  	to64(&salt[6], tv.tv_sec, 2);
> -	to64(&salt[8], random(), 5);
> -	to64(&salt[13], random(), 5);
> -	to64(&salt[17], random(), 5);
> -	to64(&salt[22], random(), 5);
> +	to64(&salt[8], arc4random(), 5);
> +	to64(&salt[13], arc4random(), 5);
> +	to64(&salt[17], arc4random(), 5);
> +	to64(&salt[22], arc4random(), 5);
>  	salt[27] = '\0';
>  
>  	if (suser_override)
> -- 
> Andrey A. Chernov
> http://ache.pp.ru/
-- 
o       Mark Murray
\_      FreeBSD Services Limited
O.\_    Warning: this .sig is umop ap!sdn

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201201955.g0KJtVt32805>