関数 | |
void | set_rand_reseed_callback (void(*fn)(int *)) |
void | set_need_random_reseed (void) |
static void | get_rand_reseed_data (int *reseed_data) |
static void | do_filehash (const char *fname, unsigned char *the_hash) |
static int | do_reseed (BOOL use_fd, int fd) |
void | generate_random_buffer (unsigned char *out, int len) |
char * | generate_random_str (size_t len) |
変数 | |
static unsigned char | smb_arc4_state [258] |
static uint32 | counter |
static BOOL | done_reseed = False |
static void(*) | reseed_callback (int *newseed) |
static char | c_list [] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.," |
void set_rand_reseed_callback | ( | void(*)(int *) | fn | ) |
参照先 reseed_callback・set_need_random_reseed().
参照元 secrets_init().
00036 { 00037 reseed_callback = fn; 00038 set_need_random_reseed(); 00039 }
void set_need_random_reseed | ( | void | ) |
参照先 done_reseed.
参照元 open_sockets_smbd()・set_rand_reseed_callback().
00042 { 00043 done_reseed = False; 00044 }
static void get_rand_reseed_data | ( | int * | reseed_data | ) | [static] |
参照先 reseed_callback.
参照元 do_reseed().
00047 { 00048 if (reseed_callback) { 00049 reseed_callback(reseed_data); 00050 } else { 00051 *reseed_data = 0; 00052 } 00053 }
static void do_filehash | ( | const char * | fname, | |
unsigned char * | the_hash | |||
) | [static] |
参照先 buf・fd・mdfour()・sys_open().
参照元 do_reseed().
00061 { 00062 unsigned char buf[1011]; /* deliberate weird size */ 00063 unsigned char tmp_md4[16]; 00064 int fd, n; 00065 00066 fd = sys_open(fname,O_RDONLY,0); 00067 if (fd == -1) 00068 return; 00069 00070 while ((n = read(fd, (char *)buf, sizeof(buf))) > 0) { 00071 mdfour(tmp_md4, buf, n); 00072 for (n=0;n<16;n++) 00073 the_hash[n] ^= tmp_md4[n]; 00074 } 00075 close(fd); 00076 }
static int do_reseed | ( | BOOL | use_fd, | |
int | fd | |||
) | [static] |
参照先 counter・do_filehash()・get_rand_reseed_data()・getpwnam_alloc()・GetTimeOfDay()・mdfour()・mypid・smb_arc4_init()・smb_arc4_state・sys_getpid()・sys_open().
00091 { 00092 unsigned char seed_inbuf[40]; 00093 uint32 v1, v2; struct timeval tval; pid_t mypid; 00094 struct passwd *pw; 00095 int reseed_data = 0; 00096 00097 if (use_fd) { 00098 if (fd != -1) 00099 return fd; 00100 00101 fd = sys_open( "/dev/urandom", O_RDONLY,0); 00102 if(fd >= 0) 00103 return fd; 00104 } 00105 00106 /* Add in some secret file contents */ 00107 00108 do_filehash("/etc/shadow", &seed_inbuf[0]); 00109 do_filehash(lp_smb_passwd_file(), &seed_inbuf[16]); 00110 00111 /* 00112 * Add in the root encrypted password. 00113 * On any system where security is taken 00114 * seriously this will be secret. 00115 */ 00116 00117 pw = getpwnam_alloc(NULL, "root"); 00118 if (pw && pw->pw_passwd) { 00119 size_t i; 00120 unsigned char md4_tmp[16]; 00121 mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd)); 00122 for (i=0;i<16;i++) 00123 seed_inbuf[8+i] ^= md4_tmp[i]; 00124 TALLOC_FREE(pw); 00125 } 00126 00127 /* 00128 * Add the counter, time of day, and pid. 00129 */ 00130 00131 GetTimeOfDay(&tval); 00132 mypid = sys_getpid(); 00133 v1 = (counter++) + mypid + tval.tv_sec; 00134 v2 = (counter++) * mypid + tval.tv_usec; 00135 00136 SIVAL(seed_inbuf, 32, v1 ^ IVAL(seed_inbuf, 32)); 00137 SIVAL(seed_inbuf, 36, v2 ^ IVAL(seed_inbuf, 36)); 00138 00139 /* 00140 * Add any user-given reseed data. 00141 */ 00142 00143 get_rand_reseed_data(&reseed_data); 00144 if (reseed_data) { 00145 size_t i; 00146 for (i = 0; i < sizeof(seed_inbuf); i++) 00147 seed_inbuf[i] ^= ((char *)(&reseed_data))[i % sizeof(reseed_data)]; 00148 } 00149 00150 smb_arc4_init(smb_arc4_state, seed_inbuf, sizeof(seed_inbuf)); 00151 00152 return -1; 00153 }
void generate_random_buffer | ( | unsigned char * | out, | |
int | len | |||
) |
参照先 do_reseed()・done_reseed・mdfour()・smb_arc4_crypt()・smb_arc4_state.
参照元 _net_req_chal()・afs_createtoken()・encode_pw_buffer()・faked_create_user()・generate_random_sid()・generate_random_str()・get_challenge()・get_ntlm_challenge()・GUID_random()・LMv2_generate_response()・main()・netdom_join_domain()・ntlmssp_client_challenge()・NTLMv2_generate_client_data()・pdb_nds_update_login_attempts()・pdb_set_plaintext_passwd()・py_auth_crap()・py_auth_smbd()・rpccli_netlogon_sam_logon()・rpccli_netlogon_setup_creds()・rw_torture2()・secrets_init()・smb_uuid_generate_random()・wbinfo_auth_crap()・wcache_save_creds()・winbindd_dual_pam_auth_samlogon().
00160 { 00161 static int urand_fd = -1; 00162 unsigned char md4_buf[64]; 00163 unsigned char tmp_buf[16]; 00164 unsigned char *p; 00165 00166 if(!done_reseed) { 00167 urand_fd = do_reseed(True, urand_fd); 00168 done_reseed = True; 00169 } 00170 00171 if (urand_fd != -1 && len > 0) { 00172 00173 if (read(urand_fd, out, len) == len) 00174 return; /* len bytes of random data read from urandom. */ 00175 00176 /* Read of urand error, drop back to non urand method. */ 00177 close(urand_fd); 00178 urand_fd = -1; 00179 do_reseed(False, -1); 00180 done_reseed = True; 00181 } 00182 00183 /* 00184 * Generate random numbers in chunks of 64 bytes, 00185 * then md4 them & copy to the output buffer. 00186 * This way the raw state of the stream is never externally 00187 * seen. 00188 */ 00189 00190 p = out; 00191 while(len > 0) { 00192 int copy_len = len > 16 ? 16 : len; 00193 00194 smb_arc4_crypt(smb_arc4_state, md4_buf, sizeof(md4_buf)); 00195 mdfour(tmp_buf, md4_buf, sizeof(md4_buf)); 00196 memcpy(p, tmp_buf, copy_len); 00197 p += copy_len; 00198 len -= copy_len; 00199 } 00200 }
char* generate_random_str | ( | size_t | len | ) |
参照元 ads_change_trust_account_password()・net_ads_join()・net_rpc_join_newstyle()・trust_pw_change_and_store_it().
00209 { 00210 static unsigned char retstr[256]; 00211 size_t i; 00212 00213 memset(retstr, '\0', sizeof(retstr)); 00214 00215 if (len > sizeof(retstr)-1) 00216 len = sizeof(retstr) -1; 00217 generate_random_buffer( retstr, len); 00218 for (i = 0; i < len; i++) 00219 retstr[i] = c_list[ retstr[i] % (sizeof(c_list)-1) ]; 00220 00221 retstr[i] = '\0'; 00222 00223 return (char *)retstr; 00224 }
unsigned char smb_arc4_state[258] [static] |
uint32 counter [static] |
BOOL done_reseed = False [static] |
void(*) reseed_callback(int *newseed) [static] |
char c_list[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+_-#.," [static] |