| From: | Jeffrey Walton <noloader(at)gmail(dot)com> |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | postmaster.c and random keys/salts |
| Date: | 2013-11-13 08:23:29 |
| Message-ID: | CAH8yC8=7h7aRJVMCjaxkNCDuntywa7fKfFmFR7J0JXJBmy0zmw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following is used to key a channel (it appears to be used in the
AUTH_REQ_MD5 in fe-auth.c).
Four bytes is a tad bit small, and time based does not leave much to
the imagination. Also, it looks like its susceptible to VM roillbacks.
**********
static void
RandomSalt(char *md5Salt)
{
long rand;
/*
* We use % 255, sacrificing one possible byte value, so as to ensure that
* all bits of the random() value participate in the result. While at it,
* add one to avoid generating any null bytes.
*/
rand = PostmasterRandom();
md5Salt[0] = (rand % 255) + 1;
rand = PostmasterRandom();
md5Salt[1] = (rand % 255) + 1;
rand = PostmasterRandom();
md5Salt[2] = (rand % 255) + 1;
rand = PostmasterRandom();
md5Salt[3] = (rand % 255) + 1;
}
/*
* PostmasterRandom
*/
static long
PostmasterRandom(void)
{
/*
* Select a random seed at the time of first receiving a request.
*/
if (random_seed == 0)
{
do
{
struct timeval random_stop_time;
gettimeofday(&random_stop_time, NULL);
/*
* We are not sure how much precision is in tv_usec, so we swap
* the high and low 16 bits of 'random_stop_time' and XOR them
* with 'random_start_time'. On the off chance that the result is
* 0, we loop until it isn't.
*/
random_seed = random_start_time.tv_usec ^
((random_stop_time.tv_usec << 16) |
((random_stop_time.tv_usec >> 16) & 0xffff));
}
while (random_seed == 0);
srandom(random_seed);
}
return random();
}
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeffrey Walton | 2013-11-13 08:40:01 | Use of MD5 |
| Previous Message | Jeffrey Walton | 2013-11-13 07:52:35 | be-secure.c and SSL/TLS |